Add FreeBSD PF Firewall to libbsd

Christian Mauderer christian.mauderer at embedded-brains.de
Mon Aug 8 14:36:08 UTC 2016


Am 03.08.2016 um 02:54 schrieb Chris Johns:
>> - The PF modules can now be linked by using the SYSINIT_NEED_FIREWALL_PF
>> and SYSINIT_NEED_FIREWALL_PFLOG configuration macros.
> 
> Can you please add RTEMS_BSD_CONFIG_FIREWALL_PF and
> RTEMS_BSD_CONFIG_FIREWALL_PFLOG to rtems-bsd-config.h.
> 
> This is the user interface and what I intend to document and so what we
> need to maintain and keep working into the future.
> 
>> - I ported the control tool for the firewall (pfctl) to libbsd.
>>
>> - I added a chapter on how to use PF to libbsd.txt. An example can be
>> found in the pf01 test.
> 
> Is there support for rc.conf(5)
> (https://www.freebsd.org/cgi/man.cgi?rc.conf%285%29) in the change?
> 
> It would be nice to support ipfilter_enable, ipfilter_rules,
> ipv6_ipfilter_rules, and ipfilter_flags. I think ipfilter_program can be
> silently ignored.
> 
> I would like LibBSD's user interface to be rc.conf(5) as standard and my
> hope is the support work I have done for rc.conf makes it easy to add
> support. I am happy for other ways to configure to be present and the
> tests tend to need this however users who depend on those interface
> maybe disappointed if those interfaces change or break.

Hello Chris,

I added the two interfaces and posted a patch set to the list for review.

Kind regards

Christian
-- 
--------------------------------------------
embedded brains GmbH
Christian Mauderer
Dornierstr. 4
D-82178 Puchheim
Germany
email: christian.mauderer at embedded-brains.de
Phone: +49-89-18 94 741 - 18
Fax:   +49-89-18 94 741 - 08
PGP: Public key available on request.

Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.



More information about the devel mailing list