From 59aa50a1ec81d2efbdccdf287563b3931043d13b Mon Sep 17 00:00:00 2001 From: kp Date: Thu, 13 Oct 2016 20:34:44 +0000 Subject: pf: port extended DSCP support from OpenBSD Ignore the ECN bits on 'tos' and 'set-tos' and allow to use DCSP names instead of having to embed their TOS equivalents as plain numbers. Obtained from: OpenBSD Sponsored by: OPNsense Differential Revision: https://reviews.freebsd.org/D8165 (cherry picked from commit 3fbefcb2d1d30bf4f987d8ce451572c6722f0601) --- share/man/man5/pf.conf.5 | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'share') diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5 index 3ff63bb..6a7eebe 100644 --- a/share/man/man5/pf.conf.5 +++ b/share/man/man5/pf.conf.5 @@ -28,7 +28,7 @@ .\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd June 9, 2016 +.Dd October 6, 2016 .Dt PF.CONF 5 .Os .Sh NAME @@ -648,9 +648,16 @@ for matching IP packets. .Em TOS may be given as one of +.Ar critical , +.Ar inetcontrol , .Ar lowdelay , +.Ar netcontrol , .Ar throughput , .Ar reliability , +or one of the DiffServ Code Points: +.Ar ef , +.Ar af11 No ... Ar af43 , +.Ar cs0 No ... Ar cs7 ; or as either hex or decimal. .It Ar random-id Replaces the IP identification field with random values to compensate @@ -1697,9 +1704,16 @@ bits set. .Em TOS may be given as one of +.Ar critical , +.Ar inetcontrol , .Ar lowdelay , +.Ar netcontrol , .Ar throughput , .Ar reliability , +or one of the DiffServ Code Points: +.Ar ef , +.Ar af11 No ... Ar af43 , +.Ar cs0 No ... Ar cs7 ; or as either hex or decimal. .Pp For example, the following rules are identical: @@ -1803,7 +1817,6 @@ pass in proto tcp to port 25 set prio 2 pass in proto tcp to port 22 set prio (2, 5) .Ed .Pp - .It Ar tag Aq Ar string Packets matching this rule will be tagged with the specified string. -- cgit v1.1