summaryrefslogtreecommitdiff
path: root/sbin/pfctl
AgeCommit message (Expand)Author
2003-07-10Fix merging of host lists.Cedric Berger
2003-07-06knf (cedric did not do it right)Theo de Raadt
2003-07-04KNF after cedric (grmpf)Henning Brauer
2003-07-04KNFHenning Brauer
2003-07-04allow for a "pass" modifier on translation rules:Henning Brauer
2003-07-03Bye bye atexit(), bye bye globals...Cedric Berger
2003-07-03This patch finally cleanup pfctl_table.c. No more global buffer,Cedric Berger
2003-06-30Buffer management functions.Cedric Berger
2003-06-29Replace assert(3) calls with warnx(3), if the warning is relevant at all.Daniel Hartmeier
2003-06-28No need to include the same header twice.Cedric Berger
2003-06-27Reorg part I: move 3 functions out of pf_table.c to pf_radix.cCedric Berger
2003-06-21fflush(stdout) in pfctl -vvsq endless output.Daniel Hartmeier
2003-06-21count packets and bidirectionally on state entries, allowing for fine-grainedDamien Miller
2003-06-20some cleanings recommended by lint; dhartmei okTheo de Raadt
2003-06-19knfTheo de Raadt
2003-06-18change expand_label_addr() to use a switch (h->addr.type) instead ofHenning Brauer
2003-06-18when expanding the $srcaddr/$dstaddr label macros and the address is actuallyHenning Brauer
2003-06-13Make "show Anchor" obey quiet flag.Cedric Berger
2003-06-12in set_ipmask, do not try to mask off irrelevant bits of anything butHenning Brauer
2003-06-11- sync up MLD declaration with RFC3542 (s/MLD6/MLD/)Jun-ichiro itojun Hagino
2003-06-09Attempt to resolve byte order confusion in nat code once and for all.Ryan Thomas McBride
2003-06-08A table in an anchor creates a real anchor: pfctl -sA works.Cedric Berger
2003-06-07in print_host(), don't set the mask blindly to /128 but adhere to theHenning Brauer
2003-06-06simplify license. pfctl_altq.c with kenjiro's permission of course.Henning Brauer
2003-06-03process show options before ruleset reloadHenning Brauer
2003-05-25must not run check_netmask() before remove_invalid_hosts() - binat case had itHenning Brauer
2003-05-24better netmask checkHenning Brauer
2003-05-24Properly reset buffers after each "table" command.Cedric Berger
2003-05-24tweak;Jason McIntyre
2003-05-24syncCedric Berger
2003-05-19print out the full netmask; don't just ignore the upper bits in the v4 caseHenning Brauer
2003-05-19reject invalid netmasks like 10.0.0.0/68, and fix up the netmask forHenning Brauer
2003-05-19all host() receivers have to test for NULLHenning Brauer
2003-05-19err out on obviously wrong netmasksHenning Brauer
2003-05-19if host() returns NULL, it is an error, so err the fuck out and don'tHenning Brauer
2003-05-19don't print altq en-/disabled - there's no point, you can't turn them onHenning Brauer
2003-05-19style consistencyHenning Brauer
2003-05-19Use a decaying average for smoother rate estimates.Camiel Dobbelaar
2003-05-18indent here in the same way as in -vsr for consistencyHenning Brauer
2003-05-18in the pfctl -vsr output (-vvsr/-gvvsr as well), indent instead of extraHenning Brauer
2003-05-17Fix proxy related output.Daniel Hartmeier
2003-05-17A little bugfix. We want pfioc_states, not pfioc_state.Ryan Thomas McBride
2003-05-17support inverse matching on tags likeHenning Brauer
2003-05-16TCP SYN proxy. Instead of 'keep state' or 'modulate state', one can useDaniel Hartmeier
2003-05-15properly complain about too long tagsHenning Brauer
2003-05-14add scrub modifier "reassemble tcp" to turn on stateful TCP normalizationsMike Frantzen
2003-05-14tagging on binatHenning Brauer
2003-05-14enabled tagging on rdr rulesHenning Brauer
2003-05-14with tag/tagged given, only whine about missing keep state on pass rulesHenning Brauer
2003-05-14allow SCRUB rules to specify protocol again. broken sometime in the past.Mike Frantzen