[src/netbsd-10]: src/usr.sbin/npf Pull up following revision(s) (requested by...

[martin <martin%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/44b405697b4f
branches:  netbsd-10
changeset: 373893:44b405697b4f
user:      martin <martin%NetBSD.org@localhost>
date:      Tue Mar 14 17:02:57 2023 +0000

description:
Pull up following revision(s) (requested by kardel in ticket #118):

        usr.sbin/npf/npf-params.7: revision 1.9
        sys/net/npf/npf_params.c: revision 1.6

PR kern/55654:

Switch default for parameter npf ip4.reassembly to 1.

This makes the NPF default configuration comply with host
requirements for IPv4.

diffstat:

 sys/net/npf/npf_params.c  |  4 ++--
 usr.sbin/npf/npf-params.7 |  8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diffs (45 lines):

diff -r 519b4596bf1a -r 44b405697b4f sys/net/npf/npf_params.c
--- a/sys/net/npf/npf_params.c  Mon Mar 13 21:40:40 2023 +0000
+++ b/sys/net/npf/npf_params.c  Tue Mar 14 17:02:57 2023 +0000
@@ -26,7 +26,7 @@
 
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_params.c,v 1.5 2022/04/28 17:28:15 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_params.c,v 1.5.4.1 2023/03/14 17:02:58 martin Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -56,7 +56,7 @@
                {
                        "ip4.reassembly",
                        &npf->ip4_reassembly,
-                       .default_val = 0, // false
+                       .default_val = 1, // true - host requirements
                        .min = 0, .max = 1
                },
                {
diff -r 519b4596bf1a -r 44b405697b4f usr.sbin/npf/npf-params.7
--- a/usr.sbin/npf/npf-params.7 Mon Mar 13 21:40:40 2023 +0000
+++ b/usr.sbin/npf/npf-params.7 Tue Mar 14 17:02:57 2023 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: npf-params.7,v 1.8 2020/12/17 05:33:06 taca Exp $
+.\" $NetBSD: npf-params.7,v 1.8.6.1 2023/03/14 17:02:57 martin Exp $
 .\"
 .\" Copyright (c) 2019 Mindaugas Rasiukevicius <rmind at netbsd org>
 .\" All rights reserved.
@@ -60,11 +60,11 @@
 .It Li ip4.reassembly
 Perform IPv4 reassembly before inspecting the packet.
 Fragmentation is considered very harmful, so most networks are expected
-to prevent it; therefore, reassembly is disabled by default.
+to prevent it; reassembly is enabled by default.
 However, while the packet should generally be reassembled at the receiver,
-reassembly by the packet filter might be necessary in order to perform state
+reassembly by the packet filter may be necessary in order to perform state
 tracking.
-Default: 0.
+Default: 1.
 .It Li ip6.reassembly
 Perform IPv6 reassembly before inspecting the packet.
 Discouraged in general but not prohibited by RFC 8200.