[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: src



CVSROOT:	/cvs
Module name:	src
Changes by:	henning_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2003/05/13 15:15:07

Modified files:
	sbin/pfctl     : parse.y pfctl_parser.c 

Log message:
userland part for tagging.
it's now possible to tag packets with an arbitary tag and filter based on
that tag later on other interfaces:
pass in quick on fxp0 keep state tag blah
pass out quick on wi0 keep state with tag blah
can be used to express trust between interfaces, to distinguish between
NATed connections and connection originating from teh firewall itself
and much more

ok dhartmei@ frantzen@ pb@ mcbride@