Age | Commit message (Expand) | Author |
2024-02-06 | Tweak previous. Passing "dns" to pledge(2) is suitable for the purpose. | YASUOKA Masahiko |
2024-01-29 | Open /etc/{services,protocols} before pledge(2). | YASUOKA Masahiko |
2023-10-09 | Add pledge("stdio") before parsing pfkey messages. This applies to | Tobias Heider |
2023-03-07 | Delete obsolete /* ARGSUSED1 */ lint comments. | Philip Guenther |
2018-09-07 | Remove unnused af argument from unmask(), sync with pfctl | kn |
2017-11-20 | Support collapsing flow outputs. | Martin Pieuchot |
2017-04-19 | Rename all SA groups to bundles consistently. The first kernel | Alexander Bluhm |
2017-03-02 | Now that the kernel provides information about IPsec SA bundles, | Alexander Bluhm |
2015-12-10 | Remove NULL-checks before free(). ok tb@ | mmcc |
2015-01-16 | Replace <sys/param.h> with <limits.h> and other less dirty headers where | Theo de Raadt |
2014-11-20 | Yet more #include de-duplication. | Kenneth R Westerback |
2012-07-05 | don't output "esn" string in the rule section as we can't use the | Mike Belopuhov |
2012-06-29 | Print esn flag when dumping SAs with ESN enabled | Mike Belopuhov |
2011-11-08 | - put -i in the right place | Jason McIntyre |
2011-11-08 | allow the path to isakmpd's fifo to be specified (aka changed) on the | Henning Brauer |
2009-01-27 | A warning text in ipsecctl was used twice. Make the messages unique | Alexander Bluhm |
2009-01-20 | Add support to isakmpd(8) and ipsecctl(8) to install SA's with a | Marco Pfatschbacher |
2008-07-21 | Free the rules in the rule_queue also if ipsecctl is called with | Alexander Bluhm |
2008-07-01 | Isakmpd acquire mode did not work with a config generated from | Alexander Bluhm |
2007-10-13 | in all these programs using the same pfctl-derived parse.y, re-unify the | Theo de Raadt |
2007-08-21 | no need to include both sys/types.h and params.h | Hans-Joerg Hoexer |
2007-02-19 | do not display empty authkey/enckey line when -k option is not | Hans-Joerg Hoexer |
2007-01-10 | add -k to usage(); | Jason McIntyre |
2007-01-03 | do not print secret keys by default, -k restores old behaviour; ok hshoexer | Markus Friedl |
2006-11-30 | handle multiple SAs with different same src/dst but different port; | Markus Friedl |
2006-11-10 | When using -vv, also show grouped SAs. | Hans-Joerg Hoexer |
2006-11-01 | KNF unrelated to previous commit. | Ryan Thomas McBride |
2006-11-01 | Add support for aggressive mode (from the k2k6 IPsec hackathon). | Ryan Thomas McBride |
2006-09-19 | sort SAs by spi; ok hshoexer | Markus Friedl |
2006-08-31 | Security Association Database is abbreviated 'SAD' (RFC 2401 et al), not 'SAD... | Hakan Olsson |
2006-06-08 | fix usage, make synopsis more pretty. noticed by david@ | Hans-Joerg Hoexer |
2006-06-02 | exit(2) when loading of rules did work partially. ok markus@ | Hans-Joerg Hoexer |
2006-06-02 | add trailing \ when printing multiple lines for an SA, this way | Markus Friedl |
2006-06-02 | allow to specify phase 1 and 2 lifetimes. Right now, these values | Hans-Joerg Hoexer |
2006-06-01 | Support flows with port modifiers for proto tcp/udp, e.g. | Christian Weisgerber |
2006-06-01 | more to free, needed for SA grouping. | Hans-Joerg Hoexer |
2006-06-01 | convert pfkey to ipsec_rule and use ipsecctl_print_rule() when dumping | Markus Friedl |
2006-06-01 | Prepare for SA grouping. | Hans-Joerg Hoexer |
2006-06-01 | correct error messages to match calloc where appropriate | Todd T. Fries |
2006-06-01 | rename list link for ipsec_rule structures from "entries" to "rule_entry". | Hans-Joerg Hoexer |
2006-05-30 | implement monitor mode for ipsecctl. worked on with markus@ | Mathieu Sauve-Frankel |
2006-05-29 | add ipsecctl_free_rule() for cleaning up rules. | Hans-Joerg Hoexer |
2006-03-31 | wenn dumping rules always show type, srcid and dstid (if set). | Hans-Joerg Hoexer |
2006-03-31 | allow specification of encapsulated protocol for flows; ok hshoexer | Markus Friedl |
2006-03-30 | allow specification of outer local ips in flows (SADB_EXT_ADDRESS_SRC); ok hs... | Markus Friedl |
2006-03-22 | add support for macros in ipsec.conf(5). some bits have already been | Reyk Floeter |
2006-02-01 | noted by lint: include <string.h> instead of <strings.h>, add tow ARGSUSED1 | Hans-Joerg Hoexer |
2006-01-17 | wrap long lines (no binary change) | Reyk Floeter |
2006-01-16 | add support for pre-shared keys with "ike esp" using the new keyword | Reyk Floeter |
2005-12-06 | more appropriate error messages; ok hshoexer | Markus Friedl |