Add FreeBSD PF Firewall to libbsd
Christian Mauderer
christian.mauderer at embedded-brains.de
Mon Aug 8 14:36:08 UTC 2016
Am 03.08.2016 um 02:54 schrieb Chris Johns:
>> - The PF modules can now be linked by using the SYSINIT_NEED_FIREWALL_PF
>> and SYSINIT_NEED_FIREWALL_PFLOG configuration macros.
>
> Can you please add RTEMS_BSD_CONFIG_FIREWALL_PF and
> RTEMS_BSD_CONFIG_FIREWALL_PFLOG to rtems-bsd-config.h.
>
> This is the user interface and what I intend to document and so what we
> need to maintain and keep working into the future.
>
>> - I ported the control tool for the firewall (pfctl) to libbsd.
>>
>> - I added a chapter on how to use PF to libbsd.txt. An example can be
>> found in the pf01 test.
>
> Is there support for rc.conf(5)
> (https://www.freebsd.org/cgi/man.cgi?rc.conf%285%29) in the change?
>
> It would be nice to support ipfilter_enable, ipfilter_rules,
> ipv6_ipfilter_rules, and ipfilter_flags. I think ipfilter_program can be
> silently ignored.
>
> I would like LibBSD's user interface to be rc.conf(5) as standard and my
> hope is the support work I have done for rc.conf makes it easy to add
> support. I am happy for other ways to configure to be present and the
> tests tend to need this however users who depend on those interface
> maybe disappointed if those interfaces change or break.
Hello Chris,
I added the two interfaces and posted a patch set to the list for review.
Kind regards
Christian
--
--------------------------------------------
embedded brains GmbH
Christian Mauderer
Dornierstr. 4
D-82178 Puchheim
Germany
email: christian.mauderer at embedded-brains.de
Phone: +49-89-18 94 741 - 18
Fax: +49-89-18 94 741 - 08
PGP: Public key available on request.
Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.
More information about the devel
mailing list