Home
last modified time | relevance | path

Searched refs:ruleset (Results 1 – 25 of 61) sorted by relevance

123

/src/sbin/pfctl/
H A Dpf_ruleset.c80 #define pf_main_ruleset pf_main_anchor.ruleset
130 pf_init_ruleset(struct pfctl_ruleset *ruleset) in pf_init_ruleset() argument
134 memset(ruleset, 0, sizeof(struct pfctl_ruleset)); in pf_init_ruleset()
136 TAILQ_INIT(&ruleset->rules[i].queues[0]); in pf_init_ruleset()
137 TAILQ_INIT(&ruleset->rules[i].queues[1]); in pf_init_ruleset()
138 ruleset->rules[i].active.ptr = &ruleset->rules[i].queues[0]; in pf_init_ruleset()
139 ruleset->rules[i].inactive.ptr = &ruleset->rules[i].queues[1]; in pf_init_ruleset()
170 return (&anchor->ruleset); in pf_find_ruleset()
177 struct pfctl_ruleset *ruleset; in pf_find_or_create_ruleset() local
184 ruleset = pf_find_ruleset(path); in pf_find_or_create_ruleset()
[all …]
H A Dparse.y679 ruleset : /* empty */
680 | ruleset include '\n'
681 | ruleset '\n'
682 | ruleset option '\n'
683 | ruleset statelim '\n'
684 | ruleset sourcelim '\n'
685 | ruleset etherrule '\n'
686 | ruleset etheranchorrule '\n'
687 | ruleset scrubrule '\n'
688 | ruleset natrule '\n'
[all …]
H A Dpfctl.c2173 rs = &pf->anchor->ruleset; in pfctl_append_rule()
2196 rs = &pf->eanchor->ruleset; in pfctl_append_eth_rule()
2205 pf_init_eth_ruleset(&r->anchor->ruleset); in pfctl_append_eth_rule()
2206 r->anchor->ruleset.anchor = r->anchor; in pfctl_append_eth_rule()
2390 &r->anchor->ruleset, depth + 1))) in pfctl_load_eth_ruleset()
2472 pf->anchor->ruleset.tticket, in pfctl_load_tables()
2531 &r->anchor->ruleset, rs_num, depth + 1))) in pfctl_load_ruleset()
2569 pf->anchor->ruleset.tticket = ticket; in pfctl_load_rule()
2671 pf_init_ruleset(&pf_main_anchor.ruleset); in pfctl_rules()
2674 pf_main_anchor.ruleset.anchor = &pf_main_anchor; in pfctl_rules()
[all …]
/src/sys/netpfil/pf/
H A Dpf_ruleset.c146 pf_init_kruleset(struct pf_kruleset *ruleset) in pf_init_kruleset() argument
150 memset(ruleset, 0, sizeof(struct pf_kruleset)); in pf_init_kruleset()
152 TAILQ_INIT(&ruleset->rules[i].queues[0]); in pf_init_kruleset()
153 TAILQ_INIT(&ruleset->rules[i].queues[1]); in pf_init_kruleset()
154 ruleset->rules[i].active.ptr = &ruleset->rules[i].queues[0]; in pf_init_kruleset()
155 ruleset->rules[i].inactive.ptr = &ruleset->rules[i].queues[1]; in pf_init_kruleset()
187 return (&anchor->ruleset); in pf_find_kruleset()
192 struct pf_kruleset *ruleset; in pf_get_leaf_kruleset() local
200 ruleset = pf_find_kruleset(p); in pf_get_leaf_kruleset()
202 while (ruleset == NULL) { in pf_get_leaf_kruleset()
[all …]
H A Dif_pflog.c246 struct pf_kruleset *ruleset, struct pf_pdesc *pd, int lookupsafe, in pflog_packet() argument
277 if (ruleset != NULL && ruleset->anchor != NULL) in pflog_packet()
278 strlcpy(hdr.ruleset, ruleset->anchor->name, in pflog_packet()
279 sizeof(hdr.ruleset)); in pflog_packet()
H A Dpf_ioctl.c247 int flags, void *ruleset __unused, struct inpcb *inp);
249 int flags, void *ruleset __unused, struct inpcb *inp);
252 int flags, void *ruleset __unused, struct inpcb *inp);
254 int flags, void *ruleset __unused, struct inpcb *inp);
258 int flags, void *ruleset __unused, struct inpcb *inp);
260 int flags, void *ruleset __unused, struct inpcb *inp);
444 struct pf_kruleset *ruleset; in pf_get_kpool() local
450 ruleset = pf_find_kruleset(anchor); in pf_get_kpool()
451 if (ruleset == NULL) in pf_get_kpool()
458 ruleset->rules[rs_num].active.ticket) in pf_get_kpool()
[all …]
H A Dpf_if.c560 struct pf_kruleset *ruleset = NULL; in pfi_dynaddr_setup() local
599 if ((ruleset = pf_find_or_create_kruleset(PF_RESERVED_ANCHOR)) == NULL) { in pfi_dynaddr_setup()
604 if ((dyn->pfid_kt = pfr_attach_table(ruleset, tblname)) == NULL) { in pfi_dynaddr_setup()
624 if (ruleset != NULL) in pfi_dynaddr_setup()
625 pf_remove_if_empty_kruleset(ruleset); in pfi_dynaddr_setup()
/src/contrib/byacc/
H A Dclosure.c7 unsigned *ruleset; variable
121 rsend = ruleset + rulesetsize; in closure()
122 for (rsp = ruleset; rsp < rsend; rsp++) in closure()
133 rsp = ruleset; in closure()
142 for (rsp = ruleset; rsp < rsend; ++rsp) in closure()
176 FREE(ruleset); in finalize_closure()
/src/sbin/pfilctl/
H A Dpfilctl.c183 char *ruleset; in hook() local
215 if ((ruleset = strchr(argv[0], ':')) == NULL) in hook()
217 *ruleset = '\0'; in hook()
218 ruleset++; in hook()
222 strlcpy(req.pio_ruleset, ruleset, sizeof(req.pio_ruleset)); in hook()
/src/sys/net/
H A Ddummymbuf.c359 int flags, void *ruleset, void *unused) in dmb_pfil_mbuf_chk() argument
405 void *ruleset, struct inpcb *inp) in dmb_pfil_inet_mbuf_chk() argument
408 ruleset, inp)); in dmb_pfil_inet_mbuf_chk()
415 void *ruleset, struct inpcb *inp) in dmb_pfil_inet6_mbuf_chk() argument
418 ruleset, inp)); in dmb_pfil_inet6_mbuf_chk()
424 void *ruleset, struct inpcb *inp) in dmb_pfil_ethernet_mbuf_chk() argument
427 ruleset, inp)); in dmb_pfil_ethernet_mbuf_chk()
H A Dif_pflog.h44 char ruleset[PFLOG_RULESET_NAME_SIZE]; member
/src/contrib/sendmail/src/
H A Dreadcf.c150 int ruleset = -1; local
243 if (ruleset < 0)
260 RewriteRules[ruleset] = rwp =
522 ruleset = strtorwset(exbuf, NULL, ST_ENTER);
523 if (ruleset < 0)
526 rwp = RewriteRules[ruleset];
2177 register int ruleset; in printrules() local
2179 for (ruleset = 0; ruleset < 10; ruleset++) in printrules()
2181 if (RewriteRules[ruleset] == NULL) in printrules()
2183 sm_dprintf("\n----Rule Set %d:", ruleset); in printrules()
[all …]
/src/lib/libpfctl/
H A Dlibpfctl.h143 struct pfctl_eth_ruleset ruleset; member
328 struct pfctl_ruleset ruleset; member
476 struct pfctl_rules_info *rules, uint32_t ruleset,
479 uint32_t ruleset, const char *path);
481 const char *anchor, uint32_t ruleset, struct pfctl_rule *rule,
484 const char *anchor, uint32_t ruleset, struct pfctl_rule *rule,
487 const char *anchor, uint32_t ruleset, struct pfctl_rule *rule,
490 const char *anchor, uint32_t ruleset, struct pfctl_rule *rule,
/src/sbin/devfs/
H A Ddevfs.rules7 # denotes the beginning of a ruleset. In the brackets should
8 # be a name for the rule and its ruleset number. Any other lines
18 # Very basic and secure ruleset: Hide everything.
/src/contrib/blocklist/etc/
H A Dnpf.conf9 ruleset "blocklistd"
/src/contrib/blocklist/
H A DREADME90 ruleset "blocklistd-ext"
91 ruleset "blocklistd"
97 ruleset "blocklistd-int"
/src/usr.sbin/jail/
H A Dcommand.c294 const char *jidstr, *conslog, *fmt, *path, *ruleset, *term, *username; in run_command() local
548 ruleset = string_param(j->intparams[KP_DEVFS_RULESET]); in run_command()
549 if (!ruleset) in run_command()
550 ruleset = "4"; /* devfsrules_jail */ in run_command()
551 argv[3] = acs = alloca(11 + strlen(ruleset)); in run_command()
552 sprintf(acs, "-oruleset=%s", ruleset); in run_command()
/src/share/examples/ipfilter/rules/
H A Dexample.52 # test ruleset
/src/libexec/rc/
H A Drc.subr2278 debug "found ruleset: $rulename=$rulenum"
2332 # devfs_set_ruleset ruleset [dir]
2333 # Sets the default ruleset of dir to ruleset. The ruleset argument
2334 # must be a ruleset name as specified in devfs.rules(5) file.
2345 warn "$_me: you must specify a ruleset number"
2348 debug "$_me: setting ruleset ($rs) on mount-point (${devdir#-m })"
2349 if ! /sbin/devfs $devdir ruleset $rs; then
2350 warn "$_me: unable to set ruleset $rs to ${devdir#-m }"
2356 # devfs_apply_ruleset ruleset [dir]
2357 # Apply ruleset number $ruleset to the devfs mountpoint $dir.
[all …]
/src/sys/netpfil/ipfw/
H A Dip_fw_pfil.c122 void *ruleset __unused, struct inpcb *inp) in ipfw_check_packet()
333 void *ruleset __unused, struct inpcb *inp) in ipfw_check_frame_mbuf()
413 void *ruleset __unused, struct mbuf **m) in ipfw_check_frame_mem()
/src/contrib/tcpdump/
H A Dpflog.h124 char ruleset[PFLOG_RULESET_NAME_SIZE]; member
/src/contrib/libpcap/
H A Dpflog.h133 char ruleset[PFLOG_RULESET_NAME_SIZE]; member
/src/contrib/sendmail/cf/hack/
H A Dxconnect.m421 # x_connect ruleset for looking up XConnect: tag in access DB to enable
/src/share/examples/ipfilter/
H A Dipf-howto.txt183 interrupt the flow, IPF will go through the entire ruleset,
220 It's a good time to point out that even if the ruleset had
245 Here's a modified copy of the original ruleset using the
283 so a change to the ruleset to make this possible is called
300 Now we have a less stringent ruleset that actually does
488 what you already know of IPF. The new ruleset would be:
623 This brings our total ruleset to look something like this:
642 ruleset. When you're actually creating your ruleset, you
710 when setting up your own ruleset, adding rules for every
754 Remember that ruleset order is important. Since we're doing
[all …]
/src/release/packages/ucl/
H A Dtcpd-all.ucl23 based on a user-defined ruleset. TCP Wrappers can also perform certain

123