003 File Manager
Current Path:
/usr/src/contrib/ipfilter
usr
/
src
/
contrib
/
ipfilter
/
📁
..
📄
BNF
(3.52 KB)
📄
BugReport
(409 B)
📄
HISTORY
(55.43 KB)
📄
LICENCE
(612 B)
📄
Makefile
(14.48 KB)
📄
NAT.FreeBSD
(2.84 KB)
📄
README
(4.53 KB)
📄
STYLE.TXT
(1.96 KB)
📄
WhatsNew50.txt
(2.26 KB)
📄
Y2K
(48 B)
📄
arc4random.c
(5.03 KB)
📄
bpf-ipf.h
(13.72 KB)
📄
bpf_filter.c
(12.32 KB)
📄
genmask.c
(1.14 KB)
📄
ip_dstlist.c
(43.79 KB)
📄
ip_dstlist.h
(1.43 KB)
📄
ip_fil.c
(14.13 KB)
📄
ip_fil_compat.c
(122.12 KB)
📄
ip_msnrpc_pxy.c
(6.25 KB)
📄
ipf.h
(11.97 KB)
📄
ipf_rb.h
(10.37 KB)
📁
iplang
📄
ipmon.h
(3.27 KB)
📁
ipsend
📄
ipt.h
(536 B)
📄
kmem.h
(526 B)
📁
l4check
📁
lib
📁
man
📄
md5.c
(11.36 KB)
📄
md5.h
(3.11 KB)
📄
mkfilters
(2.62 KB)
📄
mlfk_rule.c
(1.23 KB)
📄
opt_inet6.h
(14 B)
📄
opts.h
(1.45 KB)
📄
pcap-ipf.h
(642 B)
📄
radix_ipf.c
(41.92 KB)
📄
radix_ipf.h
(2.64 KB)
📁
rules
📁
samples
📄
snoop.h
(664 B)
📁
sys
📁
tools
Editing: WhatsNew50.txt
What's new in 5.1 ================= General ------- * all of the tuneables can now be set at any time, not just whilst disabled or prior to loading rules; * group identifiers may now be a number or name (universal); * man pages rewritten * tunables can now be set via ipf.conf; Logging ------- * ipmon.conf can now be used to generate SNMPv1 and SNMPv2 traps using information from log entries from the kernel; NAT changes ----------- * DNS proxy for the kernel that can block queries based on domain names; * FTP proxy can be configured to limit data connections to one or many connections per client; * NAT on IPv6 is now supported; * rewrite command allows changing both the source and destination address in a single NAT rule; * simple encapsulation can now be configured with ipnat.conf, * TFTP proxy now included; Packet Filtering ---------------- * acceptance of ICMP packets for "keep state" rules can be refined through the use of filtering rules; * alternative form for writing rules using simple filtering expressions; * CIPSO headers now recognised and analysed for filtering on DOI; * comments can now be a part of a rule and loaded into the kernel and thus displayed with ipfstat; * decapsulation rules allow filtering on inner headers, providing they are not encrypted; * interface names, aside from that the packet is on, can be present in filter rules; * internally now a single list of filter rules, there is no longer an IPv4 and IPv6 list; * rules can now be added with an expiration time, allowing for their automatic removal after some period of time; * single file, ipf.conf, can now be used for both IPv4 and IPv6 rules; * stateful filtering now allows for limits to be placed on the number of distinct hosts allowed per rule; Pools ----- * addresses added to a pool via the command line (only!) can be given an expiration timeout; * destination lists are a new type of address pool, primarily for use with NAT rdr rules, supporting newer algorithms for target selection; * raw whois information saved to a file can be used to populate a pool; Solaris ------- * support for use in zones with exclusive IP instances fully supported. Tools ----- * use of matching expressions allows for refining what is displayed or flushed;
Upload File
Create Folder