From owner-freebsd-net@FreeBSD.ORG Tue Oct 19 03:16:38 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D3881106566C for ; Tue, 19 Oct 2010 03:16:38 +0000 (UTC) (envelope-from jamesbrandongooch@gmail.com) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 1AAC48FC0C for ; Tue, 19 Oct 2010 03:16:37 +0000 (UTC) Received: by wwb13 with SMTP id 13so1066675wwb.31 for ; Mon, 18 Oct 2010 20:16:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=KNglrZGlqKNRcnJukhqTu94peDU8dKi9ZMEr6tTZrz0=; b=wVuoIZuf9cuLxG4FAlneYbm2TkZOJ66UjMsOJzfp4Viaat093OWDzvlVeXHmOHK5PI 8ngZSlyEelyZhlSUc5jGC+5qSUjXJjHAwy7YX56LrdoALF1Z1gtwTya7Agl+22IhBU4u bBNAFQhScI27fLFVEWWap5qMUF1jJiLK/ph3s= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=eYGF3T3JPx/mCL2beHfsXyyAKwjTeX7SYPdsVWDEiHLlPN9SUKXawpJvIMkDVfulxF jLxwaS6V6hjpEcOaAtc/HB1vCDCDND+XtIigryJ7c7Cdm0YI4tFsEtBQ8765OxHvWUZi r63/JLZsbultZcrgdFaCkBObAGuWZ3uJJCnNI= MIME-Version: 1.0 Received: by 10.227.208.73 with SMTP id gb9mr5562348wbb.13.1287458196065; Mon, 18 Oct 2010 20:16:36 -0700 (PDT) Received: by 10.216.55.135 with HTTP; Mon, 18 Oct 2010 20:16:36 -0700 (PDT) In-Reply-To: References: Date: Mon, 18 Oct 2010 22:16:36 -0500 Message-ID: From: Brandon Gooch To: =?ISO-8859-1?Q?Ermal_Lu=E7i?= Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-net , freebsd-pf@freebsd.org Subject: Re: [PATCH] pf(4) patch from OpenBSD 4.5 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Oct 2010 03:16:39 -0000 On Mon, Oct 18, 2010 at 1:10 PM, Ermal Lu=E7i wrote: > Hello, > > the link http://people.freebsd.org/~eri/pf45_1.diff has the patch for > pf(4) as of OpenBSD 4.5 version. > The patch is against HEAD. > After OpenBSD 4.5 the syntax has changed and this is the reason for > such an 'old' version patch. > > After importing this one the work will go on the newest version and > decisions on it will than be done. > > Be aware that this patch has even support for VIMAGE/VNET. > It will enable you to run pf(4) with[in] jails+vnets or just vnets > themselves with separate rulesets > and policies. > pfsync(4) can be loaded as a module also with this patch. > > Feedback is very welcome. Should this compile against HEAD, because I think we're missing a header: brandon@x300:~$ cd /usr/src brandon@x300:/usr/src$ patch < ~/pf45_1.diff brandon@x300:/usr/src$ cd /usr/src/sys/modules/pf brandon@x300:modules/pf$ sudo make Warning: Object directory not changed from original /usr/src/sys/modules/pf @ -> /usr/src/sys machine -> /usr/src/sys/amd64/include echo "#define DEV_PF 1" > opt_pf.h echo "#define DEV_PFLOG 1" >> opt_pf.h echo "#define DEV_PFSYNC 1" >> opt_pf.h echo "#define DEV_PFLOW 1" >> opt_pf.h echo "#define INET 1" > opt_inet.h echo "#define INET6 1" > opt_inet6.h echo "#define DEV_BPF 1" > opt_bpf.h :> opt_global.h clang -O2 -pipe -fno-strict-aliasing -D_KERNEL -DKLD_MODULE -nostdinc -I/usr/src/sys/modules/pf/../../contrib/pf -I. -I@ -I@/contrib/altq -fno-common -fno-omit-frame-pointer -mcmodel=3Dkernel -mno-red-zone -mfpmath=3D387 -mno-sse -mno-sse2 -mno-sse3 -mno-mmx -mno-3dnow -msoft-float -fno-asynchronous-unwind-tables -ffreestanding -fstack-protector -std=3Diso9899:1999 -fstack-protector -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -c /usr/src/sys/modules/pf/../../contrib/pf/net/pf.c clang: warning: argument unused during compilation: '-mfpmath=3D387' /usr/src/sys/modules/pf/../../contrib/pf/net/pf.c:149:10: fatal error: 'net/if_pflow.h' file not found #include ^ 1 error generated. *** Error code 1 Thanks for working on this! -Brandon