| Age | Commit message (Expand) | Author |
|---|
| 2002-05-27 | Ports require 6 chars, from Oleg Safiullin | Daniel Hartmeier |
| 2002-05-23 | tiny KNF, some malloc checks, etc | Theo de Raadt |
| 2002-05-19 | KNF | Theo de Raadt |
| 2002-05-18 | Handle long (unsigned 32-bit) IDs in print_uid/gid(). From Oleg Safiullin. | Daniel Hartmeier |
| 2002-05-12 | Add gid based filtering, reduce to one (effective) uid, rename parser | Daniel Hartmeier |
| 2002-05-09 | Add a max-mss option to the scrub rule which will enforce a maximum mss | jasoni |
| 2002-05-09 | Introduce user based filtering. Rules can specify ruid and euid (real and | Daniel Hartmeier |
| 2002-05-05 | Instead of returning a useless kernel space pointer for the rule that | Daniel Hartmeier |
| 2002-04-24 | Add dynamic (in-kernel) interface name -> address translation. Instead of | Daniel Hartmeier |
| 2002-04-23 | Allow explicit filtering of fragments when they are not reassembled. | Daniel Hartmeier |
| 2002-04-15 | Use in_addr_t instead of unsigned long, which breaks on alpha (64-bit). | Daniel Hartmeier |
| 2002-03-27 | implement a "no-route" keyword. | Michael Shalayeff |
| 2002-03-12 | Handle inet_ntop() returning NULL explicitly. Found by mpech@. | Daniel Hartmeier |
| 2002-03-11 | Add -r to reverse lookup addresses when displaying states. | Daniel Hartmeier |
| 2002-01-09 | Add labels to rules. These are arbitrary names (not to be confused with | Daniel Hartmeier |
| 2002-01-08 | Add "no nat/rdr/binat" to nat.conf. The first matching rule applies. | Daniel Hartmeier |
| 2002-01-07 | Next issue: | Mike Pechkin |
| 2002-01-04 | check (p != NULL), not n. | Mike Pechkin |
| 2001-12-10 | Add stateful filtering for other (non-TCP/UDP/ICMP) protocol, based on | Daniel Hartmeier |
| 2001-12-01 | wipe print_nat()'s nose (use dnot correctly instead of snot). i need to start | Mike Frantzen |
| 2001-11-26 | add fastroute options similar to what is found in ipf | jasoni |
| 2001-10-24 | Use snot/dnot correctly in print_rdr. RDR rules with '!' used on the | Daniel Hartmeier |
| 2001-10-15 | Add 'allow-opts' to rules. Packets with IP options will be blocked by | Daniel Hartmeier |
| 2001-10-04 | Honour -v flag when printing states, print only one line per state when | Daniel Hartmeier |
| 2001-09-15 | Implement return-icmp(number), return-icmp6(number) | Peter Stromberg |
| 2001-09-15 | ICMP6_DST_UNREACH_NOROUTE <-> _ADMIN, reported by Wouter Coene. | Daniel Hartmeier |
| 2001-09-15 | IPv6 support from Ryan McBride (mcbride@countersiege.com) | Mike Frantzen |
| 2001-09-06 | 1:1 bidrectional NAT (binat); ok dhartmei@ and frantzen@ | jasoni |
| 2001-09-02 | Print rule numbers zero-based. Noted by primus@gblx.net. | Daniel Hartmeier |
| 2001-08-25 | PF ISN randomization. Or in trekkie techno-babble, ISN phase modulation. | Mike Frantzen |
| 2001-08-23 | KNF | Theo de Raadt |
| 2001-08-19 | Unfuck some TCP state stuff that would drop the SYN|ACK. | Mike Frantzen |
| 2001-08-18 | prettier printing of states | Theo de Raadt |
| 2001-08-16 | track the line number per-token, so that we can report errors correctly | Theo de Raadt |
| 2001-08-11 | Add support for ICMP errors referring to ICMP queries/replies. Fixes | Daniel Hartmeier |
| 2001-07-19 | Fix/complete the handling of the binary ops >< and <> to behave | Kenneth R Westerback |
| 2001-07-17 | markus doesnt like min-ttl =, begone | Niels Provos |
| 2001-07-17 | support min-ttl, okay dhartmei@ | Niels Provos |
| 2001-07-17 | normalize ip_off, make IP_DF stripping optional, return rst is a flag now. | Niels Provos |
| 2001-07-16 | add a yacc parser for pf.conf and nat.conf, with help from mickey@, | Markus Friedl |
| 2001-07-11 | Error on invalid ports | Constantine Sapuntzakis |
| 2001-07-10 | Oops, we can't use 0 as next_addr()'s error return since 0.0.0.0 is | Todd C. Miller |
| 2001-07-10 | Resolve as a host name if not an IP address; dhartmei@ OK | Todd C. Miller |
| 2001-07-10 | move "proto" in the nat case as well | Todd C. Miller |
| 2001-07-09 | Move the proto field to be after the "on" argument which is consistent | Todd C. Miller |
| 2001-07-09 | Extend nat/rdr syntax. Add source/destination selection. Make | Daniel Hartmeier |
| 2001-07-06 | Allow negative match on interface name for nat and rdr | Chris Cappuccio |
| 2001-07-04 | cleaner | Theo de Raadt |
| 2001-07-04 | add new icmp codes and types as symbolic names, ok deraadt | Peter Stromberg |
| 2001-07-01 | tag packets generated by pf (return-rst, return-icmp) so they are not filtere... | Daniel Hartmeier |
