From afa2f73a31fdf3656205ec04d34c25b62f17d807 Mon Sep 17 00:00:00 2001 From: peter Date: Wed, 11 May 2005 22:01:28 +0000 Subject: Update to 20050511. Changes: Updated to OpenBSD 3.7 pf: * Support limiting TCP connections by establishment rate, automatically adding flooding IP addresses to tables and flushing states (max-src-conn-rate, overload , flush global). * Improved functionality of tags (tag and tagged for translation rules, tagging of all packets matching state entries). * Improved diagnostics (error messages and additional counters from pfctl -si). * New keyword set skip on to skip filtering on arbitrary interfaces, like loopback. * Several bugfixes improving stability. ALTQ is now also supported by using the option 'altq', see the homepage for information about how to apply the kernel patch. Approved by: Thomas Klausner --- security/pflkm/DESCR | 2 +- security/pflkm/Makefile | 28 +++++++++++++++++++++++----- security/pflkm/builtin.mk | 10 +++++++--- security/pflkm/distinfo | 8 ++++---- 4 files changed, 35 insertions(+), 13 deletions(-) (limited to 'security') diff --git a/security/pflkm/DESCR b/security/pflkm/DESCR index bb77023f0eb..641eb77a0db 100644 --- a/security/pflkm/DESCR +++ b/security/pflkm/DESCR @@ -6,4 +6,4 @@ PF was originally developed by Daniel Hartmeier and is now maintained and developed by Daniel and the rest of the OpenBSD team. This package includes a complete port (LKM and userland utilities) from -OpenBSD 3.6 to NetBSD 2.0. +OpenBSD 3.7 to NetBSD 2.0. diff --git a/security/pflkm/Makefile b/security/pflkm/Makefile index 770c5feaf93..4adcd49ae30 100644 --- a/security/pflkm/Makefile +++ b/security/pflkm/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.6 2005/04/11 21:47:17 tv Exp $ +# $NetBSD: Makefile,v 1.7 2005/05/11 22:01:28 peter Exp $ -DISTNAME= pflkm-20050118 +DISTNAME= pflkm-20050511 CATEGORIES= security ipv6 MASTER_SITES= http://nedbsd.nl/~ppostma/pf/ @@ -23,18 +23,36 @@ CONF_FILES+= ${PREFIX}/share/examples/${PKGBASE}/pf.os \ ${PKG_SYSCONFDIR}/pf.os CONF_FILES_MODE= 0600 -OWN_DIRS= ${PREFIX}/lkm ${VARBASE}/chroot/pflogd +OWN_DIRS= ${VARBASE}/chroot/pflogd OWN_DIRS+= ${PREFIX}/share/examples/${PKGBASE} -MAKE_DIRS= ${PREFIX}/include/net +INSTALLATION_DIRS= lkm include/net PKG_OPTIONS_VAR= PKG_OPTIONS.pf -PKG_SUPPORTED_OPTIONS= ifevents +PKG_SUPPORTED_OPTIONS= altq ifevents .include "../../mk/bsd.options.mk" .include "../../mk/bsd.prefs.mk" +.if !empty(PKG_OPTIONS:Maltq) +# Check if the kernel source was patched. +_IS_PATCHED_!= ${GREP} -c altq_pfattach ${NETBSDSRCDIR}/sys/altq/altq_subr.c || ${TRUE} +.if ${_IS_PATCHED_} == "1" +MAKE_ENV+= ALTQ=yes +.else +PKG_FAIL_REASON+= "It appears that you didn't applied the ALTQ patch to your kernel sources." +PKG_FAIL_REASON+= "Please see: http://nedbsd.nl/~ppostma/pf/\#altq" +.endif +.endif + .if !empty(PKG_OPTIONS:Mifevents) +# Check if the kernel source was patched. +_IS_PATCHED_!= ${GREP} -c if_event_add ${NETBSDSRCDIR}/sys/net/if.c || ${TRUE} +.if ${_IS_PATCHED_} == "1" MAKE_ENV+= IFEVENTS=yes +.else +PKG_FAIL_REASON+= "It appears that you didn't applied the if_events patch to your kernel sources." +PKG_FAIL_REASON+= "Please see: http://nedbsd.nl/~ppostma/pf/\#if_events" +.endif .endif post-install: diff --git a/security/pflkm/builtin.mk b/security/pflkm/builtin.mk index 9083add793e..755b860181c 100644 --- a/security/pflkm/builtin.mk +++ b/security/pflkm/builtin.mk @@ -1,6 +1,6 @@ -# $NetBSD: builtin.mk,v 1.2 2004/12/01 00:20:20 peter Exp $ +# $NetBSD: builtin.mk,v 1.3 2005/05/11 22:01:28 peter Exp $ -_PF_VERSION= 3.6 # pkg default +_PF_VERSION= 3.7 # pkg default _PF_PFVAR_H= /usr/include/net/pfvar.h .if !defined(IS_BUILTIN.pflkm) @@ -8,10 +8,14 @@ IS_BUILTIN.pflkm= no . if exists(${_PF_PFVAR_H}) IS_BUILTIN.pflkm= yes +# OpenBSD 3.7: pf_threshold added +_PF_3_7!= ${GREP} -c pf_threshold ${_PF_PFVAR_H} || ${TRUE} # OpenBSD 3.6: pf_cksum_fixup added _PF_3_6!= ${GREP} -c pf_cksum_fixup ${_PF_PFVAR_H} || ${TRUE} -.if ${_PF_3_6} == "1" +.if ${_PF_3_7} == "1" +BUILTIN_PKG.pflkm= 3.7 +.elif ${_PF_3_6} == "1" BUILTIN_PKG.pflkm= 3.6 .else BUILTIN_PKG.pflkm= 3.5 diff --git a/security/pflkm/distinfo b/security/pflkm/distinfo index f2d2c8a93b6..43ae0bbcefd 100644 --- a/security/pflkm/distinfo +++ b/security/pflkm/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.4 2005/02/24 13:10:11 agc Exp $ +$NetBSD: distinfo,v 1.5 2005/05/11 22:01:28 peter Exp $ -SHA1 (pflkm-20050118.tar.gz) = 1f03fa4656f23594a260dafd6373b289daad4775 -RMD160 (pflkm-20050118.tar.gz) = 3ac6b17e95ae141b1dd2e4bd44a6124a4863cd1e -Size (pflkm-20050118.tar.gz) = 886852 bytes +SHA1 (pflkm-20050511.tar.gz) = 83e9ea9a4c666ddea69a18d63f3f9f8a55e92f0c +RMD160 (pflkm-20050511.tar.gz) = 8243fed8cbe7eebd9da6e83851700eea6f8d5275 +Size (pflkm-20050511.tar.gz) = 892106 bytes -- cgit v1.2.3