Module Name: src
Committed By: riz
Date: Sat Dec 15 23:34:31 UTC 2012
Modified Files:
src/usr.sbin/npf/npfctl [netbsd-6-0]: npf.conf.5
Log Message:
Pull up following revision(s) (requested by rmind in ticket #744):
usr.sbin/npf/npfctl/npf.conf.5: revision 1.25
- npf.conf(5): fix of the example config.
- Mention npf_ext_log in a comment.
To generate a diff of this commit:
cvs rdiff -u -r1.9.2.4 -r1.9.2.4.2.1 src/usr.sbin/npf/npfctl/npf.conf.5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/npf/npfctl/npf.conf.5
diff -u src/usr.sbin/npf/npfctl/npf.conf.5:1.9.2.4 src/usr.sbin/npf/npfctl/npf.conf.5:1.9.2.4.2.1
--- src/usr.sbin/npf/npfctl/npf.conf.5:1.9.2.4 Mon Oct 1 20:05:56 2012
+++ src/usr.sbin/npf/npfctl/npf.conf.5 Sat Dec 15 23:34:31 2012
@@ -1,4 +1,4 @@
-.\" $NetBSD: npf.conf.5,v 1.9.2.4 2012/10/01 20:05:56 riz Exp $
+.\" $NetBSD: npf.conf.5,v 1.9.2.4.2.1 2012/12/15 23:34:31 riz Exp $
.\"
.\" Copyright (c) 2009-2012 The NetBSD Foundation, Inc.
.\" All rights reserved.
@@ -27,7 +27,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd September 30, 2012
+.Dd December 6, 2012
.Dt NPF.CONF 5
.Os
.Sh NAME
@@ -272,11 +272,12 @@ map $ext_if dynamic 10.1.1.0/24 -> $ext_
map $ext_if dynamic 10.1.1.2 port 22 <- $ext_if 9022
procedure "log" {
+ # Note: npf_ext_log kernel module should be loaded, if not built-in.
log: npflog0
}
group (name "external", interface $ext_if) {
- pass stateful out final from $ext_if
+ pass stateful out final all
block in final from \*[Lt]1\*[Gt]
pass stateful in final family inet proto tcp to $ext_if port ssh apply "log"
