summaryrefslogtreecommitdiff
path: root/sbin/pfctl
AgeCommit message (Expand)Author
2004-11-09do not assume entries in pf_timeouts[] are ordererd like PFTM_* in pfvar.hDaniel Hartmeier
2004-09-30print invalid hostmask when refusing it, ok deraadt@Daniel Hartmeier
2004-09-27anchor rules referencing anchors using slashes may need quotes.Jared Yanovich
2004-09-21Implement "no scrub" to allow exclusion of specific traffic from scrub rules.Aaron Campbell
2004-08-26sync usage for -aJared Yanovich
2004-08-26update w.r.t. recursive anchorsJared Yanovich
2004-08-08spacingTheo de Raadt
2004-07-23- make SYNOPSIS and usage() clear that -t precedes -T;Jason McIntyre
2004-07-19print the correct labels when displaying timeouts with pfctl (eg, pfctl -st).David Gwynne
2004-07-16'pfctl -o' ruleset optimizer that doesnt change the meaning of the final rulesetMike Frantzen
2004-06-29remove cedric's bogus interface name verification code.Henning Brauer
2004-06-29convert a few memcpy()s to strlcpy() so we don't copy uninitialized junk intoMike Frantzen
2004-06-26add back PF_INOUT, fixes reassemble tcpDavid Krause
2004-06-25repair tree nanobreak by the nanobumTheo de Raadt
2004-06-21Update manpage to reflect changes in anchor namingMathieu Sauve-Frankel
2004-06-14Remove unused functions. ok beck@ henning@Cedric Berger
2004-06-12Fix table add/replace commands with securelevel=2.Cedric Berger
2004-06-10Work around an uncovered gcc problem on m88k until it receives proper cure.Miod Vallat
2004-06-10rename struct pf_rule_addr member 'not' to 'neg', as 'not' is a reservedDaniel Hartmeier
2004-05-30various improvements and fixes from jared yanovich;Jason McIntyre
2004-05-27plug memleak in error pathHenning Brauer
2004-05-21Use '/' instead of ':' as separator for anchor path components. Note thatDaniel Hartmeier
2004-05-20bzero() ifr before use, From: Andrey Matveev <andrushock@korovino.net>Henning Brauer
2004-05-19Allow recursive anchors (anchors within anchors, up to 64Daniel Hartmeier
2004-05-07typosHenning Brauer
2004-05-05Use RFC1323 PAWS timestamps as a logical extension to the conventional TCPMike Frantzen
2004-04-27make "pfctl -vvsq" to print "No queue in use" and exit when there is noKenjiro Cho
2004-04-26do more careful altq bandwidth checking.Kenjiro Cho
2004-04-24Add "probability xxx" rule modifier. ok deraadt@Cedric Berger
2004-04-22typo, From: Jared Yanovich <jjy2+@pitt.edu>Henning Brauer
2004-04-14make antispoof work with dynamic addresses. ok dhartmei@ mcbride@Cedric Berger
2004-04-14Better interface filtering. vlan1 should not match vlan19.Cedric Berger
2004-04-09Do not try to load directories. found+ok mpech@Cedric Berger
2004-03-20spelling fix; ok dhartmei@ henning@ deraadt@David Krause
2004-03-20make pfctl -s osfp work and remove -o option from manpage; ok deraadt@David Krause
2004-03-15cast %llu arguments to unsigned long long, from Max Laier,Daniel Hartmeier
2004-03-14#include fixes, from Max Laier, ok beck@ henning@Daniel Hartmeier
2004-03-10Actually use SRCS+= so that we don't have a wrapped line.Ryan Thomas McBride
2004-03-10plug 3 memory leaks; 2 from andrushock, 1 by meHenning Brauer
2004-03-08plug 124 memory leaksHenning Brauer
2004-03-06from bgpd:Henning Brauer
2004-03-03no newline in errx, bad cedric; spotted by teduTheo de Raadt
2004-03-01support "tagged <name>" on anchor rules, suggested by vd@vmunix.lt,Daniel Hartmeier
2004-02-27make pfctl -s all a bit more useful again by not printing a lllooooooottttt ofHenning Brauer
2004-02-26Fix/Simplify printing of titles with "pfctl -s all". ok mcbride@Cedric Berger
2004-02-26Fix pfctl -sa output. Found by David Krause, ok mcbride@Cedric Berger
2004-02-25Don't clear global stuff when an anchor is given in addition to -Fa.Cedric Berger
2004-02-24'max-src-nodes' requires 'source-track rule'. Set that automatically,Ryan Thomas McBride
2004-02-24fixup.Cedric Berger
2004-02-24Check for 'source-track rule' with 'max-src-nodes'.Ryan Thomas McBride