Age | Commit message (Expand) | Author |
2003-06-09 | Attempt to resolve byte order confusion in nat code once and for all. | Ryan Thomas McBride |
2003-06-08 | A table in an anchor creates a real anchor: pfctl -sA works. | Cedric Berger |
2003-06-07 | in print_host(), don't set the mask blindly to /128 but adhere to the | Henning Brauer |
2003-06-06 | simplify license. pfctl_altq.c with kenjiro's permission of course. | Henning Brauer |
2003-06-03 | process show options before ruleset reload | Henning Brauer |
2003-05-25 | must not run check_netmask() before remove_invalid_hosts() - binat case had it | Henning Brauer |
2003-05-24 | better netmask check | Henning Brauer |
2003-05-24 | Properly reset buffers after each "table" command. | Cedric Berger |
2003-05-24 | tweak; | Jason McIntyre |
2003-05-24 | sync | Cedric Berger |
2003-05-19 | print out the full netmask; don't just ignore the upper bits in the v4 case | Henning Brauer |
2003-05-19 | reject invalid netmasks like 10.0.0.0/68, and fix up the netmask for | Henning Brauer |
2003-05-19 | all host() receivers have to test for NULL | Henning Brauer |
2003-05-19 | err out on obviously wrong netmasks | Henning Brauer |
2003-05-19 | if host() returns NULL, it is an error, so err the fuck out and don't | Henning Brauer |
2003-05-19 | don't print altq en-/disabled - there's no point, you can't turn them on | Henning Brauer |
2003-05-19 | style consistency | Henning Brauer |
2003-05-19 | Use a decaying average for smoother rate estimates. | Camiel Dobbelaar |
2003-05-18 | indent here in the same way as in -vsr for consistency | Henning Brauer |
2003-05-18 | in the pfctl -vsr output (-vvsr/-gvvsr as well), indent instead of extra | Henning Brauer |
2003-05-17 | Fix proxy related output. | Daniel Hartmeier |
2003-05-17 | A little bugfix. We want pfioc_states, not pfioc_state. | Ryan Thomas McBride |
2003-05-17 | support inverse matching on tags like | Henning Brauer |
2003-05-16 | TCP SYN proxy. Instead of 'keep state' or 'modulate state', one can use | Daniel Hartmeier |
2003-05-15 | properly complain about too long tags | Henning Brauer |
2003-05-14 | add scrub modifier "reassemble tcp" to turn on stateful TCP normalizations | Mike Frantzen |
2003-05-14 | tagging on binat | Henning Brauer |
2003-05-14 | enabled tagging on rdr rules | Henning Brauer |
2003-05-14 | with tag/tagged given, only whine about missing keep state on pass rules | Henning Brauer |
2003-05-14 | allow SCRUB rules to specify protocol again. broken sometime in the past. | Mike Frantzen |
2003-05-14 | tags on nat rules: | Henning Brauer |
2003-05-14 | print the redirection target for nat/rdr/binat slighly later. | Henning Brauer |
2003-05-13 | make sure tagging is only ever used with stateful filter rules | Henning Brauer |
2003-05-13 | correct rule printing | Henning Brauer |
2003-05-13 | userland part for tagging. | Henning Brauer |
2003-05-12 | Adaptive timeout value scaling. Allows to reduce timeout values as the | Daniel Hartmeier |
2003-05-11 | Don't ntohs() the translation port for nat as it is already in host byte order. | Ryan Thomas McBride |
2003-05-10 | support loading of anchors from within the main ruleset via | Henning Brauer |
2003-05-08 | Close sockets (otherwise the file handle limit can be reached when many | Daniel Hartmeier |
2003-05-05 | Describe format of pfctl -sl output, reported by Alejandro G. Belluscio. | Daniel Hartmeier |
2003-05-03 | these files all had >9 arguments to .Nd, causing the name description to be | Jason McIntyre |
2003-05-03 | don't free() the char * carrying the rule label too early | Henning Brauer |
2003-05-01 | ease label handling | Henning Brauer |
2003-05-01 | allow label on antispoof; requested by Gregor Binder <gbinder at sysfive.com> | Henning Brauer |
2003-04-30 | kill globals anchorname and rulesetname; have them in main instead and pass | Henning Brauer |
2003-04-30 | Allow tables to be loaded into anchors. | Cedric Berger |
2003-04-27 | Update the pfioc_table IOCTL structure. | Cedric Berger |
2003-04-25 | kill a workaround now that inet_net_pton acts reasonably | Henning Brauer |
2003-04-25 | check asprintf return value for error as well, some implementations do | Peter Valchev |
2003-04-25 | Properly copy the second part of nat proxy port range, when specified. | Daniel Hartmeier |