summaryrefslogtreecommitdiff
path: root/sbin/pfctl/pfctl_parser.c
AgeCommit message (Expand)Author
2003-12-17cosmetics, ok mcbride@Daniel Hartmeier
2003-12-15Add initial support for pf state synchronization over the network.Ryan Thomas McBride
2003-12-15Add support to track stateful connections by source ip. This allows usRyan Thomas McBride
2003-11-14in print_status:Henning Brauer
2003-11-08Add 'no-sync' state option to prevent state transition messages for statesRyan Thomas McBride
2003-11-06two more KNF violations I missed earlier. who introduces those all the time?Henning Brauer
2003-11-06KNFHenning Brauer
2003-10-08fix cedric's breakage:Henning Brauer
2003-09-26Rearchitecture of the userland/kernel IOCTL interface for transactions.Cedric Berger
2003-09-18Not all address types have a mask.Cedric Berger
2003-08-22correct printf arg mismatch (in 64bit arch). dhartmei okJun-ichiro itojun Hagino
2003-08-21Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF.Mike Frantzen
2003-07-29Remove space at end of line.Cedric Berger
2003-07-21KNFHenning Brauer
2003-07-19Simplify struct pf_pooladdr to include struct pf_addr_wrap directlyCedric Berger
2003-07-15Repair memory managment in table parsing code.Cedric Berger
2003-07-11Better parsing and -v support for tables:Cedric Berger
2003-07-04KNF after cedric (grmpf)Henning Brauer
2003-07-04allow for a "pass" modifier on translation rules:Henning Brauer
2003-07-03This patch finally cleanup pfctl_table.c. No more global buffer,Cedric Berger
2003-06-12in set_ipmask, do not try to mask off irrelevant bits of anything butHenning Brauer
2003-06-11- sync up MLD declaration with RFC3542 (s/MLD6/MLD/)Jun-ichiro itojun Hagino
2003-06-09Attempt to resolve byte order confusion in nat code once and for all.Ryan Thomas McBride
2003-05-24better netmask checkHenning Brauer
2003-05-19reject invalid netmasks like 10.0.0.0/68, and fix up the netmask forHenning Brauer
2003-05-19err out on obviously wrong netmasksHenning Brauer
2003-05-17support inverse matching on tags likeHenning Brauer
2003-05-16TCP SYN proxy. Instead of 'keep state' or 'modulate state', one can useDaniel Hartmeier
2003-05-14add scrub modifier "reassemble tcp" to turn on stateful TCP normalizationsMike Frantzen
2003-05-14print the redirection target for nat/rdr/binat slighly later.Henning Brauer
2003-05-13correct rule printingHenning Brauer
2003-05-13userland part for tagging.Henning Brauer
2003-05-12Adaptive timeout value scaling. Allows to reduce timeout values as theDaniel Hartmeier
2003-04-25kill a workaround now that inet_net_pton acts reasonablyHenning Brauer
2003-04-05ease netmask handling a bitHenning Brauer
2003-04-03Simplify pfctl printing code.Cedric Berger
2003-03-28one more const was missingHenning Brauer
2003-03-27lotsa const char *Henning Brauer
2003-03-19inet_net_pton acts weird when it comes to multicast addresses. so pass theHenning Brauer
2003-02-25repair/simplify/flexify binat userland.Cedric Berger
2003-02-19Fix little buffer overflow on 64-bit platforms.Cedric Berger
2003-02-13when complaining about an illegal netmask print the value we're complainingHenning Brauer
2003-02-12Simplify the code and make the parser handle the different rule typesRyan Thomas McBride
2003-02-09Fix a few warnings and remove unnecessary check and cast.Camiel Dobbelaar
2003-02-08Add scrub option 'random-id', which replaces IP IDs with random valuesDaniel Hartmeier
2003-02-02no const for int; cedric@Henning Brauer
2003-02-02const'ify params for the host stuffHenning Brauer
2003-02-02as correctly pointed out by cedric@, the :network and :broadcast parsingHenning Brauer
2003-01-30in these two cases strdup makes more sense than asprintf, pointed out byHenning Brauer
2003-01-30add support for :network and :broadcast modifiers to interface names.Henning Brauer