| Age | Commit message (Expand) | Author |
|---|
| 2011-12-12 | fixup af-to regression with match rules | Mike Belopuhov |
| 2011-11-23 | print ports as numbers by default; -P prints names instead | Henning Brauer |
| 2011-11-23 | print_rule: rename opts -> ropts, no binary change | Henning Brauer |
| 2011-10-13 | pfctl change for af-to / NAT64 support. | Claudio Jeker |
| 2011-08-30 | One shot rules can be used in pf.conf by specifying a "once" filter option. | Mike Belopuhov |
| 2011-07-27 | Add support for weighted round-robin in load balancing pools and tables. | Ryan Thomas McBride |
| 2011-07-08 | allow rules to specify "prio X" or "prio (X, Y)" to assign priority levels | Henning Brauer |
| 2011-07-07 | Don't print 'keep state' anymore unless it's needed for state options, it's | Ryan Thomas McBride |
| 2011-07-03 | bring in least-states load balancing algorithm | Joerg Zinke |
| 2011-04-06 | Userland bits to allow PF to filter on the rdomain a packet belongs to. | Claudio Jeker |
| 2011-04-05 | ditch fastroute, an ipf feature that made its way into pf before | Mike Belopuhov |
| 2011-01-23 | 'pfctl -x none' did not turn debugging off. Skip the syslog internal | Alexander Bluhm |
| 2010-10-12 | pfctl -sr did not show divert-reply rules without address family | Alexander Bluhm |
| 2010-09-22 | new log opt "matches" | Henning Brauer |
| 2010-09-02 | remove trailing spaces and tabs; no binary change. | Igor Sobrado |
| 2010-07-13 | Fix (pflow) display in rule printing. Spotted by dhill@, ok henning@ | Stuart Henderson |
| 2010-07-03 | Fix a couple of problems with printing of anchors, in particular recursive | Ryan Thomas McBride |
| 2010-07-03 | Use our own enum here rather than abusing the PF rule type enums, which | Ryan Thomas McBride |
| 2010-06-29 | Fix use after free. Found by regress tests. | Charles Longeau |
| 2010-05-16 | plug memory leak. `ps' was allocated with strdup(3), but on error path | zinovik |
| 2010-03-22 | Following diff fixes memory leak. `debug' is allocated via asprintf(3) so we | Theo de Raadt |
| 2010-03-18 | Fix rdr-to printing in pfctl -sr when reply-to is in use. | Stuart Henderson |
| 2010-01-18 | Convert pf debug logging to using log()/addlog(), a single standardised | Ryan Thomas McBride |
| 2010-01-13 | repair a double-free suggested by parfait; ok mcbride | Theo de Raadt |
| 2010-01-13 | fix some leaks found by parfait | Jonathan Gray |
| 2010-01-12 | Only print route specs with @if notation if there is an IP address. | Ryan Thomas McBride |
| 2010-01-12 | Unbreak 10/8 and friends. | Ryan Thomas McBride |
| 2010-01-12 | Fix some issues in redir spec handling, discovered thanks to dlg testing | Ryan Thomas McBride |
| 2010-01-12 | First pass at removing the 'pf_pool' mechanism for translation and routing | Ryan Thomas McBride |
| 2009-12-24 | spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.h | Igor Sobrado |
| 2009-12-24 | add support to pf for filtering a packet by the interface it was received | David Gwynne |
| 2009-12-14 | fix sticky-address - by pretty much re-implementing it. still following | Henning Brauer |
| 2009-11-23 | since "nat/rdr pass" are history natpass can go | Henning Brauer |
| 2009-11-22 | cleanup after the NAT changes. we used to have multiple rulesets (scrub, | Henning Brauer |
| 2009-10-28 | Add a dedicated pf pool for route options as suggested by henning, | Jonathan Gray |
| 2009-10-04 | Add (again) support for divert sockets. They allow you to: | Michele Marchetto |
| 2009-09-08 | I had not enough oks to commit this diff. | Michele Marchetto |
| 2009-09-08 | Add support for divert sockets. They allow you to: | Michele Marchetto |
| 2009-09-02 | all the new *-to options are part of the "filteropts" section at the | Reyk Floeter |
| 2009-09-01 | the diff theo calls me insanae for: | Henning Brauer |
| 2009-04-15 | restore printing of the fragment option; ok henning@ | David Krause |
| 2009-04-06 | print prettier, from sthen@ | Henning Brauer |
| 2009-04-06 | 1) scrub rules are completely gone. | Henning Brauer |
| 2008-09-09 | welcome pflow(4), a netflow v5 compatible flow export interface. | Henning Brauer |
| 2008-06-10 | Make counters on table addresses optional and disabled by default. | Ryan Thomas McBride |
| 2008-06-10 | new state option "sloppy" to use the sloppy tcp state tracker instead | Henning Brauer |
| 2008-05-09 | convert port byte order in the production; add port keyword; ok deraadt@ | Markus Friedl |
| 2008-05-09 | divert packets to local socket without modifying the ip header; | Markus Friedl |
| 2008-05-07 | allow setting TOS with scrub; ok mcbride, claudio | Markus Friedl |
| 2007-10-15 | specifying int instead of just unsigned is better style | Theo de Raadt |
