| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2002-11-23 | code to support loading of pf rules with multiple redirection addresses | Ryan Thomas McBride | |
| (in nat, rdr, route-to, dup-to and reply-to) Syntax looks like this, see pf.conf(5) for details: nat on wi0 proto { tcp, icmp } from any to 192.168.0.2 -> \ 192.168.0.16/29 source-hash random rdr on wi0 proto { tcp } from any to 192.168.0.34 port 22 -> \ { 192.168.0.8/31, 192.168.0.15 } port 22 round-robin ok dhartmei@ henning@ | |||
| 2002-11-22 | print altq and queue lines in the pfctl -v case including the child queue | Henning Brauer | |
| assignment | |||
| 2002-11-22 | kill dead code | Henning Brauer | |
| 2002-11-22 | dsetination -> destination; from Yasholomew Yashinski. | Federico G. Schwindt | |
| 2002-11-21 | Add 'rawkey' to FEATURES. | Hakan Olsson | |
| 2002-11-21 | -Wshadow nits. | Hakan Olsson | |
| 2002-11-21 | hmac_init and prf_alloc should use unsigned lengths. Problem pointed out by ↵ | Hakan Olsson | |
| Patrick Latifi. | |||
| 2002-11-20 | wow, a format string bug in a Makefile. Not surprised we missed this | Theo de Raadt | |
| one; peterw@ifost.org.au | |||
| 2002-11-20 | document the relevant queue options | Philipp Buehler | |
| henning@ ok | |||
| 2002-11-19 | minor cosmetics, space after "label %s", in case both label and queue are | Daniel Hartmeier | |
| specified. | |||
| 2002-11-19 | only take cbq opts from schedtype if type=CBQ | Henning Brauer | |
| 2002-11-19 | pfctl -sq prettier | Henning Brauer | |
| 2002-11-19 | altq ifspec is always level 0 | Henning Brauer | |
| 2002-11-19 | altq interface spec should be printed as altq interface spec, not queue | Henning Brauer | |
| 2002-11-19 | repair queuespec syntax glitch, theo agrees | Henning Brauer | |
| 2002-11-19 | default priority is 1, not 0 | Henning Brauer | |
| found by pb@ | |||
| 2002-11-19 | - match 'Gb' case-sensitively | Camiel Dobbelaar | |
| - match "%" unit only, not "%crap" ok henning@ | |||
| 2002-11-19 | icmp-type was off by one, ok henning@ | Peter Stromberg | |
| 2002-11-18 | no; do not use }; | Theo de Raadt | |
| 2002-11-18 | more using strl* return values instead of strlen calls | Henning Brauer | |
| 2002-11-18 | easier "queue name too long" detection; from theo | Henning Brauer | |
| 2002-11-18 | support Gb in print; henning ok | Theo de Raadt | |
| 2002-11-18 | KNF | Theo de Raadt | |
| 2002-11-18 | KNF | Theo de Raadt | |
| 2002-11-18 | altq and pf merged | Henning Brauer | |
| this isn't 100% done yet: the print_ stuff isn't finished, some features will be added later, and there is no documetation yet, but committing now enables a few more people to work on. print_altq_node stuff hacked by Daniel at euroBSDcon; lotsa stuff from kjc, debugging help also pb and camiel. lots of good ideas by theo. "commit now" theo philipp daniel | |||
| 2002-11-18 | fix a typo and earn a minor style point; Michael Knudsen | Todd C. Miller | |
| 2002-11-15 | Missing "Configuration" tag in a Phase-1 peer was not handled correctly, | Hakan Olsson | |
| pointed out by Aref Taidi. Replace this with a "Default-Phase-1-Configuration" that will be used if this tag is missing from the peer. Update manpage accordingly. niklas@ ok. | |||
| 2002-11-14 | Use %d instead of %2d for better matching. From Mike Neuman. Fixes PR#2848. | Hakan Olsson | |
| 2002-11-14 | Better whitespace/newline handling, this should make broken lines and | Hakan Olsson | |
| multiple values parse correctly again, as well as fix PR#2974. Also fix some int/u_int mismatches, and remove conf_get_line() (obsolete). | |||
| 2002-11-14 | use $ or # before commands in examples | Theo de Raadt | |
| 2002-11-14 | correct IPv6 setsockopt for ipsec operation. angelos ok | Jun-ichiro itojun Hagino | |
| From: Martti Kuparinen <martti.kuparinen@iki.fi> | |||
| 2002-11-13 | as scrub rules end up in a struct pf_rule just call expand_rule instead of | Henning Brauer | |
| handcrufting this. has quite a few positive side effects: -interface list expansion works (fries@ asked for that) -can specify address family, very helpful with dynamic interface expansion (pointed out by daniel) -src/dst ip/port list expansion works -fixes a long standing, scary, though never noticed bug: scrub out on lo1 from any to 10.0.0.1 expanded to scrub out on lo1 all ... this bug was there from day #1. "sneaky diff of the month award" dhartmei@ | |||
| 2002-11-13 | Add label macro $if, as we support {} list expansion for interfaces now. | Daniel Hartmeier | |
| From David Gwynne. ok henning@, camield@ | |||
| 2002-11-13 | Initialize tail pointer to node, found by fries@ | Daniel Hartmeier | |
| 2002-11-10 | fix SEE ALSO; ho ok. | Federico G. Schwindt | |
| 2002-11-09 | remove references to unexistent manpages; miod ok. | Federico G. Schwindt | |
| 2002-11-09 | more SEE ALSO fixes. | Federico G. Schwindt | |
| 2002-11-09 | second round to SEE ALSO fixes. | Federico G. Schwindt | |
| 2002-11-09 | SEE ALSO reordering and corrections. | Federico G. Schwindt | |
| 2002-11-08 | a missing next kbd type | Michael Shalayeff | |
| 2002-11-08 | init buf to NULL just in case... | Henning Brauer | |
| there isn't a single codepath where it can remain uninitialized, but this might prevent a stupid bug if we change something later | |||
| 2002-11-08 | I missed a 'return' statement. Also spotted by Aref Taidi. Thanks. | Hakan Olsson | |
| 2002-11-07 | move the ifa_exists block a bit up in host() | Henning Brauer | |
| inspired by mpech@ pointing out a missing free(buf). so handle the it-is-an-interface case where we don't need the buf before allocating memory. | |||
| 2002-11-06 | More careful will alloc/free. Spotted by Aref Taidi. | Hakan Olsson | |
| 2002-11-06 | - make -u identical with "-o update". The same for -f,-r,-w. | Grigoriy Orlov | |
| - mount point may be specified with trailing slash in all cases (including fstab). - mount doesn't look in fstab at "-o update". So update doesn't fails for fs which isn't listed in fstab. - 'mount -o update' only changes options which supplied via command line and preserves options which currently in use. - fix argv[] buffer overflow in mountfs/mangle. - correct usage. - Other improvements and fixes which I can't remember. Thanks to everyone who test this patch. miod@ ok. | |||
| 2002-11-04 | welcome to CIDR world, pfctl! | Henning Brauer | |
| use inet_net_pton to parse IP adresses. stuff like block in from 10/8 to any works now. some input camield@ and dhartmei@ ok dhartmei@, camield@, mcbride@ | |||
| 2002-11-02 | %i -> %d, matches the style of existing code, from millert@ | Daniel Hartmeier | |
| 2002-11-02 | printf int with %i, not %u. from pilot@monkey.org. | Daniel Hartmeier | |
| 2002-10-30 | simplify | Henning Brauer | |
| 2002-10-30 | fix interface expansion. since the reversed list expansion code was | Henning Brauer | |
| committed this was broken, only the first IP address was returned. pointed out by danh@, who sent an excellent bug report. ok dhartmei@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |