| Age | Commit message (Expand) | Author |
|---|
| 2002-06-08 | Change remaining read-only lookup tables to const, suggestion drahn@ | Daniel Hartmeier |
| 2002-06-08 | comment on IPv6 link-local twists | Jun-ichiro itojun Hagino |
| 2002-06-08 | add list expansion to src/dest in NAT rules. i.e. | Kjell Wooding |
| 2002-06-08 | remove macro concatenation via += per Theo's advice | Henning Brauer |
| 2002-06-08 | allow macro concatenation like | Henning Brauer |
| 2002-06-08 | Make state timeouts configurable per rule, like | Daniel Hartmeier |
| 2002-06-08 | expand $nr -> rule number in rule labels | Henning Brauer |
| 2002-06-08 | expand $proto in rule labels | Henning Brauer |
| 2002-06-07 | Handle realloc() failure gracefully. Terminates with err() anyway in this | Daniel Hartmeier |
| 2002-06-07 | henning, read this to see what i mean by KNF | Theo de Raadt |
| 2002-06-07 | add the possibility to configure a TTL while return-rst | Philipp Buehler |
| 2002-06-07 | Add "(max <number>)" option for "keep/modulate state" to limit the number | Daniel Hartmeier |
| 2002-06-07 | allow using $srcaddr, $srcport, $dstaddr and $dstport in rule labels, | Henning Brauer |
| 2002-06-07 | make IPv6 scope identification work for dst (from any to fe80::1%lo0) | Jun-ichiro itojun Hagino |
| 2002-06-07 | support scoped IPv6 address in from/to portion. | Jun-ichiro itojun Hagino |
| 2002-06-01 | ECN flag support for pf. Committed in consultation with Daniel. | Hugh Graham |
| 2002-05-24 | Support mixed (IPv4/v6) address lists, expand to all possible and valid | Daniel Hartmeier |
| 2002-05-23 | tiny KNF, some malloc checks, etc | Theo de Raadt |
| 2002-05-23 | new_addr is not used from anywhere. daniel@benzedrine.cx ok | Jun-ichiro itojun Hagino |
| 2002-05-19 | KNF | Theo de Raadt |
| 2002-05-12 | Explain that user/group 'unknown' can only be used with operators = and != | Daniel Hartmeier |
| 2002-05-12 | Add gid based filtering, reduce to one (effective) uid, rename parser | Daniel Hartmeier |
| 2002-05-10 | Handle host name resolution returning multiple addresses in the rule | Daniel Hartmeier |
| 2002-05-09 | Add a max-mss option to the scrub rule which will enforce a maximum mss | jasoni |
| 2002-05-09 | Introduce user based filtering. Rules can specify ruid and euid (real and | Daniel Hartmeier |
| 2002-04-24 | Add dynamic (in-kernel) interface name -> address translation. Instead of | Daniel Hartmeier |
| 2002-04-23 | Allow explicit filtering of fragments when they are not reassembled. | Daniel Hartmeier |
| 2002-04-18 | use strlcpy | Theo de Raadt |
| 2002-04-17 | Reset lineno for each file, so pfctl -R ... -N ... reports the right | Daniel Hartmeier |
| 2002-03-27 | implement a "no-route" keyword. | Michael Shalayeff |
| 2002-02-27 | Instead of printing useless @0 rule numbers from pfctl -vR, increase a | Daniel Hartmeier |
| 2002-01-11 | use bsearch() for keywords lookup, swap couple of entries to make the keyword... | Michael Shalayeff |
| 2002-01-10 | Let port 0 be specified as it's not special here. | Hugh Graham |
| 2002-01-09 | Port must be >0 and <=65535. Idea while have fun with ssh. | Mike Pechkin |
| 2002-01-09 | free() 'interface' in {nat,binat,rdr}rule | Mike Pechkin |
| 2002-01-09 | Add labels to rules. These are arbitrary names (not to be confused with | Daniel Hartmeier |
| 2002-01-08 | Add "no nat/rdr/binat" to nat.conf. The first matching rule applies. | Daniel Hartmeier |
| 2002-01-07 | remove 3rd argument from ipmask(), not used. | Mike Pechkin |
| 2001-12-23 | find correct line number in lval, instead of val | Theo de Raadt |
| 2001-12-10 | Add stateful filtering for other (non-TCP/UDP/ICMP) protocol, based on | Daniel Hartmeier |
| 2001-12-05 | Correctly parse hex numbers. Spotted by Claudio Jeker. Closes PR 2234. | Daniel Hartmeier |
| 2001-12-03 | For nat, binat and rdr rules, don't allow different address families in | Daniel Hartmeier |
| 2001-11-26 | add fastroute options similar to what is found in ipf | jasoni |
| 2001-11-05 | noone responds. | Theo de Raadt |
| 2001-10-24 | Check interface names using ifa0_lookup() and print error message for | Daniel Hartmeier |
| 2001-10-15 | Add 'allow-opts' to rules. Packets with IP options will be blocked by | Daniel Hartmeier |
| 2001-10-11 | Don't htonl() past buffer bounds if ipmask == 128 | Mike Frantzen |
| 2001-10-07 | Add interface name to address translation to pfctl, document it and add | Daniel Hartmeier |
| 2001-10-01 | print variable asignments only if -v is given. ok dhartmei/deraadt | Markus Friedl |
| 2001-09-28 | Support underscores in macro names and document it in the man page. | Daniel Hartmeier |
