diff options
| author | darrenr <darrenr@FreeBSD.org> | 2000-10-26 12:45:54 +0000 |
|---|---|---|
| committer | darrenr <darrenr@FreeBSD.org> | 2000-10-26 12:45:54 +0000 |
| commit | 7595d5ffce4a14f32ac605d21cbd61fbe85057e2 (patch) | |
| tree | 7098416027f8d3f0d9828794b9eb7a6e22f08d6a /contrib/ipfilter/man | |
| parent | 54a215376523c9828e0092de33f29614fca24281 (diff) | |
| download | FreeBSD-src-7595d5ffce4a14f32ac605d21cbd61fbe85057e2.zip FreeBSD-src-7595d5ffce4a14f32ac605d21cbd61fbe85057e2.tar.gz | |
Import IP Filter 3.4.12
Diffstat (limited to 'contrib/ipfilter/man')
| -rw-r--r-- | contrib/ipfilter/man/ipf.4 | 30 | ||||
| -rw-r--r-- | contrib/ipfilter/man/ipf.5 | 4 | ||||
| -rw-r--r-- | contrib/ipfilter/man/ipmon.8 | 2 | ||||
| -rw-r--r-- | contrib/ipfilter/man/ipnat.4 | 6 |
4 files changed, 22 insertions, 20 deletions
diff --git a/contrib/ipfilter/man/ipf.4 b/contrib/ipfilter/man/ipf.4 index 4549855..0e080a0 100644 --- a/contrib/ipfilter/man/ipf.4 +++ b/contrib/ipfilter/man/ipf.4 @@ -11,33 +11,33 @@ To add and delete rules to the filter list, three 'basic' ioctls are provided for use. The ioctl's are called as: .LP .nf - ioctl(fd, SIOCADDFR, struct frentry *) - ioctl(fd, SIOCDELFR, struct frentry *) + ioctl(fd, SIOCADDFR, struct frentry **) + ioctl(fd, SIOCDELFR, struct frentry **) ioctl(fd, SIOCIPFFL, int *) .fi .PP However, the full complement is as follows: .LP .nf - ioctl(fd, SIOCADAFR, struct frentry *) (same as SUICADDFR) - ioctl(fd, SIOCRMAFR, struct frentry *) (same as SUICDELFR) - ioctl(fd, SIOCADIFR, struct frentry *) - ioctl(fd, SIOCRMIFR, struct frentry *) - ioctl(fd, SIOCINAFR, struct frentry *) - ioctl(fd, SIOCINIFR, struct frentry *) + ioctl(fd, SIOCADAFR, struct frentry **) (same as SIOCADDFR) + ioctl(fd, SIOCRMAFR, struct frentry **) (same as SIOCDELFR) + ioctl(fd, SIOCADIFR, struct frentry **) + ioctl(fd, SIOCRMIFR, struct frentry **) + ioctl(fd, SIOCINAFR, struct frentry **) + ioctl(fd, SIOCINIFR, struct frentry **) ioctl(fd, SIOCSETFF, u_int *) ioctl(fd, SIOGGETFF, u_int *) - ioctl(fd, SIOCGETFS, struct friostat *) + ioctl(fd, SIOCGETFS, struct friostat **) ioctl(fd, SIOCIPFFL, int *) ioctl(fd, SIOCIPFFB, int *) ioctl(fd, SIOCSWAPA, u_int *) ioctl(fd, SIOCFRENB, u_int *) ioctl(fd, SIOCFRSYN, u_int *) - ioctl(fd, SIOCFRZST, struct friostat *) - ioctl(fd, SIOCZRLST, struct frentry *) - ioctl(fd, SIOCAUTHW, struct fr_info *) - ioctl(fd, SIOCAUTHR, struct fr_info *) - ioctl(fd, SIOCATHST, struct fr_authstat *) + ioctl(fd, SIOCFRZST, struct friostat **) + ioctl(fd, SIOCZRLST, struct frentry **) + ioctl(fd, SIOCAUTHW, struct fr_info **) + ioctl(fd, SIOCAUTHR, struct fr_info **) + ioctl(fd, SIOCATHST, struct fr_authstat **) .fi .PP The variations, SIOCADAFR vs. SIOCADIFR, allow operation on the two lists, @@ -107,7 +107,7 @@ filter list, the number of the rule which it is to be inserted before must be put in the "fr_hits" field (the first rule is number 0). .LP .PP -Flags which are recognised in fr_pass: +Flags which are recognised in fr_flags: .nf FR_BLOCK 0x000001 /* do not allow packet to pass */ diff --git a/contrib/ipfilter/man/ipf.5 b/contrib/ipfilter/man/ipf.5 index 478d672..243edac 100644 --- a/contrib/ipfilter/man/ipf.5 +++ b/contrib/ipfilter/man/ipf.5 @@ -31,7 +31,7 @@ proto = "proto" protocol . ip = srcdst [ flags ] [ with withopt ] [ icmp ] [ keep ] . group = [ "head" decnumber ] [ "group" decnumber ] . -block = "block" [ icmp[return-code] | "return-rst" ] . +block = "block" [ return-icmp[return-code] | "return-rst" ] . auth = "auth" | "preauth" . log = "log" [ "body" ] [ "first" ] [ "or-block" ] [ "level" loglevel ] . call = "call" [ "now" ] function-name . @@ -42,7 +42,7 @@ protocol = "tcp/udp" | "udp" | "tcp" | "icmp" | decnumber . srcdst = "all" | fromto . fromto = "from" [ "!" ] object "to" [ "!" ] object . -icmp = "return-icmp" | "return-icmp-as-dest" . +return-icmp = "return-icmp" | "return-icmp-as-dest" . object = addr [ port-comp | port-range ] . addr = "any" | nummask | host-name [ "mask" ipaddr | "mask" hexnumber ] . port-comp = "port" compare port-num . diff --git a/contrib/ipfilter/man/ipmon.8 b/contrib/ipfilter/man/ipmon.8 index 61d6575..7cd98f6 100644 --- a/contrib/ipfilter/man/ipmon.8 +++ b/contrib/ipfilter/man/ipmon.8 @@ -149,7 +149,7 @@ show the packet data in hex. show the log header record data in hex. .SH DIAGNOSTICS \fBipmon\fP expects data that it reads to be consistent with how it should be -saved and will abort if it fails an assertion which detects an anomoly in the +saved and will abort if it fails an assertion which detects an anomaly in the recorded data. .SH FILES /dev/ipl diff --git a/contrib/ipfilter/man/ipnat.4 b/contrib/ipfilter/man/ipnat.4 index ee385b7..6cba7b6 100644 --- a/contrib/ipfilter/man/ipnat.4 +++ b/contrib/ipfilter/man/ipnat.4 @@ -15,8 +15,10 @@ To add and delete rules to the NAT list, two 'basic' ioctls are provided for use. The ioctl's are called as: .LP .nf - ioctl(fd, SIOCADNAT, struct ipnat *) - ioctl(fd, SIOCRMNAT, struct ipnat *) + ioctl(fd, SIOCADNAT, struct ipnat **) + ioctl(fd, SIOCRMNAT, struct ipnat **) + ioctl(fd, SIOCGNATS, struct natstat **) + ioctl(fd, SIOCGNATL, struct natlookup **) .fi .PP Unlike \fBipf(4)\fP, there is only a single list supported by the kernel NAT |
