| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2003-01-01 | disable the CLSTATS flag for now, since it violates the O_RDONLY check. | Cedric Berger | |
| 2003-01-01 | Behaves correctly when duplicate addresses are given in the same ioctl. | Cedric Berger | |
| (i.e: pfradix -a test 1.2.3.4 1.2.3.4). The ioctl can also report theses duplicate to the caller using the new PFR_FB_DUPLICATE feedback tag. | |||
| 2003-01-01 | Behaves properly when someone try to insert/delete the same table name | Cedric Berger | |
| multiple time in the same ioctl (i.e. pfradix -A/D test test test). This is not a very efficient implementation, and I'll change it if someone really add/delete more than hundred of tables in the same ioctl. | |||
| 2003-01-01 | rip off a vmapbuf() from sparc, fix a bug in the vunmapbuf | Michael Shalayeff | |
| 2003-01-01 | Remove skip step for action (scrub vs. non-scrub), as scrub rules are | Daniel Hartmeier | |
| stored in a separate list now. Regress tests still pass after sed "s/ a=end / /g", other skip steps are not affected. | |||
| 2003-01-01 | Fix breakage from PF_RULESET_MAX increase, regress tests match again. | Daniel Hartmeier | |
| 2003-01-01 | Scrub and filter rules are separated now, adjust authpf accordingly. | Daniel Hartmeier | |
| 2003-01-01 | Extend two error messages, change one err() -> errx() where there's no | Daniel Hartmeier | |
| errno to translate. From Andrey Matveev. | |||
| 2002-12-31 | Typoes; jmc AT prioris DoT mini DoT pw DoT edu DoT pl | Todd C. Miller | |
| 2002-12-31 | Adjust tests for kernel split of scrub into it's own ruleset type. | Ryan Thomas McBride | |
| 2002-12-31 | Match kernel changes splitting scrub rules into their own ruleset type. | Ryan Thomas McBride | |
| ok henning@ dhartmei@ | |||
| 2002-12-31 | Split scrub rules out from the filter rules in the kernel. | Ryan Thomas McBride | |
| Precursor to removing rule.action from skip steps. Also a couple of other small fixes: - s/PF_RULESET_RULE/PF_RULESET_FILTER/ - replacement of 4 with PF_RULESET_MAX in pfvar.h struct ruleset { - error handling in ioctl of an invalid value in rule.action - counting evaluations and matching packets for scrub rules ok henning@ dhartmei@ | |||
| 2002-12-31 | amiga and sun3 turned out to not be y2k+3 compliant here. Remove them, as | Miod Vallat | |
| well as the few userland tools which were only used on these platforms. | |||
| 2002-12-31 | Prepare for the removal of amiga and sun3 platforms from the tree. | Miod Vallat | |
| There has not been enough activity and interest towards these platform to keep them lying in the tree. | |||
| 2002-12-31 | fxi som tpyos | Anil Madhavapeddy | |
| 2002-12-31 | sha1.c is needed by pf. | Matthieu Herrb | |
| ok fgs@ | |||
| 2002-12-31 | document update-patches; help & ok espie | Peter Valchev | |
| 2002-12-31 | + NFSCLIENT | Theo de Raadt | |
| 2002-12-31 | don't overrun user-supplied buffer. from jinmei@kame, deraadt ok | Jun-ichiro itojun Hagino | |
| 2002-12-31 | If we're going to replace strtok() with strtok_r(), and the caller of the | Jun-ichiro itojun Hagino | |
| latter is invoked recursively, use static (instead of automatic) storage for the "last" pointer so that we remember where we're up to ... Fixes bug with hosts.deny rules such as "rpcbind: ALL EXCEPT some.domain". netbsd lib/libwrap/hosts_access.c 1.17 | |||
| 2002-12-31 | Change this test to use the ipv6-icmp alias, icmp6. | Ryan Thomas McBride | |
| 2002-12-31 | err() doesn't return. from Andrey Matveev. | Daniel Hartmeier | |
| 2002-12-31 | Catch EISDIR in execvp() and friends so that if a directory appears | Todd C. Miller | |
| in PATH that matches the name to be executed we skip it; Andy Isaacson | |||
| 2002-12-31 | Mention pf rdr rules and anchors. | Daniel Hartmeier | |
| 2002-12-31 | Fix regression tests for ipv6-icmp-type to icmp6-type changes in pfctl. | Ryan Thomas McBride | |
| 2002-12-31 | Use a default state table limit of 10000 entries. This is safe for all | Daniel Hartmeier | |
| normal configurations, and sufficient for many. You can always increase it, if you need more concurrent states and have enough memory (65000 for 64MB RAM, for instance). Suggested earlier by henning@. ok mcbride@ | |||
| 2002-12-30 | Match changes to pfctl and /etc/protocols. ipv6-icmp-type becomes icmp6-type; | Ryan Thomas McBride | |
| "proto ipv6-icmp" still works, but prefer icmp6, since we have icmp6(4), not ipv6-icmp(4). ok dhartmei@ henning@ | |||
| 2002-12-30 | Change ipv6-icmp-type to icpm6-type. pf.conf files will need to be adjusted | Ryan Thomas McBride | |
| to reflect this. ok dhartmei@ henning@ | |||
| 2002-12-30 | #set limit states unlimited -> 10000, as unlimited is not valid syntax. | Daniel Hartmeier | |
| 2002-12-30 | minor KNF | Theo de Raadt | |
| 2002-12-30 | similar to base includes; pinskia@physics.uc.edu | Theo de Raadt | |
| > fix C++ semantics. > Found by Andrew Pinski <pinskia@physics.uc.edu> > Works with gcc-current and Tendra C++ now. | |||
| 2002-12-30 | Add icmp6 as an alias for ipv6-icmp. This helps clear up confusion about | Ryan Thomas McBride | |
| icmp protocol naming particularly with pfctl, since the manpage is icmp6(4) (not ipv6-icmp(4)). suggested by espie@, cleared with deraadt@, ok dhartmei@ | |||
| 2002-12-30 | Don't pass a NULL arg to Parse_DoVar which can happen if user specifies | Todd C. Miller | |
| "make --". Check for "-", not "--" when deciding whether or not to pass something to Lst_AtEnd() (I misunderstood what the old code was trying to do). This fixes, e.g. ports/graphics/tiff | |||
| 2002-12-30 | dynamically allocate the struct con[], according to the -c arg given or a ↵ | Michael Shalayeff | |
| default, being the max 200 | |||
| 2002-12-30 | typos; jmc@prioris.mini.pw.edu.pl | Theo de Raadt | |
| 2002-12-30 | typos, but i left it as "credential cache"; jmc@prioris.mini.pw.edu.pl | Theo de Raadt | |
| 2002-12-30 | Add new parameter to scsi_test_unit_ready(): retries number. | Alexander Yurchenko | |
| Use increased retries number and don't ignore SCSI_IGNORE_NOT_READY when call scsi_test_unit_ready() for cd-rom, this makes system wait if drive is loading media. Tested by millert@ and fgsch@; some input and ok from krw@. Problem reported by The lord of the CD-writers Igor Grabin <violent@death.kiev.ua>. | |||
| 2002-12-30 | Back out __EOF stuff and just use -1 in ctype.h. This is OK since | Todd C. Miller | |
| we don't want any user defines to change how the inlined ctype functions behave. | |||
| 2002-12-30 | sync | Theo de Raadt | |
| 2002-12-30 | Use PLOCK for tsleep priority instead of the (rather bogus) PZERO - 4. | Todd C. Miller | |
| PZERO - 4 == 18 which makes it equivalent to PRIBIO; not what we want. Discussed with art@ some time ago. | |||
| 2002-12-30 | If we can't allocate a struct sem_undo w/o sleeping, use PR_WAITOK | Todd C. Miller | |
| but then check to see that one with our struct proc was not allocated in the meantime. | |||
| 2002-12-30 | o add Keith Moon's birthday (already have his death) | Todd C. Miller | |
| o add John Entwistle's birth and death OK mickey@ | |||
| 2002-12-30 | use err vs. errx and display function; from Owl. ok fgsch@ | Kevin Steves | |
| 2002-12-30 | include function in error; from Owl. ok fgsch@ | Kevin Steves | |
| 2002-12-30 | correct return code check; from Owl. ok fgsch@ | Kevin Steves | |
| 2002-12-30 | Don't forget to copyout the time at which statistics got cleared. | Cedric Berger | |
| 2002-12-30 | put bin dirs before sbin dirs in PATH for consistency with other cron scripts | Todd C. Miller | |
| 2002-12-30 | sync protos with dlfcn.h; prompted by niekze AT yahoo DOT com | Todd C. Miller | |
| 2002-12-30 | really count the number of deleted tables - obvious fix. | Cedric Berger | |
| 2002-12-30 | Add $OpenBSD$ tag. | Thierry Deval | |
| Thanks to Clarie Wouter (rimshot at pandora point be) | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |