summaryrefslogtreecommitdiff
path: root/sbin/pfctl
AgeCommit message (Expand)Author
2009-11-03rtables are stacked on rdomains (it is possible to have multiple routingClaudio Jeker
2009-10-28Add a dedicated pf pool for route options as suggested by henning,Jonathan Gray
2009-10-28route_host initializes the netmask to a /128 no matter what af is used soClaudio Jeker
2009-10-28Correct function name in err and errx.Claudio Jeker
2009-10-04Add (again) support for divert sockets. They allow you to:Michele Marchetto
2009-09-29sort usage();Jason McIntyre
2009-09-28add -S and -L options to store and load the pf state table from a file.David Gwynne
2009-09-08I had not enough oks to commit this diff.Michele Marchetto
2009-09-08Add support for divert sockets. They allow you to:Michele Marchetto
2009-09-07implement binat-to as a macro-like rule: a rule using the new binat-toReyk Floeter
2009-09-03remove -N from usage();Jason McIntyre
2009-09-03this time i commit the right diff that wasReyk Floeter
2009-09-03fix two route-to vs. rdr-to conflicts.Reyk Floeter
2009-09-03remove NAT specific command line optionsPeter Hessler
2009-09-02all the new *-to options are part of the "filteropts" section at theReyk Floeter
2009-09-01the diff theo calls me insanae for:Henning Brauer
2009-08-21remove the ``;'' at the end of INDENT() macro definition usingAlexandre Ratchov
2009-07-28Bring back rev. 1.560:Claudio Jeker
2009-07-27When will people learn to commit their .h file changes?Theo de Raadt
2009-07-27Make it possible to use DiffServ Code Point in the TOS fields. Names likeClaudio Jeker
2009-07-09repair -xHenning Brauer
2009-05-14actually change the require-order default to No; I missed a part withStuart Henderson
2009-04-26switch the require-order default to "no". regression tests still pass.Stuart Henderson
2009-04-25scrub_opts must not be empty, scrub on its own does nothing.Henning Brauer
2009-04-16Really turn fragment reassembly on by default. pfctl must handle thisDavid Krause
2009-04-15restore printing of the fragment option; ok henning@David Krause
2009-04-06print prettier, from sthen@Henning Brauer
2009-04-061) scrub rules are completely gone.Henning Brauer
2009-03-19pfctl -ss printed state levels for ICMPv6. Disable this the sameAlexander Bluhm
2009-02-23back out last commit since it breaks a few regress tests -- this will beTheo de Raadt
2009-02-19spacingTheo de Raadt
2009-02-16fix pfctl -v printing of anchors, from camield@. Closes user/6065Stuart Henderson
2008-10-17in findeol(), do not skip the pushback buffer. fixes PR 5952 by sthen@ andHenning Brauer
2008-10-02implement "set state-defaults X", where X is a list of state options asHenning Brauer
2008-09-10do not try to print $$ when it has not been setTheo de Raadt
2008-09-09welcome pflow(4), a netflow v5 compatible flow export interface.Henning Brauer
2008-08-31avoid line wrap in usage() output;Jason McIntyre
2008-08-12use correct byte order when printing state expiration minutes; ok henning@David Krause
2008-08-07correctly copy the log interface spec when expanding an antispoof rule thatHenning Brauer
2008-07-25don't redefine INFINITY -- math.h defines it nowMartynas Venckus
2008-07-24check sysctl return valueHenning Brauer
2008-07-03do not forget to initialize other member of $$ in qname; noted by mark shroyerTheo de Raadt
2008-06-29Simplify state creation code; merge state import/export code between pfsyncRyan Thomas McBride
2008-06-21Fix "-T expire"; clear pfra_fback on addresses before sending them back toRyan Thomas McBride
2008-06-11remove an ugly article;Jason McIntyre
2008-06-10Make counters on table addresses optional and disabled by default.Ryan Thomas McBride
2008-06-10save somespace in the state by collapsing two 8 bit ints used as booleansHenning Brauer
2008-06-10in verbose mode indicate which states are sloppy, ryan reyk theoHenning Brauer
2008-06-10new state option "sloppy" to use the sloppy tcp state tracker insteadHenning Brauer
2008-05-29Second half of PF state table rearrangement.Ryan Thomas McBride
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 02:31:18 +0000