diff options
author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2005-10-27 12:34:41 +0000 |
---|---|---|
committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2005-10-27 12:34:41 +0000 |
commit | 08482f721146e0abb8b395c808fa2e641fb8548f (patch) | |
tree | 87a590ad3cfb5debaec71ed382ab15516f1255b9 /gnu | |
parent | 3a23492a2f77205e4f32ca586dcba07caaa7007c (diff) |
Basic support for attaching states from pfsync to the correct rules.
Applies only to rules in the main ruleset (not anchors) if the ruleset
checksum matches. Necessary to fix the following for pfsync'd states:
- per-rule limits on number of states
- altq
- rule-based settings such as timeouts
More work to do re: nat rules, src-nodes, etc.
NOTE: This is modifies the pfsync header and version number.
Tools which process pfsync packets must be recompiled, and firewalls with
different versions will not sync.
ok mpf@ henning@ dhartmei@
Diffstat (limited to 'gnu')
0 files changed, 0 insertions, 0 deletions