[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
documentation/3822: pf(4) patch
- To: gnats@openbsd.org
- Subject: documentation/3822: pf(4) patch
- From: Jeff Wilson <wilsonj@cs.ecs.baylor.edu>
- Date: Wed, 16 Jun 2004 16:26:03 -0500 (CDT)
- Resent-Date: Wed, 16 Jun 2004 15:40:03 -0600 (MDT)
- Resent-From: gnats@cvs.openbsd.org (GNATS Filer)
- Resent-Message-Id: <200406162140.i5GLe3AW028752@cvs.openbsd.org>
- Resent-Reply-To: gnats@cvs.openbsd.org, wilsonj@cs.ecs.baylor.edu
- Resent-To: bugs@cvs.openbsd.org
>Number: 3822
>Category: documentation
>Synopsis: patch of pf(4)
>Confidential: yes
>Severity: non-critical
>Priority: low
>Responsible: bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Wed Jun 16 21:40:01 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Jeff Wilson
>Release: OPENBSD_3_5
>Organization:
Baylor University
net
>Environment:
System : OpenBSD 3.5
Architecture: all
Machine : all
>Description:
Current pf(4) man page leaves room for improvement. Attached
are a few suggestions towards that end.
>How-To-Repeat:
Problem is only repeatable by newbies. Poor idiot (me) tries
to create a C program to manipulate radix tables in pf, using only
pf(4), and he's guaranteed to be drinking, cussing, or otherwise
showing signs of high frustration. Attached is a rough draft of one
or two points that would have made my ascension up the learning
curve much easier.
>Fix:
--- pf.4.org Tue Jun 15 17:42:12 2004
+++ pf.4 Tue Jun 15 21:41:24 2004
@@ -363,8 +363,18 @@
.It Dv DIOCGETLIMIT Fa "struct pfioc_limit"
.It Dv DIOCRCLRTABLES Fa "struct pfioc_table"
Clear all tables.
+
+NOTE:
All the IOCTLs that manipulate radix tables
-use the same structure described below.
+use the same structure described below. Set
+pfrt_name to the name of the table as
+specified in pf.conf(5), without the angle
+brackets (e.g., to modify <table1>, set
+pfrt_name to "table1"). Set pfrio_esize to
+the size of the elements held in
+pfrio_buffer. Set pfrio_size to the number
+of elements held by pfrio_buffer.
+
For
.Dv DIOCRCLRTABLES, pfrio_ndel contains on exit the number
of tables deleted.
@@ -443,7 +453,11 @@
.It Dv DIOCRADDADDRS Fa "struct pfioc_table"
Add one or more addresses to a table.
On entry, pfrio_table contains the table id and pfrio_buffer[pfrio_size]
-contains the list of pfr_addr structures to add.
+contains the list of pfr_addr structures to add.
+For example, to add a single IPv4 address, set pfra_ip4addr
+to the network byte-ordered address, set pfra_af to AF_INET,
+and set pfra_net to the size of the network (one IP means a
+32 bit subnet mask, so pfra_net is set to 32).
On exit, pfrio_nadd contains the number of addresses effectively added.
.Bd -literal
struct pfr_addr {
>Release-Note:
>Audit-Trail:
>Unformatted:
To: gnats@openbsd.org
Subject: pf(4) patch
From: wilsonj@cs.baylor.edu
Cc:
Reply-To: jwilson
X-sendbug-version: 3.97