| Age | Commit message (Expand) | Author |
|---|
| 2007-06-30 | allow states instead of just state for -s and -F for consistency's sake. | Henning Brauer |
| 2007-05-31 | Cope with new ioctl interface (use pfsync_state instead of pf_state) | Ryan Thomas McBride |
| 2007-04-21 | "o" in optiopt_list is superfluous now too | Henning Brauer |
| 2007-04-21 | fix -o handling. syntax is now -o none|basic|profile. -o without argument | Henning Brauer |
| 2007-04-20 | no whitespace allowed between -o and its argument, so update doc/usage() | Jason McIntyre |
| 2007-03-21 | Enable basic ruleset optimization by default. | Ryan Thomas McBride |
| 2007-03-01 | be more careful with mixing &/| with &&/||, ok otto | Theo de Raadt |
| 2007-02-23 | if machine has more than 100MB of physmem, default the max table entries | Theo de Raadt |
| 2007-02-09 | pfctl_clear_rule_counters() is not needed any more | Henning Brauer |
| 2007-02-09 | use DIOCGETRULE ioctl & action set to PF_GET_CLR_CNTR to clear counters | Henning Brauer |
| 2007-01-18 | implement -T expire. | Henning Brauer |
| 2006-11-20 | -K argument to kill source tracking nodes explicitly, behaves like the | Ryan Thomas McBride |
| 2006-11-07 | Only try to recursively print rules if they are actually anchors. | Ryan Thomas McBride |
| 2006-11-07 | Unbreak authpf by handling non-inline anchors separately from the { } anchors | Ryan Thomas McBride |
| 2006-11-05 | Don't open a transaction for a ruleset unless it's a brace ruleset that | Ryan Thomas McBride |
| 2006-11-01 | sync usage(); ok mcbride | Jason McIntyre |
| 2006-11-01 | Don't recures ALL the time. | Ryan Thomas McBride |
| 2006-10-31 | Allow a user to recursively print anchors including those without | Ryan Thomas McBride |
| 2006-10-31 | Allow pfctl ruleset optimizer to be controlled from the ruleset. | Ryan Thomas McBride |
| 2006-10-31 | - don't allow anchors with _* names to be cleared or loaded from the | Ryan Thomas McBride |
| 2006-10-28 | Load all rules into memory before loading into the kernel, and add support | Ryan Thomas McBride |
| 2006-06-30 | spaces | Theo de Raadt |
| 2006-05-28 | Enable adaptive timeouts by default, with adaptive.start of 60% of the | Ryan Thomas McBride |
| 2006-04-24 | don't clear interface flags (set skip on) when -N/-F is used without -O, | Daniel Hartmeier |
| 2005-11-17 | for pfctl -f rules, open the file before resetting options. when opening | Daniel Hartmeier |
| 2005-07-11 | clear PFI_IFLAG_SKIP when clearing interface flags, found by David Hill, | Daniel Hartmeier |
| 2005-06-13 | make the packet and byte counters on rules and src nodes per direction, | Henning Brauer |
| 2005-06-13 | free memory in show_src_nodes and show_states, as reported by | Jared Yanovich |
| 2005-05-28 | don't print the "[ Inserted: uid pid ]" line when -g is used, so the | Daniel Hartmeier |
| 2005-05-27 | log two pairs of uid/pid through pflog: the uid/pid of the process that | Daniel Hartmeier |
| 2005-05-23 | change pool allocation of table entries, no longer use the oldnointr | Daniel Hartmeier |
| 2005-05-22 | Add support to kill states that match networks. | Marco Pfatschbacher |
| 2005-05-21 | clean up and rework the interface absraction code big time, rip out multiple | Henning Brauer |
| 2005-05-05 | typo | Joel Knight |
| 2005-03-07 | fd leaks in error paths, From: Andrey Matveev <andrushock@korovino.net> | Henning Brauer |
| 2005-03-06 | print "set skip on" with -v in such a way that the output is valid input | Daniel Hartmeier |
| 2005-01-06 | Missing braces in pfctl_load_debug(), pointed out by camield@ | Ryan Thomas McBride |
| 2005-01-05 | Modify pfctl behaviour so that 'set ...' options are no longer "sticky", ie. | Ryan Thomas McBride |
| 2004-12-29 | change last commit so that the test for PF_OPT_NOACTION is actually in | Dan Harnett |
| 2004-12-29 | don't clear interface flags if '-n' option was given. | Dan Harnett |
| 2004-12-29 | be quiet about resetting the interface flags omn ruleset load, only | Henning Brauer |
| 2004-12-28 | reset skip interface flags on reloads and for -Fall | Henning Brauer |
| 2004-12-27 | unbreak tree | Theo de Raadt |
| 2004-12-27 | reset skip interface flags on reloads and for -Fall | Henning Brauer |
| 2004-12-22 | Introduce 'set skip on <ifspec>' to support a list of interfaces where no | Daniel Hartmeier |
| 2004-09-21 | Implement "no scrub" to allow exclusion of specific traffic from scrub rules. | Aaron Campbell |
| 2004-08-26 | sync usage for -a | Jared Yanovich |
| 2004-08-08 | spacing | Theo de Raadt |
| 2004-07-23 | - make SYNOPSIS and usage() clear that -t precedes -T; | Jason McIntyre |
| 2004-07-19 | print the correct labels when displaying timeouts with pfctl (eg, pfctl -st). | David Gwynne |
