summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Expand)Author
2004-12-29Print 'set fingerprints' correctly when parsing verbosely.Ryan Thomas McBride
2004-12-29Make sure that fingerprint_count gets reset to 0 correctly when we flushRyan Thomas McBride
2004-12-29change last commit so that the test for PF_OPT_NOACTION is actually inDan Harnett
2004-12-29don't clear interface flags if '-n' option was given.Dan Harnett
2004-12-29be quiet about resetting the interface flags omn ruleset load, onlyHenning Brauer
2004-12-28reset skip interface flags on reloads and for -FallHenning Brauer
2004-12-28handle strtoul correctly on 64-bit machines; hshoexer okTheo de Raadt
2004-12-28proper portable C; ok hshoexerTheo de Raadt
2004-12-28Correctly determine length of rsa key passed by the kernel to userland. FoundHans-Joerg Hoexer
2004-12-28use __LP64__; miodTheo de Raadt
2004-12-27unbreak treeTheo de Raadt
2004-12-27reset skip interface flags on reloads and for -FallHenning Brauer
2004-12-27Fix broken pointer arithmetic when receiving a RSA key from the kernel. FoundHans-Joerg Hoexer
2004-12-26snprintf return value paranoia; henning okTheo de Raadt
2004-12-25#ifndef SMALL throughout this, for install media; ok mcbrideTheo de Raadt
2004-12-23set rule_flag PFRULE_SRCTRACK when setting srctrack, found by camield@Daniel Hartmeier
2004-12-22Introduce 'set skip on <ifspec>' to support a list of interfaces where noDaniel Hartmeier
2004-12-22Fix parenthesis mismatch, from Stefan Miltchev. Thanks!Hans-Joerg Hoexer
2004-12-22also pass SIGINT/QUIT to child, from mpech@. ok avsm@Otto Moerbeek
2004-12-22some -Wimplicit-function-declaration cleaning; ok millert@David Krause
2004-12-19use strchr instead of indexTheo de Raadt
2004-12-15missing free()s; with patHenning Brauer
2004-12-14&&/|| inversion would try to merge IP addresses with non-addresses into aMike Frantzen
2004-12-14Reword comment a bit for clarity. hshoexer@ ok.Hakan Olsson
2004-12-14add two warn() calls to make sure a warning message gets printed if one ofMike Frantzen
2004-12-14Allow the Address, Network, or Netmask values of the <IPsec-ID> to beRyan Thomas McBride
2004-12-14link0 drops IP multicast, and link1 non-IP multicast. Not the other wayCamiel Dobbelaar
2004-12-14mention /var/backups;Jason McIntyre
2004-12-13sync authpf anchor syntax;Jason McIntyre
2004-12-13make sure the isakmpd_s has id_r/s set; ok hshoexer, hoMarkus Friedl
2004-12-11A compare function for heapsort(3) should not just subtract twoOtto Moerbeek
2004-12-10allow pf to filter on route labelsHenning Brauer
2004-12-10check msg->isakmp_sa != NULL before the transport gets updated; ok hshoexerMarkus Friedl
2004-12-081. allow up to DPD_RETRANS_MAX retransmitted R_U_THERE messages.Markus Friedl
2004-12-08NAT/T: replace the isakmpd SA transport with the transport from theMarkus Friedl
2004-12-08Add "'overload' requires 'max-src-conn' or 'max-src-conn-rate'" sanity check,Ryan Thomas McBride
2004-12-07space between macro arg and punctuation;Jason McIntyre
2004-12-07Document 'carpdev'Ryan Thomas McBride
2004-12-07Add the 'carpdev' option, to set the carp devices physical interface.Ryan Thomas McBride
2004-12-07KNFRyan Thomas McBride
2004-12-07re-commit mcbride@'s 'flush global', this time without the breakage inDaniel Hartmeier
2004-12-07note that -a is the default if no params given;Jason McIntyre
2004-12-07real backoutTheo de Raadt
2004-12-07oops, incomplete backoutTheo de Raadt
2004-12-07tree does not compile, spotted by dlg (not obvious how to fix)Theo de Raadt
2004-12-07Change the default for 'overload <table> flush' to flush only states from theRyan Thomas McBride
2004-12-07default to interface printing, instead of help message. any illegal -Theo de Raadt
2004-12-06RFC2409 mandates min and max nonce lengths. hshoexer@ ok.Hakan Olsson
2004-12-05extend window of "ignoring route messages on the socket" for 10 secondsTheo de Raadt
2004-12-05initialize $$->tail and $$->next for MAXSRCCONNRATEDaniel Hartmeier