| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2006-10-25 | and another nit, $$.log should be set to 0 explicitely on quick without log | Henning Brauer | |
| 2006-10-25 | add pflog to list of clonable devices; ok henning | Jason McIntyre | |
| 2006-10-25 | urgs, $$.quick needs to be set to 0 explicitely on log (without quick) | Henning Brauer | |
| 2006-10-25 | allow the log interface to be selected like | Henning Brauer | |
| pass log(to pflog5) block out log(to pflog2) input & ok mcbride | |||
| 2006-10-24 | Ignore NUL lines returned by fgets(3), so we don't | Moritz Jodeit | |
| access one byte before the lbuf buffer. OK cloder@ henning@ | |||
| 2006-10-24 | Check strlen(buf) to be > 0 before accessing buf[strlen(buf)-1]. | Moritz Jodeit | |
| OK ray@ cloder@ | |||
| 2006-10-23 | no need to use "keep state" and "flags S/SA" in pf rules, | Jason McIntyre | |
| now that it is the default; ok henning mcbride camield (ftp-proxy bits) deraadt | |||
| 2006-10-20 | OpenBSD no longer supports using an older FreeBSD MBR partition. | David Hill | |
| ok krw@ | |||
| 2006-10-19 | note that all rules using enc0 should specify: keep state (if-bound) | Jason McIntyre | |
| 2006-10-19 | Add WATTHOUR and AMPHOUR | Marco Peereboom | |
| ok jordan@ | |||
| 2006-10-18 | Replace gcc __attribute with __dead. Recompile yields no binary change. | Chad Loder | |
| 2006-10-18 | do not name FILE * variables "fd" since it is confusing | Theo de Raadt | |
| 2006-10-17 | Don't automatically set 'flags S/SA' on stateless rules. | Ryan Thomas McBride | |
| pointed out by david@ ok mpf@ dhartmei@ | |||
| 2006-10-16 | More details on multipath. | Ryan Thomas McBride | |
| ok henning + style suggestions from jmc | |||
| 2006-10-16 | tab needed instead of space to format this correctly; | Jason McIntyre | |
| 2006-10-16 | Add multipath variables. | Ryan Thomas McBride | |
| 2006-10-15 | Proper link state descriptions in print_rtmsg() RTM_IFINFO case. | Ryan Thomas McBride | |
| ok deraadt henning | |||
| 2006-10-15 | build fdisk on landisk | Dale Rahn | |
| 2006-10-14 | Friends don't let friends look for disklabels in Free/NetBSD MBR | Kenneth R Westerback | |
| partitions since the kernel doesn't put them or look for them there anymore. | |||
| 2006-10-14 | Friends don't let friends look for disklabels in Free/NetBSD MBR | Kenneth R Westerback | |
| partitions since the kernel doesn't put them or look for them there anymore. | |||
| 2006-10-13 | Fix another potentially unsafe instance of foo[strlen(foo) - 1] = '\0'. | Chad Loder | |
| OK krw | |||
| 2006-10-12 | Should be correct for landisk. | Dale Rahn | |
| 2006-10-11 | quotes around filename, pr 5253, sthen@zephyr.spacehopper.org | Theo de Raadt | |
| 2006-10-11 | Allow the 'quick' keyword on an anchor. IFF there is a matching rule inside | Ryan Thomas McBride | |
| the anchor, terminate ruleset evaluation when stepping out of the anchor. This means that if you absolutely want the anchor to be terminal, you probably want to use a 'block all' or 'pass all' rule at the start of the anchor. ok dhartmei@ henning@ deraadt@ | |||
| 2006-10-10 | fgets(3) returns NULL on error, not 0. No functional change, but it makes | Chad Loder | |
| the code easier to read. OK deraadt | |||
| 2006-10-06 | Print 'flags any' correctly and handle anchors. | Ryan Thomas McBride | |
| 2006-10-06 | 'no state' should only be printed on pass rules, though. | Ryan Thomas McBride | |
| 2006-10-06 | Print out 'no state' when the rule is not stateful. | Ryan Thomas McBride | |
| 2006-10-06 | Oops, flags S/SA doesn't work on fragments. | Ryan Thomas McBride | |
| 2006-10-06 | Make 'flags S/SA keep state' the implicit for filter rules, based on | Ryan Thomas McBride | |
| a suggestion from dhartmei@. Also add 'flags any' and 'no state' options to disable flag matching and stateful filtering respectively. IMPORTANT NOTE: Current rulesets will continue to load, but the behaviour may be slightly changed as these defaults are more restrictive. If you are purposefully filtering statelessly ('no state') or have a requirement to create states on intermediate packets ('flags any') you should update your ruleset to make use of the new keywords to explicitly request the behaviour. Note that creation of states from intermediate packets in a connection is not recommended, and will increasingly cause problems as more OSs enable window scaling and increase buffer sizes by default. ok dhartmei@ deraadt@ henning@ | |||
| 2006-10-05 | Reword sentence to fix grammar nit. | Tom Cosgrove | |
| ok jmc@ | |||
| 2006-10-04 | sort the smartoffline subcommands; | Jason McIntyre | |
| 2006-10-04 | DIAGNOSTICS -> CAVEATS because: | Jason McIntyre | |
| 1) this section discusses caveats, not diagnostics 2) DIAGNOSTICS is not standard for section 1 ok grange | |||
| 2006-10-03 | move the advice about smart, readattr, and sec* to before the command | Jason McIntyre | |
| list, since it doesn;t make sense to put these in any one single command description (nor indeed to repeat them for every command); ok grange | |||
| 2006-10-03 | provide a summary of the available commands, since there's a ton of | Jason McIntyre | |
| them; | |||
| 2006-10-03 | put the command list into some semblance of order; | Jason McIntyre | |
| 2006-10-02 | various tweaks to smarten this page up a bit; | Jason McIntyre | |
| 2006-10-02 | standard EXAMPLES; | Jason McIntyre | |
| 2006-10-02 | simplify SYNOPSIS and sync usage(); | Jason McIntyre | |
| 2006-09-30 | Don't use uninitialized variable. | Ray Lai | |
| From Peter Philipp <peter underscore philipp at freenet dot de>. OK deraadt@. | |||
| 2006-09-30 | Clear errno before calling the strtol functions. | Ray Lai | |
| From Paul Stoeber <x0001 at x dot de1 dot cc>. OK deraadt@. | |||
| 2006-09-29 | add a new section header, since DESCRIPTION is getting so large... | Jason McIntyre | |
| 2006-09-29 | make it clearer what needs to be run, and how; push manual keying down | Jason McIntyre | |
| the list; move the rc stuff from ipsecctl to ipsec.conf; ok hshoexer | |||
| 2006-09-27 | Oops. Missed a line. Fix so disklabel(8) compiles again. | Kenneth R Westerback | |
| 2006-09-26 | Zap D_REMOVABLE flag from disklabel. If you didn't already know that | Kenneth R Westerback | |
| floppies and cd's were removable, displaying that fact in disklabel output was unlikely to help. And the display in disklabel was the only use of D_REMOVABLE in the tree. ok marco@ | |||
| 2006-09-26 | a better description of what our automatic keying example is up to; | Jason McIntyre | |
| ok hshoexer | |||
| 2006-09-24 | Eliminate D_CHAIN, D_ECC and D_RAMDISK flags from disklabel. They were | Kenneth R Westerback | |
| not being used in the tree for anything obviously useful. Get it done early so we can find if there are non-obvious uses out there. ok deraadt@ beck@ | |||
| 2006-09-24 | No point in checking for a NULL ifi after we've used it. Plus ifi is | Kenneth R Westerback | |
| set once in main() and used everywhere without further checks. From Matthew R. Dempsky via tech@ | |||
| 2006-09-22 | Remove lfs_cleanerd and mount_lfs | Pedro Martelletto | |
| 2006-09-22 | - document which parts need to be packet filtered, and why | Jason McIntyre | |
| - move example ruleset into a more logical order - correct the if-bound example (spotted by hshoexer) help/ok markus hshoexer | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |