mirror of
https://github.com/opnsense/src.git
synced 2026-06-04 22:32:43 -04:00
288bec2b2b
Reduces code and fixes a bunch of bugs with fragment handling not being in sync
with the rest of the ruleset.
Much feedback from mpf, bluhm & markus
Thanks to Tony Sarendal for help with testing
ok bluhm; various previous versions ok henning, claudio, mpf, markus
Note that while this changes the order of src addr/src port/dst addr/dst port
skips this doesn't actually affect the kernel/userspace ABI. The kernel always
recalculates skip steps. As a result we have to fix one of the pfctl parser
tests. Note that this is an order change that does not affect what packets are
acceppted or dropped.
Obtained from: OpenBSD, mcbride <mcbride@openbsd.org>, 04c69899a7
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46705
|
||
|---|---|---|
| .. | ||
| tests | ||
| Makefile | ||
| Makefile.depend | ||
| parse.y | ||
| pf.os | ||
| pf_print_state.c | ||
| pf_ruleset.c | ||
| pfctl.8 | ||
| pfctl.c | ||
| pfctl.h | ||
| pfctl_altq.c | ||
| pfctl_ioctl.h | ||
| pfctl_optimize.c | ||
| pfctl_osfp.c | ||
| pfctl_parser.c | ||
| pfctl_parser.h | ||
| pfctl_qstats.c | ||
| pfctl_radix.c | ||
| pfctl_table.c | ||