|
Lines 247-253
Link Here
|
| 247 |
TOK_RESET, |
247 |
TOK_RESET, |
| 248 |
TOK_UNREACH, |
248 |
TOK_UNREACH, |
| 249 |
TOK_CHECKSTATE, |
249 |
TOK_CHECKSTATE, |
| 250 |
|
250 |
TOK_SETDF, |
|
|
251 |
|
| 251 |
TOK_ALTQ, |
252 |
TOK_ALTQ, |
| 252 |
TOK_LOG, |
253 |
TOK_LOG, |
| 253 |
TOK_TAG, |
254 |
TOK_TAG, |
|
Lines 374-379
Link Here
|
| 374 |
{ "unreach6", TOK_UNREACH6 }, |
375 |
{ "unreach6", TOK_UNREACH6 }, |
| 375 |
{ "unreach", TOK_UNREACH }, |
376 |
{ "unreach", TOK_UNREACH }, |
| 376 |
{ "check-state", TOK_CHECKSTATE }, |
377 |
{ "check-state", TOK_CHECKSTATE }, |
|
|
378 |
{ "setdf", TOK_SETDF }, |
| 377 |
{ "//", TOK_COMMENT }, |
379 |
{ "//", TOK_COMMENT }, |
| 378 |
{ NULL, 0 } /* terminator */ |
380 |
{ NULL, 0 } /* terminator */ |
| 379 |
}; |
381 |
}; |
|
Lines 1555-1560
Link Here
|
| 1555 |
} |
1557 |
} |
| 1556 |
break; |
1558 |
break; |
| 1557 |
|
1559 |
|
|
|
1560 |
case O_SET_IPDF: |
| 1561 |
PRINT_UINT_ARG("setdf ", cmd->arg1); |
| 1562 |
break; |
| 1563 |
|
| 1558 |
case O_LOG: /* O_LOG is printed last */ |
1564 |
case O_LOG: /* O_LOG is printed last */ |
| 1559 |
logptr = (ipfw_insn_log *)cmd; |
1565 |
logptr = (ipfw_insn_log *)cmd; |
| 1560 |
break; |
1566 |
break; |
|
Lines 2635-2641
Link Here
|
| 2635 |
"RULE-BODY: check-state [PARAMS] | ACTION [PARAMS] ADDR [OPTION_LIST]\n" |
2641 |
"RULE-BODY: check-state [PARAMS] | ACTION [PARAMS] ADDR [OPTION_LIST]\n" |
| 2636 |
"ACTION: check-state | allow | count | deny | unreach{,6} CODE |\n" |
2642 |
"ACTION: check-state | allow | count | deny | unreach{,6} CODE |\n" |
| 2637 |
" skipto N | {divert|tee} PORT | forward ADDR |\n" |
2643 |
" skipto N | {divert|tee} PORT | forward ADDR |\n" |
| 2638 |
" pipe N | queue N\n" |
2644 |
" pipe N | queue N | setdf DF\n" |
| 2639 |
"PARAMS: [log [logamount LOGLIMIT]] [altq QUEUE_NAME]\n" |
2645 |
"PARAMS: [log [logamount LOGLIMIT]] [altq QUEUE_NAME]\n" |
| 2640 |
"ADDR: [ MAC dst src ether_type ] \n" |
2646 |
"ADDR: [ MAC dst src ether_type ] \n" |
| 2641 |
" [ ip from IPADDR [ PORT ] to IPADDR [ PORTLIST ] ]\n" |
2647 |
" [ ip from IPADDR [ PORT ] to IPADDR [ PORTLIST ] ]\n" |
|
Lines 3970-3975
Link Here
|
| 3970 |
action->opcode = O_COUNT; |
3976 |
action->opcode = O_COUNT; |
| 3971 |
break; |
3977 |
break; |
| 3972 |
|
3978 |
|
|
|
3979 |
case TOK_SETDF: |
| 3980 |
{ |
| 3981 |
int df; |
| 3982 |
|
| 3983 |
NEED1("need setdf arg\n"); |
| 3984 |
df = strtoul(*av, NULL, 0); |
| 3985 |
if (df < 0 || df > 1) |
| 3986 |
errx(EX_DATAERR, "illegal argument for %s", |
| 3987 |
*(av - 1)); |
| 3988 |
fill_cmd(action, O_SET_IPDF, 0, df); |
| 3989 |
ac--; av++; |
| 3990 |
} |
| 3991 |
break; |
| 3992 |
|
| 3973 |
case TOK_QUEUE: |
3993 |
case TOK_QUEUE: |
| 3974 |
action->opcode = O_QUEUE; |
3994 |
action->opcode = O_QUEUE; |
| 3975 |
goto chkarg; |
3995 |
goto chkarg; |