| Age | Commit message (Expand) | Author |
|---|
| 2010-03-23 | remove -A, -O, -R and -T load | Henning Brauer |
| 2010-01-12 | First pass at removing the 'pf_pool' mechanism for translation and routing | Ryan Thomas McBride |
| 2009-12-10 | plug some memory leaks; found by parfait, ok henning | Theo de Raadt |
| 2009-11-23 | since "nat/rdr pass" are history natpass can go | Henning Brauer |
| 2009-11-22 | cleanup after the NAT changes. we used to have multiple rulesets (scrub, | Henning Brauer |
| 2009-10-28 | Add a dedicated pf pool for route options as suggested by henning, | Jonathan Gray |
| 2009-09-01 | the diff theo calls me insanae for: | Henning Brauer |
| 2008-05-07 | allow setting TOS with scrub; ok mcbride, claudio | Markus Friedl |
| 2008-05-06 | Add a counter to record how many states have been created by a rule. | Marco Pfatschbacher |
| 2008-01-26 | Create the automatic tables at the base of the anchor stack rather than | Ryan Thomas McBride |
| 2008-01-25 | Get rid of warning when compiling with OPT_DEBUG. | Ryan Thomas McBride |
| 2007-11-27 | typos; ok jmc@ | Martynas Venckus |
| 2006-10-31 | Allow pfctl ruleset optimizer to be controlled from the ruleset. | Ryan Thomas McBride |
| 2006-10-28 | Load all rules into memory before loading into the kernel, and add support | Ryan Thomas McBride |
| 2006-10-25 | teach the optimizer about logif, with & ok frantzen | Henning Brauer |
| 2006-03-14 | implement a Unicast Reverse Path Forwarding (uRPF) check for pf(4) | Damien Miller |
| 2005-06-13 | make the packet and byte counters on rules and src nodes per direction, | Henning Brauer |
| 2005-05-26 | switch the max_src_{states,conn,conn_rate} from superblock breaks to superblock | Mike Frantzen |
| 2005-05-25 | make the remaining pf_rule fields named superblock BREAKs instead just letting | Mike Frantzen |
| 2005-05-25 | make the optimizer safe in the presence of interface groups. they must act as | Mike Frantzen |
| 2005-01-03 | don't merge a rule's source address into a table if we're already trying to | Mike Frantzen |
| 2004-12-14 | &&/|| inversion would try to merge IP addresses with non-addresses into a | Mike Frantzen |
| 2004-12-14 | add two warn() calls to make sure a warning message gets printed if one of | Mike Frantzen |
| 2004-08-08 | spacing | Theo de Raadt |
| 2004-07-16 | 'pfctl -o' ruleset optimizer that doesnt change the meaning of the final ruleset | Mike Frantzen |
