diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2003-05-13 21:15:08 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2003-05-13 21:15:08 +0000 |
| commit | ae79e5a1fc3635931132000358fde29cd5d19a29 (patch) | |
| tree | 73da6ded41c00c0f30bacb7e72bd2927a4a03616 /sbin/pfctl/pfctl_parser.c | |
| parent | edd25fb12b94af34d488c428c44f92a63f8a3872 (diff) | |
userland part for tagging.
it's now possible to tag packets with an arbitary tag and filter based on
that tag later on other interfaces:
pass in quick on fxp0 keep state tag blah
pass out quick on wi0 keep state with tag blah
can be used to express trust between interfaces, to distinguish between
NATed connections and connection originating from teh firewall itself
and much more
ok dhartmei@ frantzen@ pb@ mcbride@
Diffstat (limited to 'sbin/pfctl/pfctl_parser.c')
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index 225090d2c81..2e887355c44 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.152 2003/05/12 01:25:31 dhartmei Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.153 2003/05/13 21:15:07 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -746,7 +746,10 @@ print_rule(struct pf_rule *r, int verbose) printf("queue(%s, %s) ", r->qname, r->pqname); else if (r->qname[0]) printf("queue %s ", r->qname); - + if (r->tagname[0]) + printf("tag %s ", r->tagname); + if (r->match_tagname[0]) + printf("with tag %s ", r->match_tagname); printf("\n"); } |