[Xorp-cvs] XORP cvs commit: xorp xorp/config xorp/etc/templates xorp/fea xorp/fea/data_plane xorp/fea/data_plane/firewall xorp/fea/data_plane/managers xorp/xrl/interfaces xorp/xrl/targets
Pavlin Radoslavov
pavlin at icir.org
Fri Apr 25 17:59:52 PDT 2008
CVSROOT: /usr/local/www/data/cvs
Module name: xorp
Changes by: pavlin at chum.icir.org 2008-04-26 00:59:52 UTC
XORP CVS repository
Modified files:
. ERRATA config.h.in configure configure.in
config acfirewall.m4
etc/templates Jamfile Makefile.am Makefile.in fea.tp
fea Jamfile Makefile.am Makefile.in
fea_data_plane_manager.cc fea_data_plane_manager.hh
fea_node.cc fea_node.hh xrl_fea_node.cc
xrl_fea_node.hh xrl_fea_target.cc xrl_fea_target.hh
fea/data_plane Jamfile Makefile.am Makefile.in
fea/data_plane/managers fea_data_plane_manager_bsd.cc
fea_data_plane_manager_click.cc
fea_data_plane_manager_click.hh
fea_data_plane_manager_dummy.cc
fea_data_plane_manager_linux.cc
xrl/interfaces Jamfile Makefile.am Makefile.in
xrl/targets Jamfile Makefile.am Makefile.in fea.tgt fea.xrls
fea_base.cc fea_base.hh
Added files:
etc/templates firewall.tp
fea firewall_entry.cc firewall_entry.hh firewall_get.hh
firewall_manager.cc firewall_manager.hh
firewall_set.hh firewall_transaction.cc
firewall_transaction.hh
fea/data_plane/firewall .cvsignore Jamfile Makefile.am
Makefile.in firewall_get_dummy.cc
firewall_get_dummy.hh
firewall_get_ipfw2.cc
firewall_get_ipfw2.hh
firewall_get_netfilter.cc
firewall_get_netfilter.hh
firewall_get_pf.cc firewall_get_pf.hh
firewall_set_dummy.cc
firewall_set_dummy.hh
firewall_set_ipfw2.cc
firewall_set_ipfw2.hh
firewall_set_netfilter.cc
firewall_set_netfilter.hh
firewall_set_pf.cc firewall_set_pf.hh
xrl/interfaces fea_firewall.xif fea_firewall_xif.cc
fea_firewall_xif.hh
Removed files:
fea pa_backend.hh pa_backend_dummy.cc
pa_backend_dummy.hh pa_backend_ipfw2.cc
pa_backend_ipfw2.hh pa_backend_nf.cc
pa_backend_nf.hh pa_backend_pf.cc pa_backend_pf.hh
pa_entry.cc pa_entry.hh pa_table.cc pa_table.hh
pa_transaction.cc pa_transaction.hh
xrl_packet_acl.cc xrl_packet_acl.hh
xrl/interfaces packet_acl.xif packet_acl_xif.cc packet_acl_xif.hh
xrl/targets packet_acl.tgt packet_acl.xrls packet_acl_base.cc
packet_acl_base.hh
Log message:
* Added a firewall implementation that fits with the new plugin-based
FEA architecture.
The implemented plugins are:
- ipfw2 (FreeBSD)
- pf (BSD)
- netfilter (Linux)
Currently, the firewall support is very basic:
- IPv4 and IPv6
- rules numbering/ordering
- protocol number
- incoming interface
- source and destination network address
- source and destination port range (for TCP and UDP)
The implementation should be considered alpha version that needs
more work, improvements and testing.
Note that the Linux netfilter plugin won't be compiled by default
because of broken system header files. See ERRATA for
information how to fix the header files.
* Removed the older firewall backend.
Revision Changes Path
1.41 +36 -1; commitid: 180444812794b41a7; xorp/ERRATA
1.95 +35 -12; commitid: 180444812794b41a7; xorp/config.h.in
1.3 +300 -46; commitid: 180444812794b41a7; xorp/config/acfirewall.m4
1.280 +1203 -33; commitid: 180444812794b41a7; xorp/configure
1.217 +3 -2; commitid: 180444812794b41a7; xorp/configure.in
1.4 +2 -1; commitid: 180444812794b41a7; xorp/etc/templates/Jamfile
1.23 +2 -1; commitid: 180444812794b41a7; xorp/etc/templates/Makefile.am
1.40 +5 -5; commitid: 180444812794b41a7; xorp/etc/templates/Makefile.in
1.41 +2 -2; commitid: 180444812794b41a7; xorp/etc/templates/fea.tp
1.4 +184 -0 xorp/etc/templates/firewall.tp (new)
1.26 +5 -8; commitid: 180444812794b41a7; xorp/fea/Jamfile
1.105 +11 -17; commitid: 180444812794b41a7; xorp/fea/Makefile.am
1.126 +23 -28; commitid: 180444812794b41a7; xorp/fea/Makefile.in
1.5 +2 -1; commitid: 180444812794b41a7; xorp/fea/data_plane/Jamfile
1.4 +2 -2; commitid: 180444812794b41a7; xorp/fea/data_plane/Makefile.am
1.7 +1 -1; commitid: 180444812794b41a7; xorp/fea/data_plane/Makefile.in
1.1 +7 -0 xorp/fea/data_plane/firewall/.cvsignore (new)
1.1 +24 -0 xorp/fea/data_plane/firewall/Jamfile (new)
1.1 +38 -0 xorp/fea/data_plane/firewall/Makefile.am (new)
1.1 +493 -0 xorp/fea/data_plane/firewall/Makefile.in (new)
1.1 +124 -0 xorp/fea/data_plane/firewall/firewall_get_dummy.cc (new)
1.1 +79 -0 xorp/fea/data_plane/firewall/firewall_get_dummy.hh (new)
1.1 +402 -0 xorp/fea/data_plane/firewall/firewall_get_ipfw2.cc (new)
1.1 +92 -0 xorp/fea/data_plane/firewall/firewall_get_ipfw2.hh (new)
1.1 +504 -0 xorp/fea/data_plane/firewall/firewall_get_netfilter.cc (new)
1.1 +95 -0 xorp/fea/data_plane/firewall/firewall_get_netfilter.hh (new)
1.1 +365 -0 xorp/fea/data_plane/firewall/firewall_get_pf.cc (new)
1.1 +94 -0 xorp/fea/data_plane/firewall/firewall_get_pf.hh (new)
1.1 +187 -0 xorp/fea/data_plane/firewall/firewall_set_dummy.cc (new)
1.1 +145 -0 xorp/fea/data_plane/firewall/firewall_set_dummy.hh (new)
1.1 +460 -0 xorp/fea/data_plane/firewall/firewall_set_ipfw2.cc (new)
1.1 +127 -0 xorp/fea/data_plane/firewall/firewall_set_ipfw2.hh (new)
1.1 +1068 -0 xorp/fea/data_plane/firewall/firewall_set_netfilter.cc (new)
1.1 +222 -0 xorp/fea/data_plane/firewall/firewall_set_netfilter.hh (new)
1.1 +558 -0 xorp/fea/data_plane/firewall/firewall_set_pf.cc (new)
1.1 +183 -0 xorp/fea/data_plane/firewall/firewall_set_pf.hh (new)
1.9 +19 -1; commitid: 180444812794b41a7; xorp/fea/data_plane/managers/fea_data_plane_manager_bsd.cc
1.8 +37 -5; commitid: 180444812794b41a7; xorp/fea/data_plane/managers/fea_data_plane_manager_click.cc
1.9 +7 -7; commitid: 180444812794b41a7; xorp/fea/data_plane/managers/fea_data_plane_manager_click.hh
1.10 +7 -1; commitid: 180444812794b41a7; xorp/fea/data_plane/managers/fea_data_plane_manager_dummy.cc
1.9 +10 -1; commitid: 180444812794b41a7; xorp/fea/data_plane/managers/fea_data_plane_manager_linux.cc
1.10 +136 -2; commitid: 180444812794b41a7; xorp/fea/fea_data_plane_manager.cc
1.11 +27 -1; commitid: 180444812794b41a7; xorp/fea/fea_data_plane_manager.hh
1.16 +9 -3; commitid: 180444812794b41a7; xorp/fea/fea_node.cc
1.15 +11 -14; commitid: 180444812794b41a7; xorp/fea/fea_node.hh
1.1 +55 -0 xorp/fea/firewall_entry.cc (new)
1.1 +196 -0 xorp/fea/firewall_entry.hh (new)
1.1 +114 -0 xorp/fea/firewall_get.hh (new)
1.1 +838 -0 xorp/fea/firewall_manager.cc (new)
1.1 +489 -0 xorp/fea/firewall_manager.hh (new)
1.1 +226 -0 xorp/fea/firewall_set.hh (new)
1.1 +49 -0 xorp/fea/firewall_transaction.cc (new)
1.1 +249 -0 xorp/fea/firewall_transaction.hh (new)
1.9 +0 -106 xorp/fea/pa_backend.hh (dead)
1.10 +0 -111 xorp/fea/pa_backend_dummy.cc (dead)
1.9 +0 -92 xorp/fea/pa_backend_dummy.hh (dead)
1.13 +0 -624 xorp/fea/pa_backend_ipfw2.cc (dead)
1.9 +0 -178 xorp/fea/pa_backend_ipfw2.hh (dead)
1.6 +0 -447 xorp/fea/pa_backend_nf.cc (dead)
1.5 +0 -117 xorp/fea/pa_backend_nf.hh (dead)
1.8 +0 -476 xorp/fea/pa_backend_pf.cc (dead)
1.8 +0 -148 xorp/fea/pa_backend_pf.hh (dead)
1.7 +0 -53 xorp/fea/pa_entry.cc (dead)
1.7 +0 -182 xorp/fea/pa_entry.hh (dead)
1.8 +0 -210 xorp/fea/pa_table.cc (dead)
1.8 +0 -185 xorp/fea/pa_table.hh (dead)
1.15 +0 -217 xorp/fea/pa_transaction.cc (dead)
1.9 +0 -318 xorp/fea/pa_transaction.hh (dead)
1.18 +1 -19; commitid: 180444812794b41a7; xorp/fea/xrl_fea_node.cc
1.13 +1 -4; commitid: 180444812794b41a7; xorp/fea/xrl_fea_node.hh
1.41 +350 -1; commitid: 180444812794b41a7; xorp/fea/xrl_fea_target.cc
1.29 +338 -1; commitid: 180444812794b41a7; xorp/fea/xrl_fea_target.hh
1.11 +0 -671 xorp/fea/xrl_packet_acl.cc (dead)
1.9 +0 -404 xorp/fea/xrl_packet_acl.hh (dead)
1.7 +3 -3; commitid: 180444812794b41a7; xorp/xrl/interfaces/Jamfile
1.39 +5 -5; commitid: 180444812794b41a7; xorp/xrl/interfaces/Makefile.am
1.62 +30 -30; commitid: 180444812794b41a7; xorp/xrl/interfaces/Makefile.in
1.1 +255 -0 xorp/xrl/interfaces/fea_firewall.xif (new)
1.1 +594 -0 xorp/xrl/interfaces/fea_firewall_xif.cc (new)
1.1 +446 -0 xorp/xrl/interfaces/fea_firewall_xif.hh (new)
1.3 +0 -200 xorp/xrl/interfaces/packet_acl.xif (dead)
1.10 +0 -570 xorp/xrl/interfaces/packet_acl_xif.cc (dead)
1.9 +0 -409 xorp/xrl/interfaces/packet_acl_xif.hh (dead)
1.6 +1 -4; commitid: 180444812794b41a7; xorp/xrl/targets/Jamfile
1.71 +2 -9; commitid: 180444812794b41a7; xorp/xrl/targets/Makefile.am
1.93 +22 -34; commitid: 180444812794b41a7; xorp/xrl/targets/Makefile.in
1.18 +3 -1; commitid: 180444812794b41a7; xorp/xrl/targets/fea.tgt
1.82 +232 -1; commitid: 180444812794b41a7; xorp/xrl/targets/fea.xrls
1.85 +572 -1; commitid: 180444812794b41a7; xorp/xrl/targets/fea_base.cc
1.91 +384 -1; commitid: 180444812794b41a7; xorp/xrl/targets/fea_base.hh
1.4 +0 -7 xorp/xrl/targets/packet_acl.tgt (dead)
1.8 +0 -175 xorp/xrl/targets/packet_acl.xrls (dead)
1.10 +0 -758 xorp/xrl/targets/packet_acl_base.cc (dead)
1.10 +0 -380 xorp/xrl/targets/packet_acl_base.hh (dead)
More information about the Xorp-cvs
mailing list