summaryrefslogtreecommitdiff
path: root/sbin/pfctl
AgeCommit message (Expand)Author
2002-04-24Add dynamic (in-kernel) interface name -> address translation. Instead ofDaniel Hartmeier
2002-04-23Allow explicit filtering of fragments when they are not reassembled.Daniel Hartmeier
2002-04-18use strlcpyTheo de Raadt
2002-04-17Reset lineno for each file, so pfctl -R ... -N ... reports the rightDaniel Hartmeier
2002-04-15Use in_addr_t instead of unsigned long, which breaks on alpha (64-bit).Daniel Hartmeier
2002-04-08Fix typo, from Raymond M SchneiderDaniel Hartmeier
2002-04-01change return values back from EX_* to 0/1Daniel Hartmeier
2002-04-01style(9) improvements from Raymond M SchneiderDaniel Hartmeier
2002-03-28prototype pfctl_kill_states()Daniel Hartmeier
2002-03-27implement a "no-route" keyword.Michael Shalayeff
2002-03-26tidy up usage statement and sort headers. patch from dfa@solo.eeMike Frantzen
2002-03-26sort options and clean up the -k descrption. patch from dfa@solo.eeMike Frantzen
2002-03-25add -k option to shootdown all the state entries from the specified hostMike Frantzen
2002-03-21Add r option to SYNOPSIS. From Brian Poole.Daniel Hartmeier
2002-03-12Handle inet_ntop() returning NULL explicitly. Found by mpech@.Daniel Hartmeier
2002-03-11Add -r to reverse lookup addresses when displaying states.Daniel Hartmeier
2002-02-28Don't force /dev/pf to be opened read-write for pfctl -t/-m when valuesDaniel Hartmeier
2002-02-27Instead of printing useless @0 rule numbers from pfctl -vR, increase aDaniel Hartmeier
2002-02-26Add optional pool memory hard limits, mainly as temporary solutionDaniel Hartmeier
2002-02-11Initial patch.Mike Pechkin
2002-01-11use bsearch() for keywords lookup, swap couple of entries to make the keyword...Michael Shalayeff
2002-01-10Let port 0 be specified as it's not special here.Hugh Graham
2002-01-09Port must be >0 and <=65535. Idea while have fun with ssh.Mike Pechkin
2002-01-09free() 'interface' in {nat,binat,rdr}ruleMike Pechkin
2002-01-09Add labels to rules. These are arbitrary names (not to be confused withDaniel Hartmeier
2002-01-08Add "no nat/rdr/binat" to nat.conf. The first matching rule applies.Daniel Hartmeier
2002-01-07Next issue:Mike Pechkin
2002-01-07remove 3rd argument from ipmask(), not used.Mike Pechkin
2002-01-06-x needs read-write access for DIOCSETDEBUG ioctlDaniel Hartmeier
2002-01-04check (p != NULL), not n.Mike Pechkin
2001-12-31only open device for writing if we gonna modify anythingMichael Shalayeff
2001-12-23find correct line number in lval, instead of valTheo de Raadt
2001-12-21Initial patch for a new mdoc issue.Mike Pechkin
2001-12-13o) start new sentence on a new line;Mike Pechkin
2001-12-10Convert usage of 'you' to third person. Reword some sentences.Daniel Hartmeier
2001-12-10Add stateful filtering for other (non-TCP/UDP/ICMP) protocol, based onDaniel Hartmeier
2001-12-05Correctly parse hex numbers. Spotted by Claudio Jeker. Closes PR 2234.Daniel Hartmeier
2001-12-03For nat, binat and rdr rules, don't allow different address families inDaniel Hartmeier
2001-12-01wipe print_nat()'s nose (use dnot correctly instead of snot). i need to startMike Frantzen
2001-11-26add fastroute options similar to what is found in ipfjasoni
2001-11-05noone responds.Theo de Raadt
2001-10-24Check interface names using ifa0_lookup() and print error message forDaniel Hartmeier
2001-10-24Use snot/dnot correctly in print_rdr. RDR rules with '!' used on theDaniel Hartmeier
2001-10-15Add 'allow-opts' to rules. Packets with IP options will be blocked byDaniel Hartmeier
2001-10-11Don't htonl() past buffer bounds if ipmask == 128Mike Frantzen
2001-10-11Corrections from Brian J. Kifiak.Daniel Hartmeier
2001-10-07Add interface name to address translation to pfctl, document it and addDaniel Hartmeier
2001-10-04Honour -v flag when printing states, print only one line per state whenDaniel Hartmeier
2001-10-02Remove duplication from simultaneous commitsMike Frantzen
2001-10-02Typo fixes (thanks gwyllion@ace.ulyssis.org)Mike Frantzen
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-12 13:10:11 +0000