summaryrefslogtreecommitdiff
path: root/sbin/pfctl
AgeCommit message (Expand)Author
2010-10-03tweak previous;Jason McIntyre
2010-10-01the grammar of my last commit worked with mandoc, but didn't work with nroff;Reyk Floeter
2010-10-01Add the -R id option to pfctl that allows to show only a specified ruleReyk Floeter
2010-09-24remove the check that enforced rdr-to only inbound and nat-to only outbound.Henning Brauer
2010-09-22new log opt "matches"Henning Brauer
2010-09-20tweak previous; ok schwarzeJason McIntyre
2010-09-19Do not break .Op scope by .Oc.Ingo Schwarze
2010-09-17back out the -Fr hunk from previous: deraadt points out it is incorrectlyJason McIntyre
2010-09-16- note that -Fr puts the filer in a "pass all" stateJason McIntyre
2010-09-12spacing fix;Jason McIntyre
2010-09-02remove trailing spaces and tabs; no binary change.Igor Sobrado
2010-08-11Fix a logic problem which could in theory cause pfctlJonathan Gray
2010-08-03fix linecount bug with comments spanning multiple linesHenning Brauer
2010-07-13Fix (pflow) display in rule printing. Spotted by dhill@, ok henning@Stuart Henderson
2010-07-03Fix a couple of problems with printing of anchors, in particular recursiveRyan Thomas McBride
2010-07-03Use our own enum here rather than abusing the PF rule type enums, whichRyan Thomas McBride
2010-07-01Fix 'pfctl -a anchor -Fa' segfault introduced in r1.298.Stefan Sperling
2010-06-29Fix use after free. Found by regress tests.Charles Longeau
2010-06-28Clean up iterface stats handling:Ryan Thomas McBride
2010-06-25remove -m (merge).Henning Brauer
2010-05-16plug memory leak. `ps' was allocated with strdup(3), but on error pathzinovik
2010-04-02Use a dedicated variable to prevent attempting to open multipleStuart Henderson
2010-03-23oops - i obviously missed -r1.142;Jason McIntyre
2010-03-23remove -A, -O, -R and -T loadHenning Brauer
2010-03-22Following diff fixes memory leak. `debug' is allocated via asprintf(3) so weTheo de Raadt
2010-03-18Fix rdr-to printing in pfctl -sr when reply-to is in use.Stuart Henderson
2010-01-18Convert pf debug logging to using log()/addlog(), a single standardisedRyan Thomas McBride
2010-01-13Move tokens before productions into more consistant placesTheo de Raadt
2010-01-13repair a double-free suggested by parfait; ok mcbrideTheo de Raadt
2010-01-13fix some leaks found by parfaitJonathan Gray
2010-01-13In some cases the netmask gets set to a full 128 bit mask even if noRyan Thomas McBride
2010-01-13Allow /netmask notation in redir spec, fix the rest of the regressRyan Thomas McBride
2010-01-12We actually have to keep the translate/route spec addresses around afterRyan Thomas McBride
2010-01-12Set roundrobin flag correctly, and don't treat a bare interfaceRyan Thomas McBride
2010-01-12Only print route specs with @if notation if there is an IP address.Ryan Thomas McBride
2010-01-12Add restrictions to make @if illegal in outside of routing specs;Ryan Thomas McBride
2010-01-12Unbreak 10/8 and friends.Ryan Thomas McBride
2010-01-12Fix some issues in redir spec handling, discovered thanks to dlg testingRyan Thomas McBride
2010-01-12Don't leak @if0 format routing host names, pointed out by claudio.Ryan Thomas McBride
2010-01-12First pass at removing the 'pf_pool' mechanism for translation and routingRyan Thomas McBride
2010-01-10lex <=, >=, and != into a single token for correctness and to reduce theTheo de Raadt
2010-01-10In the non-optimized case, an address list containing "any" (ie. { any 10.0.0...Theo de Raadt
2009-12-24spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.hIgor Sobrado
2009-12-24add support to pf for filtering a packet by the interface it was receivedDavid Gwynne
2009-12-14fix sticky-address - by pretty much re-implementing it. still followingHenning Brauer
2009-12-10plug some memory leaks; found by parfait, ok henningTheo de Raadt
2009-11-23since "nat/rdr pass" are history natpass can goHenning Brauer
2009-11-22cleanup after the NAT changes. we used to have multiple rulesets (scrub,Henning Brauer
2009-11-09A few more places to be updated for the route pool change.Jonathan Gray
2009-11-03rtables are stacked on rdomains (it is possible to have multiple routingClaudio Jeker