![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / share / man / man4
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.20 / (download) - annotate - [select for diffs], Sat Sep 10 10:22:46 2022 UTC (20 months, 3 weeks ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
HEAD
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)
fix repeated words ok ok miod@ ack ack jmc@
Revision 1.19 / (download) - annotate - [select for diffs], Thu Mar 31 17:27:20 2022 UTC (2 years, 2 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.18: +3 -3 lines
Diff to previous 1.18 (colored)
man pages: add missing commas between subordinate and main clauses jmc@ dislikes a comma before "then" in a conditional, so leave those untouched. ok jmc@
Revision 1.18 / (download) - annotate - [select for diffs], Fri Oct 6 21:14:55 2017 UTC (6 years, 8 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.17: +2 -19 lines
Diff to previous 1.17 (colored)
Kill the divert-packet socket option IP_DIVERTFL to filter packets. It used a loop over the global list divbtable that would be hard to make MP safe. The port net/dnsfilter does not work without this, it should be converted to divert-to. Neither other ports nor base use this filter feature. ports checked by sthen@; OK mpi@ benno@
Revision 1.17 / (download) - annotate - [select for diffs], Fri Aug 25 16:11:01 2017 UTC (6 years, 9 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.16: +22 -9 lines
Diff to previous 1.16 (colored)
Document the limitations of divert-packet in divert(4) so that they can be addressed. input jmc@ benno@ mortimer@
Revision 1.16 / (download) - annotate - [select for diffs], Thu Sep 10 17:55:21 2015 UTC (8 years, 8 months ago) by schwarze
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.15: +5 -5 lines
Diff to previous 1.15 (colored)
use .In rather than .Fd #include
Revision 1.15 / (download) - annotate - [select for diffs], Fri Oct 24 02:02:08 2014 UTC (9 years, 7 months ago) by lteo
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.14: +2 -3 lines
Diff to previous 1.14 (colored)
netinet/in_systm.h is not needed by the example program pointed out by millert@
Revision 1.14 / (download) - annotate - [select for diffs], Thu Jun 5 03:36:46 2014 UTC (10 years ago) by lteo
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.13: +38 -29 lines
Diff to previous 1.13 (colored)
Improve the divert(4) example program: - Remove unnecessary includes - bzero -> memset - Better sanity checks and return value checks - Use the tcphdr struct instead of tcpiphdr so that the program will work even if there are IP options - Use more conventional variable names and buffer sizes Also add myself to the copyright. ok deraadt@ sthen@
Revision 1.13 / (download) - annotate - [select for diffs], Sun Jun 2 01:07:47 2013 UTC (11 years ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.12: +7 -5 lines
Diff to previous 1.12 (colored)
improve the divert-* description a bit more ok lteo & jmc
Revision 1.12 / (download) - annotate - [select for diffs], Sat Jun 1 18:41:43 2013 UTC (11 years ago) by lteo
Branch: MAIN
Changes since 1.11: +18 -6 lines
Diff to previous 1.11 (colored)
Document my divert(4) changes done in April 2013, where reinjected packets will now go through basic sanity checks and will have their IPv4 and protocol checksums (TCP, UDP, ICMP, and ICMPv6) recalculated. Also clarify that divert(4) relates to the PF divert-packet parameter, not divert-to (prodded by beck@, also suggested by benno@ and reyk@). ok benno jmc
Revision 1.11 / (download) - annotate - [select for diffs], Wed Oct 24 22:57:41 2012 UTC (11 years, 7 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.10: +5 -4 lines
Diff to previous 1.10 (colored)
clarify -r1.9; help/ok benno
Revision 1.10 / (download) - annotate - [select for diffs], Sun Oct 21 15:25:42 2012 UTC (11 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.9: +5 -6 lines
Diff to previous 1.9 (colored)
tweak previous;
Revision 1.9 / (download) - annotate - [select for diffs], Sun Oct 21 13:06:02 2012 UTC (11 years, 7 months ago) by benno
Branch: MAIN
Changes since 1.8: +13 -2 lines
Diff to previous 1.8 (colored)
Add the IP_DIVERTFL socket option on divert(4) sockets to control which packets (as in direction) of the traffic will be diverted through the divert socket. ok claudio@, henning@
Revision 1.8 / (download) - annotate - [select for diffs], Thu Mar 29 17:09:41 2012 UTC (12 years, 2 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.7: +12 -8 lines
Diff to previous 1.7 (colored)
avoid line wrap in EXAMPLES; from Thomas Pfaff
Revision 1.7 / (download) - annotate - [select for diffs], Wed Jan 25 16:34:56 2012 UTC (12 years, 4 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.6: +90 -1 lines
Diff to previous 1.6 (colored)
add an EXAMPLES section; from Lawrence Teo tweaked slightly by myself, and ok michele
Revision 1.6 / (download) - annotate - [select for diffs], Sun Dec 6 18:32:43 2009 UTC (14 years, 6 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
missing space;
Revision 1.5 / (download) - annotate - [select for diffs], Sun Dec 6 15:39:24 2009 UTC (14 years, 6 months ago) by michele
Branch: MAIN
Changes since 1.4: +35 -26 lines
Diff to previous 1.4 (colored)
Improve divert.4 man page. Be more clear about what happens to the packets when they are queued to userspace or reinjected in the kernel. input by jmc@ ok claudio@
Revision 1.4 / (download) - annotate - [select for diffs], Sun Oct 4 20:02:36 2009 UTC (14 years, 8 months ago) by jmc
Branch: MAIN
Changes since 1.3: +5 -6 lines
Diff to previous 1.3 (colored)
tweak previous;
Revision 1.3 / (download) - annotate - [select for diffs], Sun Oct 4 16:08:37 2009 UTC (14 years, 8 months ago) by michele
Branch: MAIN
Changes since 1.2: +9 -3 lines
Diff to previous 1.2 (colored)
Add (again) support for divert sockets. They allow you to: - queue packets from pf(4) to a userspace application - reinject packets from the application into the kernel stack. The divert socket can be bound to a special "divert port" and will receive every packet diverted to that port by pf(4). The pf syntax is pretty simple, e.g.: pass on em0 inet proto tcp from any to any port 80 divert-packet port 1 A lot of discussion have happened since my last commit that resulted in many changes and improvements. I would *really* like to thank everyone who took part in the discussion especially canacar@ who spotted out which are the limitations of this approach. OpenBSD divert(4) is meant to be compatible with software running on top of FreeBSD's divert sockets even though they are pretty different and will become even more with time. discusses with many, but mainly reyk@ canacar@ deraadt@ dlg@ claudio@ beck@ tested by reyk@ and myself ok reyk@ claudio@ beck@ manpage help and ok by jmc@
Revision 1.2, Tue Sep 8 17:52:17 2009 UTC (14 years, 9 months ago) by michele
Branch: MAIN
Changes since 1.1: +2 -2 lines
FILE REMOVED
I had not enough oks to commit this diff. Sorry.
Revision 1.1 / (download) - annotate - [select for diffs], Tue Sep 8 17:00:41 2009 UTC (14 years, 9 months ago) by michele
Branch: MAIN
Add support for divert sockets. They allow you to: - queue packets from pf(4) to a userspace application - reinject packets from the application into the kernel stack. The divert socket can be bound to a special "divert port" and will receive every packet diverted to that port by pf(4). The pf syntax is pretty simple, e.g.: pass on em0 inet proto tcp from any to any port 80 divert-packet port 8000 test, bugfix and ok by reyk@ manpage help and ok by jmc@ no objections from many others.