From owner-svn-src-head@FreeBSD.ORG  Sun Oct 27 16:26:01 2013
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 9BF3BA10;
 Sun, 27 Oct 2013 16:26:01 +0000 (UTC)
 (envelope-from glebius@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 86D602F7A;
 Sun, 27 Oct 2013 16:26:01 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r9RGQ19u038063;
 Sun, 27 Oct 2013 16:26:01 GMT (envelope-from glebius@svn.freebsd.org)
Received: (from glebius@localhost)
 by svn.freebsd.org (8.14.7/8.14.5/Submit) id r9RGPvGD038021;
 Sun, 27 Oct 2013 16:25:57 GMT (envelope-from glebius@svn.freebsd.org)
Message-Id: <201310271625.r9RGPvGD038021@svn.freebsd.org>
From: Gleb Smirnoff <glebius@FreeBSD.org>
Date: Sun, 27 Oct 2013 16:25:57 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r257215 - in head: contrib/libpcap etc/mtree include
 sys/contrib/altq/altq sys/net sys/netpfil/ipfw sys/netpfil/pf
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Oct 2013 16:26:01 -0000

Author: glebius
Date: Sun Oct 27 16:25:57 2013
New Revision: 257215
URL: http://svnweb.freebsd.org/changeset/base/257215

Log:
  Move new pf includes to the pf directory. The pfvar.h remain
  in net, to avoid compatibility breakage for no sake.
  
  The future plan is to split most of non-kernel parts of
  pfvar.h into pf.h, and then make pfvar.h a kernel only
  include breaking compatibility.
  
  Discussed with:		bz

Added:
  head/sys/netpfil/pf/pf.h
     - copied unchanged from r257214, head/sys/net/pf.h
  head/sys/netpfil/pf/pf_altq.h
     - copied unchanged from r257189, head/sys/net/pf_altq.h
  head/sys/netpfil/pf/pf_mtag.h
     - copied unchanged from r257189, head/sys/net/pf_mtag.h
Deleted:
  head/sys/net/pf.h
  head/sys/net/pf_altq.h
  head/sys/net/pf_mtag.h
Modified:
  head/contrib/libpcap/grammar.y
  head/etc/mtree/BSD.include.dist
  head/include/Makefile
  head/sys/contrib/altq/altq/altq_cbq.c
  head/sys/contrib/altq/altq/altq_hfsc.c
  head/sys/contrib/altq/altq/altq_priq.c
  head/sys/contrib/altq/altq/altq_red.c
  head/sys/contrib/altq/altq/altq_rio.c
  head/sys/contrib/altq/altq/altq_subr.c
  head/sys/net/if_ethersubr.c
  head/sys/net/pfvar.h
  head/sys/netpfil/ipfw/ip_fw2.c
  head/sys/netpfil/pf/pf.c
  head/sys/netpfil/pf/pf_lb.c
  head/sys/netpfil/pf/pf_norm.c

Modified: head/contrib/libpcap/grammar.y
==============================================================================
--- head/contrib/libpcap/grammar.y	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/contrib/libpcap/grammar.y	Sun Oct 27 16:25:57 2013	(r257215)
@@ -56,7 +56,7 @@ struct rtentry;
 #include "gencode.h"
 #ifdef HAVE_NET_PFVAR_H
 #include <net/if.h>
-#include <net/pf.h>
+#include <netpfil/pf/pf.h>
 #include <net/if_pflog.h>
 #endif
 #include "ieee80211.h"

Modified: head/etc/mtree/BSD.include.dist
==============================================================================
--- head/etc/mtree/BSD.include.dist	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/etc/mtree/BSD.include.dist	Sun Oct 27 16:25:57 2013	(r257215)
@@ -289,6 +289,10 @@
         sig
         ..
     ..
+    netpfil
+        pf
+        ..
+    ..
     netsmb
     ..
     nfs

Modified: head/include/Makefile
==============================================================================
--- head/include/Makefile	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/include/Makefile	Sun Oct 27 16:25:57 2013	(r257215)
@@ -288,6 +288,13 @@ symlinks:
 		    ${DESTDIR}${INCLUDEDIR}/netinet; \
 	done
 .endif
+.if ${MK_PF} != "no"
+	cd ${.CURDIR}/../sys/netpfil/pf; \
+	for h in *.h; do \
+		ln -fs ../../../../sys/netpfil/pf/$$h \
+		    ${DESTDIR}${INCLUDEDIR}/netpfil/pf; \
+	done
+.endif
 	cd ${.CURDIR}/../sys/crypto; \
 	for h in rijndael/rijndael.h; do \
 		ln -fs ../../../sys/crypto/$$h \

Modified: head/sys/contrib/altq/altq/altq_cbq.c
==============================================================================
--- head/sys/contrib/altq/altq/altq_cbq.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/contrib/altq/altq/altq_cbq.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -57,9 +57,9 @@
 #include <net/if_var.h>
 #include <netinet/in.h>
 
-#include <net/pf.h>
-#include <net/pf_altq.h>
-#include <net/pf_mtag.h>
+#include <netpfil/pf/pf.h>
+#include <netpfil/pf/pf_altq.h>
+#include <netpfil/pf/pf_mtag.h>
 #include <altq/altq.h>
 #include <altq/altq_cbq.h>
 #ifdef ALTQ3_COMPAT

Modified: head/sys/contrib/altq/altq/altq_hfsc.c
==============================================================================
--- head/sys/contrib/altq/altq/altq_hfsc.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/contrib/altq/altq/altq_hfsc.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -69,9 +69,9 @@
 #include <net/if_var.h>
 #include <netinet/in.h>
 
-#include <net/pf.h>
-#include <net/pf_altq.h>
-#include <net/pf_mtag.h>
+#include <netpfil/pf/pf.h>
+#include <netpfil/pf/pf_altq.h>
+#include <netpfil/pf/pf_mtag.h>
 #include <altq/altq.h>
 #include <altq/altq_hfsc.h>
 #ifdef ALTQ3_COMPAT

Modified: head/sys/contrib/altq/altq/altq_priq.c
==============================================================================
--- head/sys/contrib/altq/altq/altq_priq.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/contrib/altq/altq/altq_priq.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -54,9 +54,9 @@
 #include <net/if_var.h>
 #include <netinet/in.h>
 
-#include <net/pf.h>
-#include <net/pf_altq.h>
-#include <net/pf_mtag.h>
+#include <netpfil/pf/pf.h>
+#include <netpfil/pf/pf_altq.h>
+#include <netpfil/pf/pf_mtag.h>
 #include <altq/altq.h>
 #ifdef ALTQ3_COMPAT
 #include <altq/altq_conf.h>

Modified: head/sys/contrib/altq/altq/altq_red.c
==============================================================================
--- head/sys/contrib/altq/altq/altq_red.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/contrib/altq/altq/altq_red.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -95,9 +95,9 @@
 #include <netinet/ip6.h>
 #endif
 
-#include <net/pf.h>
-#include <net/pf_altq.h>
-#include <net/pf_mtag.h>
+#include <netpfil/pf/pf.h>
+#include <netpfil/pf/pf_altq.h>
+#include <netpfil/pf/pf_mtag.h>
 #include <altq/altq.h>
 #include <altq/altq_red.h>
 #ifdef ALTQ3_COMPAT

Modified: head/sys/contrib/altq/altq/altq_rio.c
==============================================================================
--- head/sys/contrib/altq/altq/altq_rio.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/contrib/altq/altq/altq_rio.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -90,8 +90,8 @@
 #include <netinet/ip6.h>
 #endif
 
-#include <net/pf.h>
-#include <net/pf_altq.h>
+#include <netpfil/pf/pf.h>
+#include <netpfil/pf/pf_altq.h>
 #include <altq/altq.h>
 #include <altq/altq_cdnr.h>
 #include <altq/altq_red.h>

Modified: head/sys/contrib/altq/altq/altq_subr.c
==============================================================================
--- head/sys/contrib/altq/altq/altq_subr.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/contrib/altq/altq/altq_subr.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -65,8 +65,8 @@
 #include <netinet/tcp.h>
 #include <netinet/udp.h>
 
-#include <net/pf.h>
-#include <net/pf_altq.h>
+#include <netpfil/pf/pf.h>
+#include <netpfil/pf/pf_altq.h>
 #include <altq/altq.h>
 #ifdef ALTQ3_COMPAT
 #include <altq/altq_conf.h>

Modified: head/sys/net/if_ethersubr.c
==============================================================================
--- head/sys/net/if_ethersubr.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/net/if_ethersubr.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -63,10 +63,11 @@
 #include <net/if_bridgevar.h>
 #include <net/if_vlan_var.h>
 #include <net/if_llatbl.h>
-#include <net/pf_mtag.h>
 #include <net/pfil.h>
 #include <net/vnet.h>
 
+#include <netpfil/pf/pf_mtag.h>
+
 #if defined(INET) || defined(INET6)
 #include <netinet/in.h>
 #include <netinet/in_var.h>

Modified: head/sys/net/pfvar.h
==============================================================================
--- head/sys/net/pfvar.h	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/net/pfvar.h	Sun Oct 27 16:25:57 2013	(r257215)
@@ -41,9 +41,9 @@
 #include <net/radix.h>
 #include <netinet/in.h>
 
-#include <net/pf.h>
-#include <net/pf_altq.h>
-#include <net/pf_mtag.h>
+#include <netpfil/pf/pf.h>
+#include <netpfil/pf/pf_altq.h>
+#include <netpfil/pf/pf_mtag.h>
 
 struct pf_addr {
 	union {

Modified: head/sys/netpfil/ipfw/ip_fw2.c
==============================================================================
--- head/sys/netpfil/ipfw/ip_fw2.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/netpfil/ipfw/ip_fw2.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -61,10 +61,11 @@ __FBSDID("$FreeBSD$");
 #include <net/if.h>
 #include <net/if_var.h>
 #include <net/route.h>
-#include <net/pf_mtag.h>
 #include <net/pfil.h>
 #include <net/vnet.h>
 
+#include <netpfil/pf/pf_mtag.h>
+
 #include <netinet/in.h>
 #include <netinet/in_var.h>
 #include <netinet/in_pcb.h>

Modified: head/sys/netpfil/pf/pf.c
==============================================================================
--- head/sys/netpfil/pf/pf.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/netpfil/pf/pf.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -68,7 +68,6 @@ __FBSDID("$FreeBSD$");
 #include <net/vnet.h>
 
 #include <net/pfvar.h>
-#include <net/pf_mtag.h>
 #include <net/if_pflog.h>
 #include <net/if_pfsync.h>
 

Copied: head/sys/netpfil/pf/pf.h (from r257214, head/sys/net/pf.h)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/sys/netpfil/pf/pf.h	Sun Oct 27 16:25:57 2013	(r257215, copy of r257214, head/sys/net/pf.h)
@@ -0,0 +1,152 @@
+/*
+ * Copyright (c) 2001 Daniel Hartmeier
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *    - Redistributions of source code must retain the above copyright
+ *      notice, this list of conditions and the following disclaimer.
+ *    - Redistributions in binary form must reproduce the above
+ *      copyright notice, this list of conditions and the following
+ *      disclaimer in the documentation and/or other materials provided
+ *      with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ *	$OpenBSD: pfvar.h,v 1.282 2009/01/29 15:12:28 pyr Exp $
+ *	$FreeBSD$
+ */
+
+#ifndef	_NET_PF_H_
+#define	_NET_PFAR_H_
+
+#define	PF_TCPS_PROXY_SRC	((TCP_NSTATES)+0)
+#define	PF_TCPS_PROXY_DST	((TCP_NSTATES)+1)
+
+#define	PF_MD5_DIGEST_LENGTH	16
+#ifdef MD5_DIGEST_LENGTH
+#if PF_MD5_DIGEST_LENGTH != MD5_DIGEST_LENGTH
+#error
+#endif
+#endif
+
+enum	{ PF_INOUT, PF_IN, PF_OUT };
+enum	{ PF_PASS, PF_DROP, PF_SCRUB, PF_NOSCRUB, PF_NAT, PF_NONAT,
+	  PF_BINAT, PF_NOBINAT, PF_RDR, PF_NORDR, PF_SYNPROXY_DROP, PF_DEFER };
+enum	{ PF_RULESET_SCRUB, PF_RULESET_FILTER, PF_RULESET_NAT,
+	  PF_RULESET_BINAT, PF_RULESET_RDR, PF_RULESET_MAX };
+enum	{ PF_OP_NONE, PF_OP_IRG, PF_OP_EQ, PF_OP_NE, PF_OP_LT,
+	  PF_OP_LE, PF_OP_GT, PF_OP_GE, PF_OP_XRG, PF_OP_RRG };
+enum	{ PF_DEBUG_NONE, PF_DEBUG_URGENT, PF_DEBUG_MISC, PF_DEBUG_NOISY };
+enum	{ PF_CHANGE_NONE, PF_CHANGE_ADD_HEAD, PF_CHANGE_ADD_TAIL,
+	  PF_CHANGE_ADD_BEFORE, PF_CHANGE_ADD_AFTER,
+	  PF_CHANGE_REMOVE, PF_CHANGE_GET_TICKET };
+enum	{ PF_GET_NONE, PF_GET_CLR_CNTR };
+enum	{ PF_SK_WIRE, PF_SK_STACK, PF_SK_BOTH };
+
+/*
+ * Note about PFTM_*: real indices into pf_rule.timeout[] come before
+ * PFTM_MAX, special cases afterwards. See pf_state_expires().
+ */
+enum	{ PFTM_TCP_FIRST_PACKET, PFTM_TCP_OPENING, PFTM_TCP_ESTABLISHED,
+	  PFTM_TCP_CLOSING, PFTM_TCP_FIN_WAIT, PFTM_TCP_CLOSED,
+	  PFTM_UDP_FIRST_PACKET, PFTM_UDP_SINGLE, PFTM_UDP_MULTIPLE,
+	  PFTM_ICMP_FIRST_PACKET, PFTM_ICMP_ERROR_REPLY,
+	  PFTM_OTHER_FIRST_PACKET, PFTM_OTHER_SINGLE,
+	  PFTM_OTHER_MULTIPLE, PFTM_FRAG, PFTM_INTERVAL,
+	  PFTM_ADAPTIVE_START, PFTM_ADAPTIVE_END, PFTM_SRC_NODE,
+	  PFTM_TS_DIFF, PFTM_MAX, PFTM_PURGE, PFTM_UNLINKED,
+	  PFTM_UNTIL_PACKET };
+
+/* PFTM default values */
+#define PFTM_TCP_FIRST_PACKET_VAL	120	/* First TCP packet */
+#define PFTM_TCP_OPENING_VAL		30	/* No response yet */
+#define PFTM_TCP_ESTABLISHED_VAL	24*60*60/* Established */
+#define PFTM_TCP_CLOSING_VAL		15 * 60	/* Half closed */
+#define PFTM_TCP_FIN_WAIT_VAL		45	/* Got both FINs */
+#define PFTM_TCP_CLOSED_VAL		90	/* Got a RST */
+#define PFTM_UDP_FIRST_PACKET_VAL	60	/* First UDP packet */
+#define PFTM_UDP_SINGLE_VAL		30	/* Unidirectional */
+#define PFTM_UDP_MULTIPLE_VAL		60	/* Bidirectional */
+#define PFTM_ICMP_FIRST_PACKET_VAL	20	/* First ICMP packet */
+#define PFTM_ICMP_ERROR_REPLY_VAL	10	/* Got error response */
+#define PFTM_OTHER_FIRST_PACKET_VAL	60	/* First packet */
+#define PFTM_OTHER_SINGLE_VAL		30	/* Unidirectional */
+#define PFTM_OTHER_MULTIPLE_VAL		60	/* Bidirectional */
+#define PFTM_FRAG_VAL			30	/* Fragment expire */
+#define PFTM_INTERVAL_VAL		10	/* Expire interval */
+#define PFTM_SRC_NODE_VAL		0	/* Source tracking */
+#define PFTM_TS_DIFF_VAL		30	/* Allowed TS diff */
+
+enum	{ PF_NOPFROUTE, PF_FASTROUTE, PF_ROUTETO, PF_DUPTO, PF_REPLYTO };
+enum	{ PF_LIMIT_STATES, PF_LIMIT_SRC_NODES, PF_LIMIT_FRAGS,
+	  PF_LIMIT_TABLE_ENTRIES, PF_LIMIT_MAX };
+#define PF_POOL_IDMASK		0x0f
+enum	{ PF_POOL_NONE, PF_POOL_BITMASK, PF_POOL_RANDOM,
+	  PF_POOL_SRCHASH, PF_POOL_ROUNDROBIN };
+enum	{ PF_ADDR_ADDRMASK, PF_ADDR_NOROUTE, PF_ADDR_DYNIFTL,
+	  PF_ADDR_TABLE, PF_ADDR_URPFFAILED,
+	  PF_ADDR_RANGE };
+#define PF_POOL_TYPEMASK	0x0f
+#define PF_POOL_STICKYADDR	0x20
+#define	PF_WSCALE_FLAG		0x80
+#define	PF_WSCALE_MASK		0x0f
+
+#define	PF_LOG			0x01
+#define	PF_LOG_ALL		0x02
+#define	PF_LOG_SOCKET_LOOKUP	0x04
+
+/* Reasons code for passing/dropping a packet */
+#define PFRES_MATCH	0		/* Explicit match of a rule */
+#define PFRES_BADOFF	1		/* Bad offset for pull_hdr */
+#define PFRES_FRAG	2		/* Dropping following fragment */
+#define PFRES_SHORT	3		/* Dropping short packet */
+#define PFRES_NORM	4		/* Dropping by normalizer */
+#define PFRES_MEMORY	5		/* Dropped due to lacking mem */
+#define PFRES_TS	6		/* Bad TCP Timestamp (RFC1323) */
+#define PFRES_CONGEST	7		/* Congestion (of ipintrq) */
+#define PFRES_IPOPTIONS 8		/* IP option */
+#define PFRES_PROTCKSUM 9		/* Protocol checksum invalid */
+#define PFRES_BADSTATE	10		/* State mismatch */
+#define PFRES_STATEINS	11		/* State insertion failure */
+#define PFRES_MAXSTATES	12		/* State limit */
+#define PFRES_SRCLIMIT	13		/* Source node/conn limit */
+#define PFRES_SYNPROXY	14		/* SYN proxy */
+#define PFRES_MAX	15		/* total+1 */
+
+#define PFRES_NAMES { \
+	"match", \
+	"bad-offset", \
+	"fragment", \
+	"short", \
+	"normalize", \
+	"memory", \
+	"bad-timestamp", \
+	"congestion", \
+	"ip-option", \
+	"proto-cksum", \
+	"state-mismatch", \
+	"state-insert", \
+	"state-limit", \
+	"src-limit", \
+	"synproxy", \
+	NULL \
+}
+
+#define	PF_TABLE_NAME_SIZE	32
+#define	PF_QNAME_SIZE		64
+
+#endif	/* _NET_PF_H_ */

Copied: head/sys/netpfil/pf/pf_altq.h (from r257189, head/sys/net/pf_altq.h)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/sys/netpfil/pf/pf_altq.h	Sun Oct 27 16:25:57 2013	(r257215, copy of r257189, head/sys/net/pf_altq.h)
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 2001 Daniel Hartmeier
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *    - Redistributions of source code must retain the above copyright
+ *      notice, this list of conditions and the following disclaimer.
+ *    - Redistributions in binary form must reproduce the above
+ *      copyright notice, this list of conditions and the following
+ *      disclaimer in the documentation and/or other materials provided
+ *      with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ *	$OpenBSD: pfvar.h,v 1.282 2009/01/29 15:12:28 pyr Exp $
+ *	$FreeBSD$
+ */
+
+#ifndef	_NET_PF_ALTQ_H_
+#define	_NET_PF_ALTQ_H_
+
+struct cbq_opts {
+	u_int		minburst;
+	u_int		maxburst;
+	u_int		pktsize;
+	u_int		maxpktsize;
+	u_int		ns_per_byte;
+	u_int		maxidle;
+	int		minidle;
+	u_int		offtime;
+	int		flags;
+};
+
+struct priq_opts {
+	int		flags;
+};
+
+struct hfsc_opts {
+	/* real-time service curve */
+	u_int		rtsc_m1;	/* slope of the 1st segment in bps */
+	u_int		rtsc_d;		/* the x-projection of m1 in msec */
+	u_int		rtsc_m2;	/* slope of the 2nd segment in bps */
+	/* link-sharing service curve */
+	u_int		lssc_m1;
+	u_int		lssc_d;
+	u_int		lssc_m2;
+	/* upper-limit service curve */
+	u_int		ulsc_m1;
+	u_int		ulsc_d;
+	u_int		ulsc_m2;
+	int		flags;
+};
+
+struct pf_altq {
+	char			 ifname[IFNAMSIZ];
+
+	void			*altq_disc;	/* discipline-specific state */
+	TAILQ_ENTRY(pf_altq)	 entries;
+
+	/* scheduler spec */
+	uint8_t			 scheduler;	/* scheduler type */
+	uint16_t		 tbrsize;	/* tokenbucket regulator size */
+	uint32_t		 ifbandwidth;	/* interface bandwidth */
+
+	/* queue spec */
+	char			 qname[PF_QNAME_SIZE];	/* queue name */
+	char			 parent[PF_QNAME_SIZE];	/* parent name */
+	uint32_t		 parent_qid;	/* parent queue id */
+	uint32_t		 bandwidth;	/* queue bandwidth */
+	uint8_t			 priority;	/* priority */
+	uint8_t			 local_flags;	/* dynamic interface */
+#define	PFALTQ_FLAG_IF_REMOVED		0x01
+
+	uint16_t		 qlimit;	/* queue size limit */
+	uint16_t		 flags;		/* misc flags */
+	union {
+		struct cbq_opts		 cbq_opts;
+		struct priq_opts	 priq_opts;
+		struct hfsc_opts	 hfsc_opts;
+	} pq_u;
+
+	uint32_t		 qid;		/* return value */
+};
+
+#endif	/* _NET_PF_ALTQ_H_ */

Modified: head/sys/netpfil/pf/pf_lb.c
==============================================================================
--- head/sys/netpfil/pf/pf_lb.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/netpfil/pf/pf_lb.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -52,7 +52,6 @@ __FBSDID("$FreeBSD$");
 #include <net/vnet.h>
 #include <net/pfvar.h>
 #include <net/if_pflog.h>
-#include <net/pf_mtag.h>
 
 #define DPFPRINTF(n, x)	if (V_pf_status.debug >= (n)) printf x
 

Copied: head/sys/netpfil/pf/pf_mtag.h (from r257189, head/sys/net/pf_mtag.h)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/sys/netpfil/pf/pf_mtag.h	Sun Oct 27 16:25:57 2013	(r257215, copy of r257189, head/sys/net/pf_mtag.h)
@@ -0,0 +1,62 @@
+/*	$FreeBSD$	*/
+/*
+ * Copyright (c) 2001 Daniel Hartmeier
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *    - Redistributions of source code must retain the above copyright
+ *      notice, this list of conditions and the following disclaimer.
+ *    - Redistributions in binary form must reproduce the above
+ *      copyright notice, this list of conditions and the following
+ *      disclaimer in the documentation and/or other materials provided
+ *      with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef _NET_PF_MTAG_H_
+#define _NET_PF_MTAG_H_
+
+#ifdef _KERNEL
+
+#define	PF_TAG_GENERATED		0x01
+#define	PF_TAG_FRAGCACHE		0x02
+#define	PF_TAG_TRANSLATE_LOCALHOST	0x04
+#define	PF_PACKET_LOOPED		0x08
+#define	PF_FASTFWD_OURS_PRESENT		0x10
+
+struct pf_mtag {
+	void		*hdr;		/* saved hdr pos in mbuf, for ECN */
+	u_int32_t	 qid;		/* queue id */
+	u_int16_t	 tag;		/* tag id */
+	u_int8_t	 flags;
+	u_int8_t	 routed;
+};
+
+static __inline struct pf_mtag *
+pf_find_mtag(struct mbuf *m)
+{
+	struct m_tag	*mtag;
+
+	if ((mtag = m_tag_find(m, PACKET_TAG_PF, NULL)) == NULL)
+		return (NULL);
+
+	return ((struct pf_mtag *)(mtag + 1));
+}
+#endif /* _KERNEL */
+#endif /* _NET_PF_MTAG_H_ */

Modified: head/sys/netpfil/pf/pf_norm.c
==============================================================================
--- head/sys/netpfil/pf/pf_norm.c	Sun Oct 27 16:20:52 2013	(r257214)
+++ head/sys/netpfil/pf/pf_norm.c	Sun Oct 27 16:25:57 2013	(r257215)
@@ -43,7 +43,6 @@ __FBSDID("$FreeBSD$");
 #include <net/if.h>
 #include <net/vnet.h>
 #include <net/pfvar.h>
-#include <net/pf_mtag.h>
 #include <net/if_pflog.h>
 
 #include <netinet/in.h>