summaryrefslogtreecommitdiff
path: root/sbin/pfctl/pfctl_parser.c
AgeCommit message (Expand)Author
2004-07-16'pfctl -o' ruleset optimizer that doesnt change the meaning of the final rulesetMike Frantzen
2004-06-29remove cedric's bogus interface name verification code.Henning Brauer
2004-06-10rename struct pf_rule_addr member 'not' to 'neg', as 'not' is a reservedDaniel Hartmeier
2004-05-27plug memleak in error pathHenning Brauer
2004-05-19Allow recursive anchors (anchors within anchors, up to 64Daniel Hartmeier
2004-05-07typosHenning Brauer
2004-05-05Use RFC1323 PAWS timestamps as a logical extension to the conventional TCPMike Frantzen
2004-04-24Add "probability xxx" rule modifier. ok deraadt@Cedric Berger
2004-04-14Better interface filtering. vlan1 should not match vlan19.Cedric Berger
2004-03-15cast %llu arguments to unsigned long long, from Max Laier,Daniel Hartmeier
2004-03-10plug 3 memory leaks; 2 from andrushock, 1 by meHenning Brauer
2004-02-10KNFHenning Brauer
2004-02-10new kernel reports enabled & disabled time - use that info.Cedric Berger
2004-02-03bring back this fluffy change, of course without the bug:Henning Brauer
2004-01-25This fix was made WITHOUT RUNNING REGRESS. Henning, you are beingTheo de Raadt
2004-01-22to parse v4 adresses, only use inet_net_pton when we find a /, otherwiseHenning Brauer
2003-12-31spacing. note this, cedricTheo de Raadt
2003-12-31Many improvements to the handling of interfaces in PF.Cedric Berger
2003-12-19i wrote much of these, assert my copyrightHenning Brauer
2003-12-17cosmetics, ok mcbride@Daniel Hartmeier
2003-12-15Add initial support for pf state synchronization over the network.Ryan Thomas McBride
2003-12-15Add support to track stateful connections by source ip. This allows usRyan Thomas McBride
2003-11-14in print_status:Henning Brauer
2003-11-08Add 'no-sync' state option to prevent state transition messages for statesRyan Thomas McBride
2003-11-06two more KNF violations I missed earlier. who introduces those all the time?Henning Brauer
2003-11-06KNFHenning Brauer
2003-10-08fix cedric's breakage:Henning Brauer
2003-09-26Rearchitecture of the userland/kernel IOCTL interface for transactions.Cedric Berger
2003-09-18Not all address types have a mask.Cedric Berger
2003-08-22correct printf arg mismatch (in 64bit arch). dhartmei okJun-ichiro itojun Hagino
2003-08-21Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF.Mike Frantzen
2003-07-29Remove space at end of line.Cedric Berger
2003-07-21KNFHenning Brauer
2003-07-19Simplify struct pf_pooladdr to include struct pf_addr_wrap directlyCedric Berger
2003-07-15Repair memory managment in table parsing code.Cedric Berger
2003-07-11Better parsing and -v support for tables:Cedric Berger
2003-07-04KNF after cedric (grmpf)Henning Brauer
2003-07-04allow for a "pass" modifier on translation rules:Henning Brauer
2003-07-03This patch finally cleanup pfctl_table.c. No more global buffer,Cedric Berger
2003-06-12in set_ipmask, do not try to mask off irrelevant bits of anything butHenning Brauer
2003-06-11- sync up MLD declaration with RFC3542 (s/MLD6/MLD/)Jun-ichiro itojun Hagino
2003-06-09Attempt to resolve byte order confusion in nat code once and for all.Ryan Thomas McBride
2003-05-24better netmask checkHenning Brauer
2003-05-19reject invalid netmasks like 10.0.0.0/68, and fix up the netmask forHenning Brauer
2003-05-19err out on obviously wrong netmasksHenning Brauer
2003-05-17support inverse matching on tags likeHenning Brauer
2003-05-16TCP SYN proxy. Instead of 'keep state' or 'modulate state', one can useDaniel Hartmeier
2003-05-14add scrub modifier "reassemble tcp" to turn on stateful TCP normalizationsMike Frantzen
2003-05-14print the redirection target for nat/rdr/binat slighly later.Henning Brauer
2003-05-13correct rule printingHenning Brauer
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 23:09:46 +0000