diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2015-08-27 21:27:47 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2015-08-27 21:27:47 +0000 |
| commit | 64b3b4d611c32eea0529878de95fd2f9b9dcaa3a (patch) | |
| tree | 9ba100542f23930b13f3b6387f6c00d2bd5f2016 /sys/net/pfvar.h | |
| parent | f6295033c1fd4fd11df9fe78dff8f9c113e8959d (diff) | |
| download | src-64b3b4d611c32eea0529878de95fd2f9b9dcaa3a.tar.gz src-64b3b4d611c32eea0529878de95fd2f9b9dcaa3a.zip | |
pf: Remove support for 'scrub fragment crop|drop-ovl'
The crop/drop-ovl fragment scrub modes are not very useful and likely to confuse
users into making poor choices.
It's also a fairly large amount of complex code, so just remove the support
altogether.
Users who have 'scrub fragment crop|drop-ovl' in their pf configuration will be
implicitly converted to 'scrub fragment reassemble'.
Reviewed by: gnn, eri
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D3466
Notes
Notes:
svn path=/head/; revision=287222
Diffstat (limited to 'sys/net/pfvar.h')
| -rw-r--r-- | sys/net/pfvar.h | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 4a5f2a08f4ea..ea90dc889141 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -598,8 +598,6 @@ struct pf_rule { /* scrub flags */ #define PFRULE_NODF 0x0100 -#define PFRULE_FRAGCROP 0x0200 /* non-buffering frag cache */ -#define PFRULE_FRAGDROP 0x0400 /* drop funny fragments */ #define PFRULE_RANDOMID 0x0800 #define PFRULE_REASSEMBLE_TCP 0x1000 #define PFRULE_SET_TOS 0x2000 |