| Age | Commit message (Expand) | Author |
|---|
| 2002-10-07 | set block-policy [drop|return] | Henning Brauer |
| 2002-10-07 | support a generic return | Henning Brauer |
| 2002-10-07 | make return-icmp work for rules covering both v4 and v6 | Henning Brauer |
| 2002-10-07 | Add 'reply-to' to filter rules, similar to route-to, but applying to | Daniel Hartmeier |
| 2002-10-05 | Allow filtering based on IP header's tos field. | Daniel Hartmeier |
| 2002-07-20 | properly split yacc and lex use | Theo de Raadt |
| 2002-07-15 | add support for | Henning Brauer |
| 2002-07-01 | KNF | Theo de Raadt |
| 2002-06-27 | repair formatting - the new "enabled since" format is longer than the old | Henning Brauer |
| 2002-06-19 | "Enabled for Ss" -> "Enabled for D days HH:MM:SS", ok frantzen@ | Daniel Hartmeier |
| 2002-06-11 | split the grammar of scrub(fragcache) into scrub ... 'fragment reassemble', | Mike Frantzen |
| 2002-06-11 | SCRUB(fragcache) to do gap tracking and overlap pruning of IPv4 fragments | Mike Frantzen |
| 2002-06-11 | Make NAT proxy port range configurable per rule, for instance privileged | Daniel Hartmeier |
| 2002-06-11 | rework pfctl statistics display | Henning Brauer |
| 2002-06-10 | Allow ports to be specified in nat rules, useful later on for individual | Daniel Hartmeier |
| 2002-06-09 | Make pf_nat.saddr/daddr a pf_rule_addr instead of pf_addr_wrap, so it | Daniel Hartmeier |
| 2002-06-09 | spaced out developers... | Theo de Raadt |
| 2002-06-08 | Change remaining read-only lookup tables to const, suggestion drahn@ | Daniel Hartmeier |
| 2002-06-08 | pf_timeouts is shared between pfctl and authpf, put it in the shared file. | Dale Rahn |
| 2002-06-08 | Make state timeouts configurable per rule, like | Daniel Hartmeier |
| 2002-06-07 | add the possibility to configure a TTL while return-rst | Philipp Buehler |
| 2002-06-07 | Add "(max <number>)" option for "keep/modulate state" to limit the number | Daniel Hartmeier |
| 2002-06-07 | minor KNF while I'm here | Henning Brauer |
| 2002-06-06 | split out the pf_state printing functions to be used elsewhere, no functional... | Michael Shalayeff |
| 2002-06-01 | ECN flag support for pf. Committed in consultation with Daniel. | Hugh Graham |
| 2002-05-27 | Ports require 6 chars, from Oleg Safiullin | Daniel Hartmeier |
| 2002-05-23 | tiny KNF, some malloc checks, etc | Theo de Raadt |
| 2002-05-19 | KNF | Theo de Raadt |
| 2002-05-18 | Handle long (unsigned 32-bit) IDs in print_uid/gid(). From Oleg Safiullin. | Daniel Hartmeier |
| 2002-05-12 | Add gid based filtering, reduce to one (effective) uid, rename parser | Daniel Hartmeier |
| 2002-05-09 | Add a max-mss option to the scrub rule which will enforce a maximum mss | jasoni |
| 2002-05-09 | Introduce user based filtering. Rules can specify ruid and euid (real and | Daniel Hartmeier |
| 2002-05-05 | Instead of returning a useless kernel space pointer for the rule that | Daniel Hartmeier |
| 2002-04-24 | Add dynamic (in-kernel) interface name -> address translation. Instead of | Daniel Hartmeier |
| 2002-04-23 | Allow explicit filtering of fragments when they are not reassembled. | Daniel Hartmeier |
| 2002-04-15 | Use in_addr_t instead of unsigned long, which breaks on alpha (64-bit). | Daniel Hartmeier |
| 2002-03-27 | implement a "no-route" keyword. | Michael Shalayeff |
| 2002-03-12 | Handle inet_ntop() returning NULL explicitly. Found by mpech@. | Daniel Hartmeier |
| 2002-03-11 | Add -r to reverse lookup addresses when displaying states. | Daniel Hartmeier |
| 2002-01-09 | Add labels to rules. These are arbitrary names (not to be confused with | Daniel Hartmeier |
| 2002-01-08 | Add "no nat/rdr/binat" to nat.conf. The first matching rule applies. | Daniel Hartmeier |
| 2002-01-07 | Next issue: | Mike Pechkin |
| 2002-01-04 | check (p != NULL), not n. | Mike Pechkin |
| 2001-12-10 | Add stateful filtering for other (non-TCP/UDP/ICMP) protocol, based on | Daniel Hartmeier |
| 2001-12-01 | wipe print_nat()'s nose (use dnot correctly instead of snot). i need to start | Mike Frantzen |
| 2001-11-26 | add fastroute options similar to what is found in ipf | jasoni |
| 2001-10-24 | Use snot/dnot correctly in print_rdr. RDR rules with '!' used on the | Daniel Hartmeier |
| 2001-10-15 | Add 'allow-opts' to rules. Packets with IP options will be blocked by | Daniel Hartmeier |
| 2001-10-04 | Honour -v flag when printing states, print only one line per state when | Daniel Hartmeier |
| 2001-09-15 | Implement return-icmp(number), return-icmp6(number) | Peter Stromberg |
