diff options
| author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-12-15 00:02:05 +0000 |
|---|---|---|
| committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-12-15 00:02:05 +0000 |
| commit | bcbefdbeb6961a98675a03e10371e908592d2742 (patch) | |
| tree | 44fc5938d025a365526a21723a1004d25f125611 /sbin/pfctl/pf_print_state.c | |
| parent | 7177de71616eff6b6f4d44f5b1c99fe17c82545e (diff) | |
Add support to track stateful connections by source ip. This allows us
to:
- Ensure that clients get a consistent IP mapping with load-balanced
translation/routing rules
- Limit the number of simultaneous connections a client can make
- Limit the number of clients which can connect through a rule
ok dhartmei@ deraadt@
Diffstat (limited to 'sbin/pfctl/pf_print_state.c')
| -rw-r--r-- | sbin/pfctl/pf_print_state.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sbin/pfctl/pf_print_state.c b/sbin/pfctl/pf_print_state.c index 58ce23a9aee..22f1d0399f9 100644 --- a/sbin/pfctl/pf_print_state.c +++ b/sbin/pfctl/pf_print_state.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_print_state.c,v 1.33 2003/07/06 22:01:28 deraadt Exp $ */ +/* $OpenBSD: pf_print_state.c,v 1.34 2003/12/15 00:02:03 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -256,6 +256,11 @@ print_state(struct pf_state *s, int opts) printf(", anchor %u", s->anchor.nr); if (s->rule.nr != -1) printf(", rule %u", s->rule.nr); + if (s->src_node != NULL) + printf(", source-track"); + if (s->nat_src_node != NULL) + printf(", sticky-address"); + printf("\n"); printf("\n"); } } |