summaryrefslogtreecommitdiff
path: root/sbin/pfctl
AgeCommit message (Expand)Author
2004-05-19Allow recursive anchors (anchors within anchors, up to 64Daniel Hartmeier
2004-05-07typosHenning Brauer
2004-05-05Use RFC1323 PAWS timestamps as a logical extension to the conventional TCPMike Frantzen
2004-04-27make "pfctl -vvsq" to print "No queue in use" and exit when there is noKenjiro Cho
2004-04-26do more careful altq bandwidth checking.Kenjiro Cho
2004-04-24Add "probability xxx" rule modifier. ok deraadt@Cedric Berger
2004-04-22typo, From: Jared Yanovich <jjy2+@pitt.edu>Henning Brauer
2004-04-14make antispoof work with dynamic addresses. ok dhartmei@ mcbride@Cedric Berger
2004-04-14Better interface filtering. vlan1 should not match vlan19.Cedric Berger
2004-04-09Do not try to load directories. found+ok mpech@Cedric Berger
2004-03-20spelling fix; ok dhartmei@ henning@ deraadt@David Krause
2004-03-20make pfctl -s osfp work and remove -o option from manpage; ok deraadt@David Krause
2004-03-15cast %llu arguments to unsigned long long, from Max Laier,Daniel Hartmeier
2004-03-14#include fixes, from Max Laier, ok beck@ henning@Daniel Hartmeier
2004-03-10Actually use SRCS+= so that we don't have a wrapped line.Ryan Thomas McBride
2004-03-10plug 3 memory leaks; 2 from andrushock, 1 by meHenning Brauer
2004-03-08plug 124 memory leaksHenning Brauer
2004-03-06from bgpd:Henning Brauer
2004-03-03no newline in errx, bad cedric; spotted by teduTheo de Raadt
2004-03-01support "tagged <name>" on anchor rules, suggested by vd@vmunix.lt,Daniel Hartmeier
2004-02-27make pfctl -s all a bit more useful again by not printing a lllooooooottttt ofHenning Brauer
2004-02-26Fix/Simplify printing of titles with "pfctl -s all". ok mcbride@Cedric Berger
2004-02-26Fix pfctl -sa output. Found by David Krause, ok mcbride@Cedric Berger
2004-02-25Don't clear global stuff when an anchor is given in addition to -Fa.Cedric Berger
2004-02-24'max-src-nodes' requires 'source-track rule'. Set that automatically,Ryan Thomas McBride
2004-02-24fixup.Cedric Berger
2004-02-24Check for 'source-track rule' with 'max-src-nodes'.Ryan Thomas McBride
2004-02-19Makes pfctl -ss and pfctl -sq use optional -i argument.Cedric Berger
2004-02-19Makes pfctl -Fs and pfctl -w works with the optional -i specifier.Cedric Berger
2004-02-19now that qids are managed entirely in the kernel, the qid related codeKenjiro Cho
2004-02-17add -i flag, use it for -sI as a start. ok henning@, ok+test mcbride@Cedric Berger
2004-02-12- sort SYNOPSIS and options listJason McIntyre
2004-02-12add -p flag to specify the device - ok mcbride@, henning@ with no objectionsBob Beck
2004-02-11Fix interface clobbering for link-local addresses. Found by Pyun YongHyeon.Cedric Berger
2004-02-10KNFDaniel Hartmeier
2004-02-10KNFHenning Brauer
2004-02-10lotsoflotsoflotsof KNFHenning Brauer
2004-02-10KNFHenning Brauer
2004-02-10fix at leats the worst of Cedric "KNF is for everybody but me" Berger's fuckupHenning Brauer
2004-02-10new kernel reports enabled & disabled time - use that info.Cedric Berger
2004-02-05pfctl_update_qstats() returns -1 on error and the # of queues otehrwiseHenning Brauer
2004-02-04Handle rules like 'pass ... proto { tcp udp icmp } ... modulate state'Ryan Thomas McBride
2004-02-04Fix a number of bugs with setting pool limits which I introduced withRyan Thomas McBride
2004-02-03fix PR 3664 / jared r r spiegelHenning Brauer
2004-02-03bring back this fluffy change, of course without the bug:Henning Brauer
2004-01-29Clean up 'pfctl -s all' output.Ryan Thomas McBride
2004-01-26we must not omit printing the netmask when it is all zero, this is dangerous -Henning Brauer
2004-01-25This fix was made WITHOUT RUNNING REGRESS. Henning, you are beingTheo de Raadt
2004-01-22to parse v4 adresses, only use inet_net_pton when we find a /, otherwiseHenning Brauer
2004-01-14eliminate the predefined special qids so that qids become simpleKenjiro Cho