[PATCH] pf(4) patch from OpenBSD 4.5
Julian Elischer
julian at freebsd.org
Mon Oct 18 19:15:15 UTC 2010
On 10/18/10 11:10 AM, Ermal Luçi wrote:
> Hello,
>
> the link http://people.freebsd.org/~eri/pf45_1.diff has the patch for
> pf(4) as of OpenBSD 4.5 version.
> The patch is against HEAD.
> After OpenBSD 4.5 the syntax has changed and this is the reason for
> such an 'old' version patch.
>
> After importing this one the work will go on the newest version and
> decisions on it will than be done.
>
> Be aware that this patch has even support for VIMAGE/VNET.
> It will enable you to run pf(4) with[in] jails+vnets or just vnets
> themselves with separate rulesets
> and policies.
> pfsync(4) can be loaded as a module also with this patch.
hooray!
what to do with pfsync is hte question.. we don't yet have
devfs-per-jail but I think that's probably something we
should work on pretty soon.
I guess /dev/pfsync could only give you stuff from your own jail/vnet
but I don't use it so I'm not sure how it works.
> Feedback is very welcome.
>
> Regards,
More information about the freebsd-virtualization
mailing list