Date: Mon, 18 Oct 2010 22:16:36 -0500 From: Brandon Gooch <jamesbrandongooch@gmail.com> To: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org> Cc: freebsd-net <freebsd-net@freebsd.org>, freebsd-pf@freebsd.org Subject: Re: [PATCH] pf(4) patch from OpenBSD 4.5 Message-ID: <AANLkTikONa7W-bVS=do8B2zaFtDYqL7nZ2WR=%2BHpKKsS@mail.gmail.com> In-Reply-To: <AANLkTinXNRKSwjuOeQkDTANhSSbHYHZnf4SvaFHbEdrg@mail.gmail.com> References: <AANLkTinXNRKSwjuOeQkDTANhSSbHYHZnf4SvaFHbEdrg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 18, 2010 at 1:10 PM, Ermal Lu=E7i <eri@freebsd.org> wrote: > Hello, > > the link http://people.freebsd.org/~eri/pf45_1.diff has the patch for > pf(4) as of OpenBSD 4.5 version. > The patch is against HEAD. > After OpenBSD 4.5 the syntax has changed and this is the reason for > such an 'old' version patch. > > After importing this one the work will go on the newest version and > decisions on it will than be done. > > Be aware that this patch has even support for VIMAGE/VNET. > It will enable you to run pf(4) with[in] jails+vnets or just vnets > themselves with separate rulesets > and policies. > pfsync(4) can be loaded as a module also with this patch. > > Feedback is very welcome. Should this compile against HEAD, because I think we're missing a header: brandon@x300:~$ cd /usr/src brandon@x300:/usr/src$ patch < ~/pf45_1.diff brandon@x300:/usr/src$ cd /usr/src/sys/modules/pf brandon@x300:modules/pf$ sudo make Warning: Object directory not changed from original /usr/src/sys/modules/pf @ -> /usr/src/sys machine -> /usr/src/sys/amd64/include echo "#define DEV_PF 1" > opt_pf.h echo "#define DEV_PFLOG 1" >> opt_pf.h echo "#define DEV_PFSYNC 1" >> opt_pf.h echo "#define DEV_PFLOW 1" >> opt_pf.h echo "#define INET 1" > opt_inet.h echo "#define INET6 1" > opt_inet6.h echo "#define DEV_BPF 1" > opt_bpf.h :> opt_global.h clang -O2 -pipe -fno-strict-aliasing -D_KERNEL -DKLD_MODULE -nostdinc -I/usr/src/sys/modules/pf/../../contrib/pf -I. -I@ -I@/contrib/altq -fno-common -fno-omit-frame-pointer -mcmodel=3Dkernel -mno-red-zone -mfpmath=3D387 -mno-sse -mno-sse2 -mno-sse3 -mno-mmx -mno-3dnow -msoft-float -fno-asynchronous-unwind-tables -ffreestanding -fstack-protector -std=3Diso9899:1999 -fstack-protector -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -c /usr/src/sys/modules/pf/../../contrib/pf/net/pf.c clang: warning: argument unused during compilation: '-mfpmath=3D387' /usr/src/sys/modules/pf/../../contrib/pf/net/pf.c:149:10: fatal error: 'net/if_pflow.h' file not found #include <net/if_pflow.h> ^ 1 error generated. *** Error code 1 Thanks for working on this! -Brandon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTikONa7W-bVS=do8B2zaFtDYqL7nZ2WR=%2BHpKKsS>