summaryrefslogtreecommitdiff
path: root/sbin/pfctl
diff options
context:
space:
mode:
authorHenning Brauer <henning@cvs.openbsd.org>2007-04-21 14:49:46 +0000
committerHenning Brauer <henning@cvs.openbsd.org>2007-04-21 14:49:46 +0000
commit4dd9cc8538303a45dfc00a0ce1400f4fed98788b (patch)
treebf3f4e466947039c61da73599a207a319d1287d2 /sbin/pfctl
parenta1c46bf132cdbcbb027dd7577ebbc2169f0f8a37 (diff)
fix -o handling. syntax is now -o none|basic|profile. -o without argument
is invalid now, it doesn't serve any purpose any more anyway since that is the default. ok mcbride
Diffstat (limited to 'sbin/pfctl')
-rw-r--r--sbin/pfctl/pfctl.820
-rw-r--r--sbin/pfctl/pfctl.c27
2 files changed, 13 insertions, 34 deletions
diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8
index a8ca21df8ef..b0d6b3428ba 100644
--- a/sbin/pfctl/pfctl.8
+++ b/sbin/pfctl/pfctl.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: pfctl.8,v 1.130 2007/04/20 07:30:16 jmc Exp $
+.\" $OpenBSD: pfctl.8,v 1.131 2007/04/21 14:49:45 henning Exp $
.\"
.\" Copyright (c) 2001 Kjell Wooding. All rights reserved.
.\"
@@ -42,7 +42,7 @@
.Op Fl i Ar interface
.Op Fl K Ar host | network
.Op Fl k Ar host | network
-.Op Fl o Ns Op Ar level
+.Op Fl o Ar level
.Op Fl p Ar device
.Op Fl s Ar modifier
.Xo
@@ -296,26 +296,18 @@ Do not actually load rules, just parse them.
.It Fl O
Load only the options present in the rule file.
Other rules and options are ignored.
-.It Fl o Ns Op Ar level
+.It Fl o Ar level
Control the ruleset optimizer, overriding any rule file settings.
.Pp
.Bl -tag -width xxxxxxxxxxxx -compact
-.It Fl o Ns Cm none
+.It Fl o Cm none
Disable the ruleset optimizer.
-.It Fl o Ns Cm basic
+.It Fl o Cm basic
Enable basic ruleset optimizations.
This is the default behaviour.
-.It Fl o Ns Cm profile
+.It Fl o Cm profile
Enable basic ruleset optimizations with profiling.
.El
-.Pp
-To retain compatibility with previous behaviour, a single
-.Fl o
-without any options will enable
-.Cm basic
-optimizations, and a second
-.Fl o
-will enable profiling.
For further information on the ruleset optimizer, see
.Xr pf.conf 5 .
.It Fl p Ar device
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index 40d03e0344b..b87bb0b2eb5 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfctl.c,v 1.264 2007/04/20 07:30:16 jmc Exp $ */
+/* $OpenBSD: pfctl.c,v 1.265 2007/04/21 14:49:45 henning Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -232,7 +232,7 @@ usage(void)
fprintf(stderr, "[-a anchor] [-D macro=value] [-F modifier]\n");
fprintf(stderr, "\t[-f file] [-i interface] [-K host | network] ");
fprintf(stderr, "[-k host | network]\n");
- fprintf(stderr, "\t[-o[level]] [-p device] [-s modifier]\n");
+ fprintf(stderr, "\t[-o level] [-p device] [-s modifier]\n");
fprintf(stderr, "\t[-t table -T command [address ...]] [-x level]\n");
exit(1);
}
@@ -1963,7 +1963,7 @@ main(int argc, char *argv[])
usage();
while ((ch = getopt(argc, argv,
- "a:AdD:eqf:F:ghi:k:K:mnNOo::p:rRs:t:T:vx:z")) != -1) {
+ "a:AdD:eqf:F:ghi:k:K:mnNOo:p:rRs:t:T:vx:z")) != -1) {
switch (ch) {
case 'a':
anchoropt = optarg;
@@ -2039,24 +2039,11 @@ main(int argc, char *argv[])
loadopt |= PFCTL_FLAG_FILTER;
break;
case 'o':
- if (optarg) {
- optiopt = pfctl_lookup_option(optarg,
- optiopt_list);
- if (optiopt == NULL) {
- warnx("Unknown optimization '%s'",
- optarg);
- usage();
- }
- }
- if (opts & PF_OPT_OPTIMIZE) {
- if (optiopt != NULL) {
- warnx("Cannot specify -o multiple times"
- "with optimizer level");
- usage();
- }
- optimize |= PF_OPTIMIZE_PROFILE;
+ optiopt = pfctl_lookup_option(optarg, optiopt_list);
+ if (optiopt == NULL) {
+ warnx("Unknown optimization '%s'", optarg);
+ usage();
}
- optimize |= PF_OPTIMIZE_BASIC;
opts |= PF_OPT_OPTIMIZE;
break;
case 'O':