summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2002-12-19KNFHenning Brauer
2002-12-19Add a second keep-locals entry to stop getopt from treating -k as anFederico G. Schwindt
abbreviation for --keep-locals. from binutils-current. millert@ ok.
2002-12-19Replace skip step calculation so it scales O(n) instead of O(n*n).Daniel Hartmeier
Loading large rulesets consists of two phases. First, the rules are parsed and added, one by one, to the inactive ruleset. The machine remains responsive during that phase. Then, the new ruleset is activated, and the skip steps are calculated. The machine locks up during that phase. This second phase is greatly reduced with the new algorithm. With the old one, calculation could take 30s for 12k rules, with the new one, 100k rules take less than 1s. For small rulesets (less than 1000 rules), the gain is insignificant. ok mcbride@, henning@
2002-12-19fix 'no nat/rdr/binat' evaluation. from mcbride@, slightly modified :)Daniel Hartmeier
2002-12-19fix 'no rdr'.Daniel Hartmeier
2002-12-19Initialize pf_state.nat_rule to NULL if there's no translation used.Daniel Hartmeier
Found by markus@
2002-12-19use ${SUDO} for pfctl when we actually use the ioctls.Ryan Thomas McBride
ok markus@ henning@
2002-12-19syncTheo de Raadt
2002-12-19phantomas has lasiMichael Shalayeff
2002-12-19updates and formatting; from weissmanndudeMichael Shalayeff
2002-12-19i/o subsys reference; from weissmanndudeMichael Shalayeff
2002-12-19phantomas against illiterateMichael Shalayeff
2002-12-19build LYMainLoop.o -O0 as a workaround for gcc on hppaMichael Shalayeff
2002-12-19only do "Trying ..." if verboseTheo de Raadt
2002-12-19Document atactl dump command; thanks to nick@ for pointing this out.Alexander Yurchenko
ok deraadt@
2002-12-19accidental commitTheo de Raadt
2002-12-19missing .PpTheo de Raadt
2002-12-19fix a debugging printf on cmd wait timeoutMichael Shalayeff
2002-12-19proper barrier call in ie_ackMichael Shalayeff
2002-12-19comparam() does not need an spltty() for it, already called there.Michael Shalayeff
time-bound loops in com_common_cnputc() and lower to spltty(), which i guess is left from times when timeouts were processed at splhigh(). jason@ tested and ok, art@ ok
2002-12-19"papers by published" -> "papers published by"; Dave SteinbergTodd C. Miller
2002-12-19much prettierTheo de Raadt
2002-12-19Very crude notes for the hppa adventurous person.Miod Vallat
2002-12-19simplify stack grownups (growndowns are not touched)Michael Shalayeff
2002-12-19setregs: put the whole frame setup into one placeMichael Shalayeff
2002-12-19level 0x16 is really an l2Michael Shalayeff
2002-12-19no youTheo de Raadt
2002-12-19knf, remove register, space trimMichael Shalayeff
2002-12-19do not plan for DISKLESS; cross out CRTBEGIN and CRTENDMichael Shalayeff
2002-12-19updateMichael Shalayeff
2002-12-19debugging check_alias is only needed in PMAPDEBUGMichael Shalayeff
2002-12-19s/msg_send/ssh_msg_send/ to avoid namespace clashes in portable; ok markus@Damien Miller
2002-12-19indent so it is more clear, add spews thingTheo de Raadt
2002-12-18newer machines use phantom bus to attach lasi and other bus adapters.Michael Shalayeff
oledr machines did not have a real device for the phantom bus port. change the device scanning technique to both include a full device path in the attach_args and do proper shifting in the pdc_scanbus() and add a device for the newer machines as well as use a newer device mapping (path to hpa) available on newer firmware versions, where old (hversion-dependant) is not available. tested on 712,715/33,c110, miod@ ok, weissmandude -- testing
2002-12-18APM_BEBATT is in the apm_flags, not sc_flags, from markus@Michael Shalayeff
2002-12-18Fix tree breakage; match changes to struct pfctl (now contains an arrayRyan Thomas McBride
of pointers to pfioc_rule). Fix from henning@ ok dhartmei@
2002-12-18order the entries by numberMichael Shalayeff
2002-12-18boot -a support.Miod Vallat
2002-12-18t'was not enough space malloced when generating the bodun entriesMichael Shalayeff
2002-12-18Store translation rule pointer in state entries, so pfctl -vsn can printDaniel Hartmeier
evaluation, packet, byte and state entry counters similar to -vsr. Helps verify whether/how often translation rules are evaluated/matched. ok frantzen@, henning@
2002-12-18Remove pointless 'if 0' code.Dale Rahn
2002-12-18Prepare for an upcoming ELF executable change. This will allow ld.so toDale Rahn
protect the GOT and PLT sections of the executable from being overwritten. This behavior is enabled by changes in the executable/shared object layout, and does not occur without the ld changes.
2002-12-18Reorder sysctl list, to match sysctl -a output (mostly, structures cheat).Miod Vallat
Add/remove the missing/extra bits. And you get a typo fix for free.
2002-12-18KNFHenning Brauer
2002-12-18little styleHenning Brauer
2002-12-18When logging packets matched by rules within anchors, use the anchor ruleDaniel Hartmeier
(in the main set) number, not the number of the rule within the anchor. Eventually, both will get logged. But as long as we only log one number, this makes more sense.
2002-12-18KNFHenning Brauer
2002-12-18more KNFHenning Brauer
2002-12-18big KNF roundHenning Brauer
2002-12-18Load regress rules into anchor regress:regress and compare the outputDaniel Hartmeier
of pfctl -vvsr with expected output. This verifies that skip step values don't change unexpectedly.
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-16 02:39:06 +0000