|
Revision tags: v6.4.0, v6.4.0rc1, v6.5.0, v6.2.2, v6.2.1, v6.3.0, v6.0.1, v6.0.0, v6.0.0rc1, v6.1.0, v5.8.3, v5.8.2, v5.8.1, v5.8.0, v5.9.0, v5.8.0rc1, v5.6.3 |
|
| #
10f846f5 |
| 01-Nov-2019 |
Sascha Wildner <saw@online.de> |
libipfw3: Use NULL for a pointer.
|
|
Revision tags: v5.6.2, v5.6.1, v5.6.0, v5.6.0rc1, v5.7.0, v5.4.3, v5.4.2, v5.4.1, v5.4.0, v5.5.0, v5.4.0rc1, v5.2.2, v5.2.1 |
|
| #
4408d548 |
| 12-May-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3_nat: highspeed lockless in-kernel NAT
RB-Tree to stored the state for the outgoing packets, and multidimentional
array of pointers to keep the state for the incoming packets.
|
|
Revision tags: v5.2.0, v5.3.0, v5.2.0rc |
|
| #
59ea0e34 |
| 21-Mar-2018 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3: use the headers in include folder
|
|
Revision tags: v5.0.2, v5.0.1, v5.0.0, v5.0.0rc2, v5.1.0, v5.0.0rc1, v4.8.1 |
|
| #
2ca766ab |
| 10-Jun-2017 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3: match_token func
|
|
Revision tags: v4.8.0, v4.6.2, v4.9.0, v4.8.0rc |
|
| #
5f62bb52 |
| 26-Nov-2016 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3: 'or' supports more filters
|
|
Revision tags: v4.6.1, v4.6.0, v4.6.0rc2, v4.6.0rc, v4.7.0 |
|
| #
9187b359 |
| 21-Jun-2016 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3: lockless in-kernel NAT
The libalias is used in kernel space for in-kernel NAT, and its alias_link
entries are stored with LIST. so all the packets which need to be NAT will scan
against the L
ipfw3: lockless in-kernel NAT
The libalias is used in kernel space for in-kernel NAT, and its alias_link
entries are stored with LIST. so all the packets which need to be NAT will scan
against the LIST and trying to find the matched alias_link. by seperating the
libalias into context of different CPUs, the lock can be removed. and due to the
nature of NAT, the outgoing and incoming packets are possible to be handled by
different CPUs, to ensure the returning packet can be translated properly, the
newly created alias_link is required to be duplicated and inserted into contexts
of both CPUs.
e.g.
ipfw3 nat 1 config if em0
ipfw3 nat 1 all via em0
ipfw3 nat 1 show state
show more ...
|
|
Revision tags: v4.4.3 |
|
| #
dd95fb5d |
| 26-Feb-2016 |
Bill Yuan <bycn82@dragonflybsd.org> |
ipfw3: fix func lookup_host
|
|
Revision tags: v4.4.2 |
|
| #
8b5a5700 |
| 18-Jan-2016 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: forward args verification
|
|
Revision tags: v4.4.1, v4.4.0, v4.5.0, v4.4.0rc |
|
| #
26a55228 |
| 02-Oct-2015 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: lookup_state for keep-state and check-state
|
| #
c1bde762 |
| 01-Oct-2015 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: support ip:port in filter from and new filter src-port
1. support ip:port in both filters 'from' and 'to'
2. new filters 'src-port' and 'dst-port'
e.g. block UDP packets to 192.168.1.1:1813
i
ipfw3: support ip:port in filter from and new filter src-port
1. support ip:port in both filters 'from' and 'to'
2. new filters 'src-port' and 'dst-port'
e.g. block UDP packets to 192.168.1.1:1813
ipfw3 add deny udp to 192.168.1.1:1813
ipfw3 add deny udp to 192.168.1.1 dst-port 1813
show more ...
|
| #
62f8e481 |
| 01-Oct-2015 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: not-in-use keywords
|
| #
3b6ebdc3 |
| 01-Oct-2015 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: shorten func show_filter and MACRO
|
| #
5284582f |
| 01-Oct-2015 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: filtering with lookup table
|
|
Revision tags: v4.2.4, v4.3.1, v4.2.3, v4.2.1 |
|
| #
6ce8c93f |
| 28-Jun-2015 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: join same filters with or operator
example:
ipfw3 add allow icmp to <ip addr 1> or <ip addr 2> ...
|
| #
63317b93 |
| 27-Jun-2015 |
Bill Yuan <bycn82@leaf.dragonflybsd.org> |
ipfw3: filter from/to supports me/any/subnet
usage:
ipfw3 add allow udp to any
ipfw3 add allow icmp from me
ipfw3 add allow icmp from 192.168.1.0/24
|
|
Revision tags: v4.2.0, v4.0.6, v4.3.0, v4.2.0rc, v4.0.5 |
|
| #
6a03354e |
| 12-Mar-2015 |
Matthew Dillon <dillon@apollo.backplane.com> |
ipfw2 - Rename FreeBSD ipfw port to ipfw3
* Rename all elements of the port to ipfw3 to reduce confusion.
|