diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2004-12-07 09:36:17 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2004-12-07 09:36:17 +0000 |
| commit | ffcf866cd2eade2f8c3b4cf1340e449977f6b218 (patch) | |
| tree | f82d8e15534f3fd9c3ba6f87509e214f51c2db3e /sys/net/pfvar.h | |
| parent | d6fd9cb07630888fc3d06c488e0dee919fd7fd6d (diff) | |
tree does not compile, spotted by dlg (not obvious how to fix)
----
Change the default for 'overload <table> flush' to flush only states from the
offending source created by the rule. 'flush global' flushes all states
originating from the offending source. ABI change, requires kernel and pfctl
to be in sync.
ok deraadt@ henning@ dhartmei@
Diffstat (limited to 'sys/net/pfvar.h')
| -rw-r--r-- | sys/net/pfvar.h | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index cbffd25aa5d..a87417c4631 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.206 2004/12/07 05:30:26 mcbride Exp $ */ +/* $OpenBSD: pfvar.h,v 1.207 2004/12/07 09:36:16 deraadt Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -537,10 +537,6 @@ struct pf_rule { u_int8_t tos; u_int8_t anchor_relative; u_int8_t anchor_wildcard; - -#define PF_FLUSH 0x01 -#define PF_FLUSH_GLOBAL 0x02 - u_int8_t flush; }; /* rule flags */ @@ -552,6 +548,7 @@ struct pf_rule { #define PFRULE_NOSYNC 0x0010 #define PFRULE_SRCTRACK 0x0020 /* track source states */ #define PFRULE_RULESRCTRACK 0x0040 /* per rule */ +#define PFRULE_SRCTRACK_FLUSH 0x0080 /* flush for src_node->open_states */ /* scrub flags */ #define PFRULE_NODF 0x0100 @@ -1222,8 +1219,7 @@ struct pfioc_table { struct pfr_table pfrio_table; void *pfrio_buffer; int pfrio_esize; - int pfrio_size; /* entries this transaction */ - int pfrio_tsize; /* total entries */ + int pfrio_size; int pfrio_size2; int pfrio_nadd; int pfrio_ndel; @@ -1448,12 +1444,12 @@ int pfr_clr_tstats(struct pfr_table *, int, int *, int); int pfr_set_tflags(struct pfr_table *, int, int, int, int *, int *, int); int pfr_clr_addrs(struct pfr_table *, int *, int); int pfr_insert_kentry(struct pfr_ktable *, struct pfr_addr *, long); -int pfr_add_addrs(struct pfr_table *, struct pfr_addr *, int, int, int *, - int, u_int32_t *); -int pfr_del_addrs(struct pfr_table *, struct pfr_addr *, int, int, int *, - int, u_int32_t *); -int pfr_set_addrs(struct pfr_table *, struct pfr_addr *, int, int, int *, - int *, int *, int *, int, u_int32_t *); +int pfr_add_addrs(struct pfr_table *, struct pfr_addr *, int, int *, + int); +int pfr_del_addrs(struct pfr_table *, struct pfr_addr *, int, int *, + int); +int pfr_set_addrs(struct pfr_table *, struct pfr_addr *, int, int *, + int *, int *, int *, int); int pfr_get_addrs(struct pfr_table *, struct pfr_addr *, int *, int); int pfr_get_astats(struct pfr_table *, struct pfr_astats *, int *, int); int pfr_clr_astats(struct pfr_table *, struct pfr_addr *, int, int *, |