Age | Commit message (Collapse) | Author | |
---|---|---|---|
2002-06-11 | Add -N, -R | Kjell Wooding | |
2002-06-11 | Add -N and -R options. When used in conjunction with | Kjell Wooding | |
pfctl -f <rulefile> they allow just the nat or filter rules to be reloaded, respectively. The default (no flags) is to load everything. If -N is specified, any existing filter rules are retained, similarly for -R. ok deraadt@, dhartmei@ | |||
2002-06-11 | sync with reality | Henning Brauer | |
ok dhartmei@ | |||
2002-06-11 | KNF, remove function parameter names | Daniel Hartmeier | |
2002-06-11 | Remove parse_nat() prototype, it's gone. Yes, authpf is broken at the | Daniel Hartmeier | |
moment. | |||
2002-06-11 | Add $OpenBSD, license, include guards and remove one superfluous | Daniel Hartmeier | |
prototype. From Chris Kuethe | |||
2002-06-11 | print a string for UDP and OTHER state level instead of a numeric level | Mike Frantzen | |
ok dhartmei@, henning@ | |||
2002-06-11 | SCRUB(fragcache) to do gap tracking and overlap pruning of IPv4 fragments | Mike Frantzen | |
without the memory overhead of the conventional defrag in SCRUB ok dhartmei@, idea by deraadt@ | |||
2002-06-11 | sync usage() with reality | Henning Brauer | |
2002-06-11 | Make NAT proxy port range configurable per rule, for instance privileged | Daniel Hartmeier | |
source ports can mapped to privileged proxy ports, or source port 500 to proxy port 500. ok frantzen@ | |||
2002-06-11 | rework pfctl statistics display | Henning Brauer | |
move FCNT_NAMES from pfvar.h to pfctl_parser.h, only used by pfctl some input by nick@ ok frantzen@, dhartmei@ | |||
2002-06-10 | Merge the NAT and rules files into a single rulefile. Rules must be | Kjell Wooding | |
in this order, to remove any ambiguity about what order things happen in: scrub rules nat rules filter rules The -N and -R modifiers go away. Rulefiles are now loaded with the more POSIXly-correct '-f' ok frantzen@ | |||
2002-06-10 | print ethernet address; ok provos@, itojun@ | Markus Friedl | |
2002-06-10 | permit DNS name (they are considered RTF_HOST if specified as destination). | Jun-ichiro itojun Hagino | |
PR 2152 | |||
2002-06-10 | CPIs cannot be selected from the same range as SPIs. | Hakan Olsson | |
2002-06-10 | Zap a few remaining libkeynote refs. | Hakan Olsson | |
2002-06-10 | kill __FUNCTION__ | Marc Espie | |
add __attribute__((format...) Fix one bad call. okay provos@ | |||
2002-06-10 | Allow ports to be specified in nat rules, useful later on for individual | Daniel Hartmeier | |
proxy port ranges. | |||
2002-06-10 | Remove mention of dynamic loading | Hakan Olsson | |
2002-06-10 | The dlopen() stuff goes away. | Hakan Olsson | |
2002-06-10 | Move enum out of struct (gcc 3.1 wasn't happy), from David Krause | Daniel Hartmeier | |
2002-06-10 | save some entropy in random key generation. oked by angelos many moons ago | Kjell Wooding | |
2002-06-10 | some olde version piece crept into my diffski; pt out by dfa@ | Michael Shalayeff | |
2002-06-10 | split scrub rule processing into its own yacc target, | Kjell Wooding | |
for imminent config file merge. ok frantzen@ | |||
2002-06-09 | Make pf_nat.saddr/daddr a pf_rule_addr instead of pf_addr_wrap, so it | Daniel Hartmeier | |
includes ports and operator. | |||
2002-06-09 | rm trailing whitespace | Todd T. Fries | |
2002-06-09 | spaced out developers... | Theo de Raadt | |
2002-06-09 | spelling; moritz@jodeit.org | Theo de Raadt | |
2002-06-09 | Print message for kern.mbstat (to use netstat) | Angelos D. Keromytis | |
2002-06-09 | Document kern.mbstat | Angelos D. Keromytis | |
2002-06-09 | Mark attr payload as handled. Also make sure the correct payload | Hakan Olsson | |
length is returned. | |||
2002-06-09 | Add list parsing in RDR rules: e.g. | Kjell Wooding | |
rdr on $IFLIST proto tcp from $SRC_LIST to $DST_LIST port 21 \ -> 127.0.0.1 port 8021 ok dhartmei@ | |||
2002-06-09 | use strchr() instead of index() | Theo de Raadt | |
2002-06-09 | Bad me. Make sure it compiles before commit. | Hakan Olsson | |
2002-06-09 | CFG_REQUEST | Hakan Olsson | |
2002-06-09 | Style. | Hakan Olsson | |
2002-06-09 | Missed this. | Hakan Olsson | |
2002-06-09 | Tighten the code to work for both SET/ACK and REQ/REPLY modes. | Hakan Olsson | |
2002-06-08 | Document new sysctls. | Angelos D. Keromytis | |
2002-06-08 | Factor out hash operations, some other cleanup. | Hakan Olsson | |
2002-06-08 | add cfg_type | Hakan Olsson | |
2002-06-08 | nuke unused parameter af to expand_label_port | Henning Brauer | |
ok dhartmei@, pb@ | |||
2002-06-08 | Change remaining read-only lookup tables to const, suggestion drahn@ | Daniel Hartmeier | |
2002-06-08 | comment on IPv6 link-local twists | Jun-ichiro itojun Hagino | |
2002-06-08 | support IPv4 in -prefixlen. | Jun-ichiro itojun Hagino | |
2002-06-08 | a bit more for the responder cases | Hakan Olsson | |
2002-06-08 | pf_timeouts is shared between pfctl and authpf, put it in the shared file. | Dale Rahn | |
unbreak build. | |||
2002-06-08 | - extended SMART support. | Grigoriy Orlov | |
- style, typos. - Big part of program redesigned and become more clean and simple. Work done by Alexander Yurchenko <grange@openbsd.ru>. Readattr command implementation and some cleanups by me. Costa@ ok. | |||
2002-06-08 | Fix cut & paste error from last commit. | Grigoriy Orlov | |
2002-06-08 | add list expansion to src/dest in NAT rules. i.e. | Kjell Wooding | |
nat on fxp0 from { 10.0.0.0/24, 10.0.1.0/24 } to \ { 172.6.1.1, 172.14.1.2/32 } -> fxp0 ok theo, dhartmei@ |