diff options
author | Kristof Provost <kp@FreeBSD.org> | 2021-03-02 15:01:04 +0000 |
---|---|---|
committer | Kristof Provost <kp@FreeBSD.org> | 2021-07-17 10:01:08 +0000 |
commit | ef950daa35d43dd396958ca28ce9de0514daf873 (patch) | |
tree | 9a9901921c6be125706b6feb6fa609e9097711a3 /sys/net/pfvar.h | |
parent | be7c64704edffc774937b8d39218da38a9f06f3a (diff) | |
download | src-ef950daa35d43dd396958ca28ce9de0514daf873.tar.gz src-ef950daa35d43dd396958ca28ce9de0514daf873.zip |
pf: match keyword support
Support the 'match' keyword.
Note that support is limited to adding queuing information, so without
ALTQ support in the kernel setting match rules is pointless.
For the avoidance of doubt: this is NOT full support for the match
keyword as found in OpenBSD's pf. That could potentially be built on top
of this, but this commit is NOT that.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31115
Diffstat (limited to 'sys/net/pfvar.h')
-rw-r--r-- | sys/net/pfvar.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 17af5d46a183..46b71c5eedce 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -332,6 +332,11 @@ struct pf_kpool { u_int8_t opts; }; +struct pf_rule_actions { + u_int32_t qid; + u_int32_t pqid; +}; + union pf_krule_ptr { struct pf_krule *ptr; u_int32_t nr; @@ -607,6 +612,8 @@ struct pf_kstate { u_int32_t creation; u_int32_t expire; u_int32_t pfsync_time; + u_int32_t qid; + u_int32_t pqid; u_int16_t tag; u_int8_t log; u_int8_t state_flags; @@ -1057,6 +1064,7 @@ struct pf_pdesc { u_int16_t *sport; u_int16_t *dport; struct pf_mtag *pf_mtag; + struct pf_rule_actions act; u_int32_t p_len; /* total length of payload */ |