Age | Commit message (Collapse) | Author | |
---|---|---|---|
2009-11-23 | Move ipsec key creation before isakmpd, and sshd to become the first | Theo de Raadt | |
of the network daemons so that it can be used if another daemon stops in its tracks. ok claudio markus sthen | |||
2009-11-22 | Stop supporting bridgename.bridge* files, and move to hostname.bridge* | Theo de Raadt | |
files. To cope with this change, read about the mv command. ok claudio todd | |||
2009-11-20 | The deny all and allow from any inet prefixlen 8 - 24 will block the default | Claudio Jeker | |
route already so don't add an additional rule for that. Instead add a commented allow rule. Idea from Mitja Muzenic (mitja at muzenic dot net) | |||
2009-11-13 | Add hw.sensors to dmesg request, 'go for it' deraadt@ | Ian Darwin | |
2009-11-06 | Remove Speedo dir from mtree at we do not install these fonts anymore. | Antoine Jacoutot | |
ok matthieu@ | |||
2009-11-03 | to resolve aliases, a rule must now provide the alias parameter with the | Gilles Chehade | |
name of the map to use for resolution | |||
2009-11-03 | Get rid of pflogd.pid because the privsep child cannot delete the pidfile; | Theo de Raadt | |
use pkill(1) in /etc/newsyslog.conf instead together with otto and suggestions from tedu | |||
2009-11-02 | fix reverse zone for ::1 (PR#6243) | Jakob Schlyter | |
2009-10-27 | update moduli file; ok deraadt | Darren Tucker | |
2009-10-25 | fix syntax error in 'make update-moduli'; ok deraadt | Darren Tucker | |
2009-10-17 | amd_dir is no longer used by rc so no need for it in rc.conf. | Nicholas Marriott | |
ok deraadt | |||
2009-10-06 | Be nice if we have bootblocks available, too | Theo de Raadt | |
2009-10-04 | Add (again) support for divert sockets. They allow you to: | Michele Marchetto | |
- queue packets from pf(4) to a userspace application - reinject packets from the application into the kernel stack. The divert socket can be bound to a special "divert port" and will receive every packet diverted to that port by pf(4). The pf syntax is pretty simple, e.g.: pass on em0 inet proto tcp from any to any port 80 divert-packet port 1 A lot of discussion have happened since my last commit that resulted in many changes and improvements. I would *really* like to thank everyone who took part in the discussion especially canacar@ who spotted out which are the limitations of this approach. OpenBSD divert(4) is meant to be compatible with software running on top of FreeBSD's divert sockets even though they are pretty different and will become even more with time. discusses with many, but mainly reyk@ canacar@ deraadt@ dlg@ claudio@ beck@ tested by reyk@ and myself ok reyk@ claudio@ beck@ manpage help and ok by jmc@ | |||
2009-10-01 | Bring BSD.x11.dist back here. It's needed by the ports subsystem. | Matthieu Herrb | |
Update the BSD.x11.dist version to the one in xenocara. | |||
2009-09-24 | regen | Miod Vallat | |
2009-09-24 | Reach palm MAKEDEV bits. | Miod Vallat | |
2009-09-23 | remove unused and outdated BSD.x11.dist file. ok miod@, krw@. | Matthieu Herrb | |
2009-09-23 | regen | Miod Vallat | |
2009-09-23 | Stricter patterns for numbered wsmouse and wskbd devices, so that | Miod Vallat | |
`wsmouse' and `wskbd' without suffixes match the wsmux rule. Reported by Vadim Zhukov (persgray on gmail) | |||
2009-09-17 | change variable i to $i in an expression of ifstart() for consistency | Simon Bertrang | |
with the rest of the file. no functional change. feedback from sthen@, ok krw@ | |||
2009-09-17 | sync the spamd example to that used in spamd(8); ok beck | Jason McIntyre | |
2009-09-11 | This sample ruleset does not use require-order to mix NAT/rdr | Stuart Henderson | |
and filter rules, because we no longer have translation rules. Pointed out by Mitja Muzenic, ok henning@ | |||
2009-09-07 | example spamd rules should be "pass in"; | Jason McIntyre | |
2009-09-06 | add framework for palm | Theo de Raadt | |
2009-09-05 | Palm: initial commit of etc/etc.palm | Marek Vasut | |
OK deraadt@ | |||
2009-09-01 | add back sample spamd(8) rules, converted appropriately; ok henning@ | Todd T. Fries | |
2009-09-01 | todd reminded me we need to adjust this too | Henning Brauer | |
2009-08-18 | Add entry for ypldap.conf (may contain a password). | Antoine Jacoutot | |
ok pyr@ | |||
2009-08-13 | sync | Theo de Raadt | |
2009-08-13 | Add nodes for vscsi0; ok dlg | Theo de Raadt | |
2009-08-12 | dlg wants iscsi in here; ok dlg | Theo de Raadt | |
2009-08-12 | change some defaults inside amd itself, so that the rc scripts no longer | Theo de Raadt | |
have to pass those options. this makes amd much easier to restart by hand (though it still remains a nasty daemon do that with) ok millert | |||
2009-08-10 | gpio for amd64. | Jonathan Gray | |
ok deraadt@ | |||
2009-08-10 | advise to update /etc/rc.conf.local instead of /etc/rc.conf; from Remco | Okan Demirmen | |
ok todd@ | |||
2009-08-08 | typo in comment; frantisek | Theo de Raadt | |
2009-08-07 | - specifically match carp+([0-9]):, not just carp*:. avoids spurious | Stuart Henderson | |
attempts to "ifconfig carp down" noticed by david@. - use non-descriptive variables names rather than $if/$junk to encourage people reading the code to think what it's doing; many of the output lines are not interface names. ok david@ | |||
2009-08-07 | fix ksh ftp wrapper so argvs aren't split before passing; making | Martynas Venckus | |
urls with spaces work. ok sthen@ | |||
2009-08-05 | correct indent | Theo de Raadt | |
2009-08-04 | zap the rather useless machdep.apmwarn entries (see apm(4)); | Jason McIntyre | |
ok deraadt | |||
2009-08-04 | Don't use grep/cut during shutdown, /usr might not be mounted. | Stuart Henderson | |
Spotted by deraadt@. These were used to bring down carp ifaces cleanly; replace with shell features. ok deraadt@, henning@. "Much mo' better" blambert@. | |||
2009-07-28 | Add bsd.mp to MDEXT | Miod Vallat | |
2009-07-22 | sync | Alexandre Ratchov | |
2009-07-22 | add missing /dev/{rmidi,sequencer,music} bits in MAKEDEV for | Alexandre Ratchov | |
armish, landisk and zaurus. Also fix corresponding .Xr in MAKEDEV.8 ok miod@, todd@ | |||
2009-07-10 | Delay creation of tun(4) interfaces until the underlying interface and | Jason Dixon | |
routes are available. This fixes usage for some OpenVPN users that start it from hostname.tun*. Tested by Johan Huldtgren. ok sthen@, johan@. | |||
2009-06-30 | extra spaces found during inspection of other goo | Theo de Raadt | |
2009-06-30 | Make syslogd create a socket in /var/www/dev when httpd is enabled in order | Robert Nagy | |
to make logging to syslog work with php for example. ok deraadt@, henning@ | |||
2009-06-26 | the correct *.ipk file has ${OSrev} in it | Theo de Raadt | |
2009-06-24 | Fix a typo | giovanni | |
"sure" sthen@ | |||
2009-06-20 | 4.6-BETA | Miod Vallat | |
2009-06-10 | pf should block the port range allocated by net.inet.tcp.baddynamic | Igor Sobrado | |
for the X protocol instead of port 6000 only; this way pf provides the same protection level to all X servers. ok sthen@; "I am convinced that 6000-6010 is acceptable for blocking in pf" deraadt@, "i'd thought of something similar" oga@ |