CVS commit: src/sys/netinet

[Christoph Badura]

Module Name:    src
Committed By:   bad
Date:           Sat Oct  2 20:07:39 UTC 2010

Modified Files:
        src/sys/netinet: files.ipfilter

Log Message:
Defopt the rest of the Ipfilter options and tunables.
Per discussion with darrenr@ a year ago.


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/sys/netinet/files.ipfilter

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/netinet/files.ipfilter
diff -u src/sys/netinet/files.ipfilter:1.11 src/sys/netinet/files.ipfilter:1.12
--- src/sys/netinet/files.ipfilter:1.11	Sat Apr 17 22:00:33 2010
+++ src/sys/netinet/files.ipfilter	Sat Oct  2 20:07:39 2010
@@ -1,10 +1,25 @@
-#	$NetBSD: files.ipfilter,v 1.11 2010/04/17 22:00:33 darrenr Exp $
+#	$NetBSD: files.ipfilter,v 1.12 2010/10/02 20:07:39 bad Exp $
 
 defflag	opt_ipfilter.h	IPFILTER_LOG		# logging of ip packets
 defflag	opt_ipfilter.h	IPFILTER_DEFAULT_BLOCK
-defflag	opt_ipfilter.h	IPFILTER_LOOKUP
+defflag	opt_ipfilter.h	IPFILTER_BPF		# BPF opcodes in rules
+defflag	opt_ipfilter.h	IPFILTER_CKSUM		# check layer 4 checksums
+defflag	opt_ipfilter.h	IPFILTER_COMPILED	# support for compiled IPF rules
+defflag	opt_ipfilter.h	IPFILTER_LOOKUP		# support for ippool(8)
+defflag	opt_ipfilter.h	IPFILTER_SCAN		# scanning of packet contents
+defflag	opt_ipfilter.h	IPFILTER_SYNC		# synchronisation of state 
 defflag	opt_ipfilter.h	IPFILTER_COMPAT		# IPFilter version compat.
 
+defparam opt_ipfilter.h	IPFILTER_LOGSIZE	# size of logging buffer
+defparam opt_ipfilter.h	IPSTATE_MAX	# maximum number of references to state table entry
+defparam opt_ipfilter.h	IPSTATE_SIZE	# size of state hash table
+defparam opt_ipfilter.h	NAT_TABLE_MAX	# maximum number of NAT state entries
+defparam opt_ipfilter.h	NAT_TABLE_SZ	# size of NAT state hash table
+defparam opt_ipfilter.h	NAT_SIZE	# size of nat rules hash table
+defparam opt_ipfilter.h	RDR_SIZE	# size of rdr rules hash table
+defparam opt_ipfilter.h	HOSTMAP_SIZE	# size of hostmap hash table
+
+
 defpseudo ipfilter: ifnet, bpf_filter		# XXX not really an ifnet
 
 file	dist/ipf/netinet/fil.c			ipfilter
@@ -17,9 +32,9 @@
 file	dist/ipf/netinet/ip_nat.c		ipfilter
 file	dist/ipf/netinet/ip_pool.c		ipfilter
 file	dist/ipf/netinet/ip_proxy.c		ipfilter
-file	dist/ipf/netinet/ip_scan.c		ipfilter
+file	dist/ipf/netinet/ip_scan.c		ipfilter & ipfilter_scan
 file	dist/ipf/netinet/ip_state.c		ipfilter
-file	dist/ipf/netinet/ip_sync.c		ipfilter
+file	dist/ipf/netinet/ip_sync.c		ipfilter & ipfilter_sync
 file	dist/ipf/netinet/ip_fil_compat.c	ipfilter & ipfilter_compat
 
 makeoptions	ipfilter	CPPFLAGS+="-I$S/dist/ipf"