summaryrefslogtreecommitdiff
path: root/share
diff options
context:
space:
mode:
authorMichael Shalayeff <mickey@cvs.openbsd.org>2002-11-29 18:37:13 +0000
committerMichael Shalayeff <mickey@cvs.openbsd.org>2002-11-29 18:37:13 +0000
commit7386ae132b69da8ef4f3049bb541a86439dfb9a1 (patch)
treed4d23416b0fd1cff2a22845b14139e6a9445f0e8 /share
parent77247224d7146686530acb54db5b30867ed39be0 (diff)
das ist pfsync.4
Diffstat (limited to 'share')
-rw-r--r--share/man/man4/Makefile7
-rw-r--r--share/man/man4/pf.43
-rw-r--r--share/man/man4/pfsync.480
3 files changed, 86 insertions, 4 deletions
diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile
index 0a7fecce6a1..e5273d24ba5 100644
--- a/share/man/man4/Makefile
+++ b/share/man/man4/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.224 2002/11/28 23:27:40 mickey Exp $
+# $OpenBSD: Makefile,v 1.225 2002/11/29 18:37:11 mickey Exp $
MAN= aac.4 ac97.4 addcom.4 adv.4 aha.4 ahb.4 ahc.4 aic.4 \
ami.4 amdpm.4 amphy.4 an.4 aria.4 ast.4 atalk.4 atapiscsi.4 \
@@ -19,8 +19,9 @@ MAN= aac.4 ac97.4 addcom.4 adv.4 aha.4 ahb.4 ahc.4 aic.4 \
ncr.4 ne.4 neo.4 netintro.4 nge.4 noct.4 nofn.4 ns.4 nsip.4 nsgphy.4 \
nsphy.4 nsphyter.4 null.4 \
ohci.4 opl.4 options.4 pcdisplay.4 pchb.4 pckbc.4 pckbd.4 \
- pci.4 pciide.4 pcmcia.4 pcppi.4 pcscp.4 pf.4 pflog.4 pms.4 ppp.4 \
- pty.4 puc.4 qsphy.4 radio.4 raid.4 random.4 ray.4 rd.4 rl.4 rln.4 \
+ pci.4 pciide.4 pcmcia.4 pcppi.4 pcscp.4 pf.4 pflog.4 pfsync.4 \
+ pms.4 ppp.4 pty.4 puc.4 \
+ qsphy.4 radio.4 raid.4 random.4 ray.4 rd.4 rl.4 rln.4 \
rlphy.4 route.4 rt.4 rtii.4 rtfps.4 \
sbus.4 scsi.4 sd.4 ses.4 sf.4 sf2r.4 sfr.4 siop.4 sis.4 sk.4 \
sl.4 sm.4 spp.4 sppp.4 sqphy.4 ss.4 st.4 ste.4 stge.4 sti.4 stp.4 \
diff --git a/share/man/man4/pf.4 b/share/man/man4/pf.4
index 5ed898b750e..c8082a703dc 100644
--- a/share/man/man4/pf.4
+++ b/share/man/man4/pf.4
@@ -1,4 +1,4 @@
-.\" $OpenBSD: pf.4,v 1.18 2002/10/25 09:27:54 mpech Exp $
+.\" $OpenBSD: pf.4,v 1.19 2002/11/29 18:37:12 mickey Exp $
.\"
.\" Copyright (C) 2001, Kjell Wooding. All rights reserved.
.\"
@@ -350,6 +350,7 @@ main(int argc, char *argv[])
.Sh SEE ALSO
.Xr bridge 4 ,
.Xr pflog 4 ,
+.Xr pfsync 4 ,
.Xr pfctl 8
.Sh HISTORY
The
diff --git a/share/man/man4/pfsync.4 b/share/man/man4/pfsync.4
new file mode 100644
index 00000000000..bdeb75417dd
--- /dev/null
+++ b/share/man/man4/pfsync.4
@@ -0,0 +1,80 @@
+.\" $OpenBSD: pfsync.4,v 1.1 2002/11/29 18:37:12 mickey Exp $
+.\"
+.\" Copyright (c) 2002 Michael Shalayeff
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF MIND,
+.\" USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd November 29, 2002
+.Dt PFSYNC 4
+.Os
+.Sh NAME
+.Nm pfsync
+.Nd packet filter states table logging interface
+.Sh SYNOPSIS
+.Sy pseudo-device Nm pfsync
+.Sh DESCRIPTION
+The
+.Nm pfsync
+interface is the interface to the packet filter,
+.Xr pf 4 ,
+exposes all the changes to the states table.
+This allows for both debugging of rulesets and monitoring
+for changes in the table by invoking
+.Xr tcpdump 8
+on the
+.Nm
+interface.
+.Pp
+Each packet retrieved on this interface has a header associated
+with it of length
+.Dv PFSYNC_HDRLEN .
+The header indicates the version of the protocol, address family,
+action taken on the following states and the number of state
+table entries attached in this packet.
+This structure, defined in
+.Pa <net/if_pfsync.h>
+looks like:
+.Bd -literal -offset indent
+struct pfsync_header {
+ u_int8_t version;
+ u_int8_t af;
+ u_int8_t action;
+ u_int8_t count;
+};
+.Ed
+.Sh EXAMPLES
+.Bd -literal -offset indent
+# ifconfig pfsync0 up
+# tcpdump -s1500 -evtni pfsync0
+.Ed
+.Sh SEE ALSO
+.Xr inet 4 ,
+.Xr inet6 4 ,
+.Xr netintro 4 ,
+.Xr pf 4 ,
+.Xr ifconfig 8 ,
+.Xr tcpdump 8
+.Sh HISTORY
+The
+.Nm
+device first appeared in
+.Ox 3.3 .