summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2004-12-06Get rid of a gcc warningJean-Francois Brousseau
2004-12-06Missing prototype for cvs_diff_sendflags(), removes a gcc warningJean-Francois Brousseau
2004-12-06also consider NFS_PORT to be a reserved port, as in 1.18 or something likeTheo de Raadt
that.
2004-12-06ipsec udpencap check was done after baddynamicports ports checks (thoseTheo de Raadt
tables only map from 512 to 1023 using bitmaps, sorry); ok hshoexer
2004-12-06Pass the proper type for the third argument to cvs_sendreq()Jean-Francois Brousseau
2004-12-06kill __P in proto; ok deraadt pvalchevJared Yanovich
2004-12-05- explain that patterns can be used as arguments in get/put/ls/etcJared Yanovich
commands (prodded by Michael Knudsen) - describe ls flags as a list - other minor improvements ok jmc, djm
2004-12-05fix printf's in ipw_dma_alloc()Damien Bergamini
2004-12-05add IEEE80211_C_SHPREAMBLE capability flag and reorder interrupt handlersDamien Bergamini
2004-12-05update net80211 AP list after scanningDamien Bergamini
2004-12-05max # of virtual terminals is 12. From Janjaap van Velthooven in PR 3995.Otto Moerbeek
ok miod@
2004-12-05mostly cosmetic changesDamien Bergamini
2004-12-05extend window of "ignoring route messages on the socket" for 10 secondsTheo de Raadt
instead of 3.
2004-12-05Clean Tx/Rx rings allocation and management.Damien Bergamini
2004-12-05wait longer for master initializationDamien Bergamini
2004-12-05tYpoMartin Reindl
2004-12-05do a scan for networks when net80211 thinks we should rather than doing itDavid Gwynne
only when we bring the interface up.
2004-12-05IPv6 packets can contain headers (like options) before the TCP/UDP/ICMP6Daniel Hartmeier
header. pf finds the first TCP/UDP/ICMP6 header to filter by traversing the header chain. In the case where headers are skipped, the protocol checksum verification used the wrong length (included the skipped headers), leading to incorrectly mismatching checksums. Such IPv6 packets with headers were silently dropped. Reported by Bernhard Schmidt. ok mcbride@
2004-12-05after attaching an overload table, set its active flag. otherwise, theDaniel Hartmeier
table is not visible/accessible when the rule is the only reference (you don't HAVE to reference the table elsewhere).
2004-12-05initialize $$->tail and $$->next for MAXSRCCONNRATEDaniel Hartmeier
2004-12-05net80211 in the watchdogDavid Gwynne
2004-12-05less then -> less thanJonathan Gray
2004-12-05rather then -> rather thanJonathan Gray
2004-12-05MicroSoft -> MicrosoftJonathan Gray
ok deraadt@, macro@, brad@
2004-12-05add 'wireless network' so this shows up w/apropos wirelessJolan Luff
2004-12-05clean up init of the tx xfersDavid Gwynne
2004-12-05unbreak builds without ATU_DEBUG set.David Gwynne
thanks to jsg@ for pointing that out
2004-12-05clean up some more of the old state machineDavid Gwynne
2004-12-05shrink atu_ioctl to only have the useful bits. inet6 seems a bit happier as aDavid Gwynne
side effect
2004-12-05rely on net80211 for media status/changes. reset the device as neededDavid Gwynne
from daan vreeken
2004-12-05remove the dependance on code from wiDavid Gwynne
2004-12-04remove code that is now unused because of the move to net80211 and theDavid Gwynne
rx/tx cleanup
2004-12-04clean up the tx pathDavid Gwynne
2004-12-04Mention elfrdsetroot tool as well. deraadt@ okAaron Campbell
2004-12-04sync manual and usage to file-4.09; bits from and ok ian and jmcJared Yanovich
2004-12-04- reorder interrupt handlersDamien Bergamini
- don't request ack's for multicast frames - fix short preamble support - clear nic memory on reset - fix ioctl SIOCGTABLE0
2004-12-04minor cleaningDamien Bergamini
2004-12-04fix shared authenticationDamien Bergamini
2004-12-04reply() used to play a lot with stdout, expecially fflush(stdout).Theo de Raadt
The recent change is to avoid stdio. That's good, except there are nearly 130 calls to this function, yet what if one of them depended on fflush() or something else in this code? The semantic change was never checked. That is not how we do development -- back this out until we know that checking work has been done.
2004-12-04Clean DMA allocation of Tx and Rx ringsDamien Bergamini
2004-12-04use C comments.Markus Friedl
2004-12-04Cleanup and remove a cut-n-pasto. From jmc@Ryan Thomas McBride
2004-12-04sync usage() w/ man page;Jason McIntyre
ok henning@
2004-12-04reorder page contents somewhat, to make this easier to read, and put theJason McIntyre
chroot stuff back into the main description; remove non-standard Sh OPTIONS; remove apache web site link, since we keep the docs locally anyway; ok henning@
2004-12-04edit rc.conf.local, not rc.conf;Jason McIntyre
2004-12-04clean up the rx pathDavid Gwynne
2004-12-04Document 'max-src-conn', 'max-src-conn-rate', 'overflow <bad> flush'.Ryan Thomas McBride
2004-12-04disable the state machine in atu in favour of the net80211 framework. lots ofDavid Gwynne
cleanup to follow. partly from daan vreeken, partly from me
2004-12-04Userland support for limiting open tcp connections per source. eg:Ryan Thomas McBride
keep state (max-src-conn 1000, max-src-conn-rate 100/10, overflow <bad> flush) allow a maximum of 1000 open connections or 100 new connections in 10 seconds. The addresses of offenders are added to the <bad> table which can be used in the ruleset, and existing states from that host are flushed. ok deraadt@ dhartmei@
2004-12-04Add kernel code to keep track of tcp connections which have completedRyan Thomas McBride
the 3-way handshake. Allow limits on both total connections and connection rate, put offenders in a table which can be used in the ruleset, and optionally kill existing states. Rate tracking code from dhartmei@. Adds a second pool for table entries using the default allocator, which allows entries to be added at splsoftnet(). ok deraadt@ dhartmei@
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-08 14:37:28 +0000