upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-03 20:49:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys
History
Zhenlei Huang 3965be101c pf: Convert PF_DEFAULT_TO_DROP into a vnet loader tunable 'net.pf.default_to_drop' 
7f7ef494f1 introduced a compile time option PF_DEFAULT_TO_DROP to make
the pf(4) default rule to drop. While this change exposes a vnet loader
tunable 'net.pf.default_to_drop' so that users can change the default
rule without re-compiling the pf(4) module.

This change is similiar to that for IPFW [1].

1. 5f17ebf94d Convert IPFW_DEFAULT_TO_ACCEPT into a loader tunable 'net.inet.ip.fw.default_to_accept'

Reviewed by:	#network, kp
MFC after:	2 weeks
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D39866

(cherry picked from commit c531c1d1462c45f7ce5de4f9913226801f3073bd)
2025-01-24 23:46:20 +08:00
..
amd64 x86 atomics: Remove unused WANT_FUNCTIONS 2025-01-16 19:07:00 +01:00
arm atomics: Constify loads 2025-01-16 19:06:53 +01:00
arm64 atomics: Constify loads 2025-01-16 19:06:53 +01:00
bsm timerfd: Move implementation from linux compat to sys/kern 2023-08-24 14:28:56 -06:00
cam kern: Make fileops and filterops tables const where possible 2024-12-03 01:03:42 +00:00
cddl dtrace: Add some more annotations for KMSAN 2024-12-13 01:34:14 +00:00
compat stat(2): add st_filerev 2025-01-23 11:46:57 +02:00
conf ng_ubt(4): do not attach Realtek 87XX/88XX adaptors in bootloader mode. 2024-12-22 06:34:09 +03:00
contrib zfs: merge openzfs/zfs@e269af1b3 (zfs-2.2-release) into stable/14 2024-12-12 13:22:56 +01:00
crypto openssl: Import OpenSSL 3.0.15. 2024-09-27 20:50:47 -07:00
ddb ddb: Add sysctl flag CTLFLAG_TUN to loader tunable 2023-10-12 12:08:18 +08:00
dev hid: Correctly handle signed/unsigned quantities in kernel HID parser. 2025-01-21 07:29:17 -05:00
dts add allwinner overlays for enabling additional USB ports 2024-02-17 16:15:10 +02:00
fs nfscl: Fix a crash when a readdir entry has nul in it 2025-01-23 18:25:10 -08:00
gdb sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
geom geom: Allow BSD type '!0' partitions 2024-12-21 17:04:07 +00:00
gnu sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
i386 x86 atomics: Remove unused WANT_FUNCTIONS 2025-01-16 19:07:00 +01:00
isa isa: Use a bus_child_deleted method to free ivars for children 2024-11-30 21:46:06 -05:00
kern sysctl(9): Enable vnet sysctl variables to be loader tunable 2025-01-24 23:35:49 +08:00
kgssapi nfscl/kgssapi: Fix Kerberized NFS mounts to pNFS servers 2023-12-23 17:03:58 -08:00
libkern arm64: Mark the armv8 crc32c as supporting BTI 2024-02-19 13:17:47 +00:00
modules lindebugfs: Export symbols 2025-01-07 13:48:33 -05:00
net Fix failure to add an interface prefix route 2025-01-11 19:25:16 +07:00
net80211 net80211: scan/internal: change boolean argument from int to bool 2024-09-28 10:35:12 +00:00
netgraph ng_ubt_intel: Ignore unexpected HCI events 2024-12-22 06:35:08 +03:00
netinet carp: Explicitly mark tunnable net.inet.carp.allow with CTLFLAG_NOFETCH 2025-01-24 23:41:09 +08:00
netinet6 inpcb: Further restrict binding to a port owned by a different UID 2025-01-23 13:58:07 +00:00
netipsec netipsec: Pass the right mbuf up 2025-01-20 00:26:35 +00:00
netlink netlink: restore the ability to delete PINNED routes 2025-01-21 14:37:26 +03:00
netpfil pf: Convert PF_DEFAULT_TO_DROP into a vnet loader tunable 'net.pf.default_to_drop' 2025-01-24 23:46:20 +08:00
netsmb netsmb: Stop checking for failures from malloc(M_WAITOK) 2024-09-30 12:44:16 +08:00
nfs sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
nfsclient
nfsserver
nlm sys: Remove $FreeBSD$: one-line .c pattern 2023-08-16 11:54:36 -06:00
ofed ibcore: Mark write-only variables 2024-07-15 12:28:53 +00:00
opencrypto ktls: Remove the socket parameter to ktls_ocf_try() 2024-07-23 09:01:30 -04:00
powerpc atomics: Constify loads 2025-01-16 19:06:53 +01:00
riscv atomics: Constify loads 2025-01-16 19:06:53 +01:00
rpc nfs, rpc: Ensure kernel credentials have at least one group 2024-11-15 11:47:43 +01:00
security audit: Fix short-circuiting in syscallenter() 2025-01-17 13:18:51 +00:00
sys stat(2): add st_filerev 2025-01-23 11:46:57 +02:00
teken teken: fix style in teken_wcwidth.h 2023-10-21 17:28:35 +03:00
tests tests: Stop checking for failures from malloc(M_WAITOK) 2024-09-30 12:44:18 +08:00
tools vnode: Make the vop_vector reference a pointer to const 2024-12-03 01:02:10 +00:00
ufs stat(2): add st_filerev 2025-01-23 11:46:57 +02:00
vm vm_pageout: Add a chicken switch for multithreaded PQ_INACTIVE scanning 2025-01-23 13:58:07 +00:00
x86 x86: Short-circuit ipi_all_but_self() on UP systems 2025-01-14 14:14:42 +00:00
xdr rpc: Fix the definition of xdr_void() 2024-11-05 01:05:26 +00:00
xen sys: Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:54:58 -06:00
Makefile sys: Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:54:58 -06:00
README.md

README.md

FreeBSD Kernel Source:

This directory contains the source files and build glue that make up the FreeBSD kernel and its modules, including both original and contributed software.

Kernel configuration files are located in the conf/ subdirectory of each architecture. GENERIC is the configuration used in release builds. NOTES contains documentation of all possible entries. LINT is a compile-only configuration used to maximize build coverage and detect regressions.

Documentation:

Source code documentation is maintained in a set of man pages, under section 9. These pages are located in share/man/man9, from the top-level of the src tree. Consult intro(9) for an overview of existing pages.

Some additional high-level documentation of the kernel is maintained in the Architecture Handbook.

Source Roadmap:

Directory Description
amd64 AMD64 (64-bit x86) architecture support
arm 32-bit ARM architecture support
arm64 64-bit ARM (AArch64) architecture support
cam Common Access Method storage subsystem - cam(4) and ctl(4)
cddl CDDL-licensed optional sources such as DTrace
conf kernel build glue
compat Linux compatibility layer, FreeBSD 32-bit compatibility
contrib 3rd-party imported software such as OpenZFS
crypto crypto drivers
ddb interactive kernel debugger - ddb(4)
fs most filesystems, excluding UFS, NFS, and ZFS
dev device drivers and other arch independent code
gdb kernel remote GDB stub - gdb(4)
geom GEOM framework - geom(4)
i386 i386 (32-bit x86) architecture support
kern main part of the kernel
libkern libc-like and other support functions for kernel use
modules kernel module infrastructure
net core networking code
net80211 wireless networking (IEEE 802.11) - net80211(4)
netgraph graph-based networking subsystem - netgraph(4)
netinet IPv4 protocol implementation - inet(4)
netinet6 IPv6 protocol implementation - inet6(4)
netipsec IPsec protocol implementation - ipsec(4)
netpfil packet filters - ipfw(4), pf(4), and ipfilter(4)
opencrypto OpenCrypto framework - crypto(7)
powerpc PowerPC/POWER (32 and 64-bit) architecture support
riscv 64-bit RISC-V architecture support
security security facilities - audit(4) and mac(4)
sys kernel headers
tests kernel unit tests
ufs Unix File System - ffs(7)
vm virtual memory system
x86 code shared by AMD64 and i386 architectures