| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2001-07-20 | we don't like: | Mike Pechkin | |
| o) .Pp before/after .Sh; o) .Pp before/after .Rs/.Re; o) .Nm without argument in SYNOPSIS; | |||
| 2001-07-19 | #include <termios.h> | Todd C. Miller | |
| 2001-07-19 | Fix/complete the handling of the binary ops >< and <> to behave | Kenneth R Westerback | |
| like the ipf operators. The 'n >< m' construct (Include Range = PF_OP_IRG) should match ports greater than n and less than m, not greater than or equal to n and less than or equal to m. The 'n <> m' construct (Exclude Range = PF_OP_XRG) should match all ports less than n OR greater than m, not be treated as an alias for ><. Thus PF_OP_GL, which was used for both <> and >< is replaced with PF_OP_IRG and PF_OP_XRG with the 'correct' semantics. OK dhartmei@ | |||
| 2001-07-18 | try to clarify a double negative. ok jason@ | Kjell Wooding | |
| 2001-07-18 | protect #define MAX(); ok ho@ | Markus Friedl | |
| 2001-07-18 | minor updates. | Markus Friedl | |
| 2001-07-18 | use correct length for SADB_X_EXT_POLICY message on KAME | Markus Friedl | |
| tested on bsd/os; ok ho@ | |||
| 2001-07-18 | new ERROR token, errx() -> warnx() + ERROR; ok deraadt@ | Markus Friedl | |
| 2001-07-18 | KNF for return | Markus Friedl | |
| 2001-07-18 | check number range to fit in 32 bits | Michael Shalayeff | |
| 2001-07-18 | put range checks on NUMBER, pointed out by deraadt | Michael Shalayeff | |
| 2001-07-17 | spaces, parens, err instead of errx+strerror | Michael Shalayeff | |
| 2001-07-17 | warnx()/YYERROR instead of errx(); suggested by mickey@ | Markus Friedl | |
| 2001-07-17 | markus doesnt like min-ttl =, begone | Niels Provos | |
| 2001-07-17 | support min-ttl, okay dhartmei@ | Niels Provos | |
| 2001-07-17 | normalize ip_off, make IP_DF stripping optional, return rst is a flag now. | Niels Provos | |
| okay markus@ | |||
| 2001-07-17 | bitch about ! in pf rule; ok dhartmei@ and markus@ | Marco S Hyman | |
| 2001-07-17 | bitch about extra command line args; ok dhartmei@ and markus@ | Marco S Hyman | |
| 2001-07-17 | Only set default proto in the rdr case; markus@ OK | Todd C. Miller | |
| 2001-07-16 | errx() if getservbyname() fails | Markus Friedl | |
| 2001-07-16 | get rid of cleanfiles by getting rid of cleanfiles; markus@ ok | Michael Shalayeff | |
| 2001-07-16 | better flags parsing; dhartmei | Markus Friedl | |
| 2001-07-16 | add a yacc parser for pf.conf and nat.conf, with help from mickey@, | Markus Friedl | |
| plus: -n now turns off all operations, and just parses the conf files ok deraadt@ | |||
| 2001-07-15 | paste open for each use, cache file descriptors | Michael Shalayeff | |
| 2001-07-13 | escape a wrning on msgbuf, under certain circumstances | Michael Shalayeff | |
| 2001-07-13 | Add noac flag to disable attribute caching | Constantine Sapuntzakis | |
| 2001-07-13 | Be more verbose about why X509_verify_cert() failed. Thanks to | Hakan Olsson | |
| <sakane@kame.net> for pointing out X509_verify_cert_error_string(). :) | |||
| 2001-07-13 | Add lc_X509_verify_cert_error_string(). | Hakan Olsson | |
| 2001-07-11 | Error on invalid ports | Constantine Sapuntzakis | |
| 2001-07-11 | Return 0 on success, convert exit to return | Angelos D. Keromytis | |
| 2001-07-10 | (c)-2001 | Hakan Olsson | |
| 2001-07-10 | Rewrite packet capture to handle IPv6 addresses. | Hakan Olsson | |
| 2001-07-10 | htonl() for null.null_family, ok niels@, ho@ | Markus Friedl | |
| 2001-07-10 | Oops, we can't use 0 as next_addr()'s error return since 0.0.0.0 is | Todd C. Miller | |
| a valid address. Instead I add a pointer to the result as a parameter and return 0 on failure and 1 on success. Also uses inet_pton() instead of inet_aton(). | |||
| 2001-07-10 | Resolve as a host name if not an IP address; dhartmei@ OK | Todd C. Miller | |
| 2001-07-10 | move "proto" in the nat case as well | Todd C. Miller | |
| 2001-07-09 | Move the proto field to be after the "on" argument which is consistent | Todd C. Miller | |
| with pf.conf. If no proto is specified tcp is assumed. dhartmei@ OK | |||
| 2001-07-09 | Extend nat/rdr syntax. Add source/destination selection. Make | Daniel Hartmeier | |
| interface optional. Suggested by rdump@river.com. nat [on [!] <ifname>] from (any | [!] <addr>[/<mask>]) to (any | [!] <addr>[/<mask>]) -> <addr> [proto (tcp | udp | icmp)] rdr [on [!] <ifname>] from (any | [!] <addr>[/<mask>]) to (any | [!] <addr>[/<mask>]) port <a>[:<b>] -> <addr> port <c>[:*] [proto (tcp | udp | icmp)] | |||
| 2001-07-09 | correct type on last arg to execl(); nordin@cse.ogi.edu | Theo de Raadt | |
| 2001-07-07 | major -Wall cleanup, almost complete | Theo de Raadt | |
| 2001-07-07 | Initialize missing parts of struct nfs_args nfsdefargs | Todd C. Miller | |
| 2001-07-07 | Can't test an int against LONG_{MIN,MAX}; noticed on alpha | Todd C. Miller | |
| While I'm at it make the strtol() bounds checking more sensible. | |||
| 2001-07-07 | #include <string.h> for memset() proto | Todd C. Miller | |
| 2001-07-06 | cleanup, sync w/ kernel | Michael Shalayeff | |
| 2001-07-06 | Allow negative match on interface name for nat and rdr | Chris Cappuccio | |
| ok dhartmei@ | |||
| 2001-07-06 | style | Niklas Hallqvist | |
| 2001-07-06 | Style. | Hakan Olsson | |
| 2001-07-06 | Remove support for PF_ENCAP (deprecated since OpenBSD2.5). | Hakan Olsson | |
| 2001-07-06 | On second thought, we don't need this at all. | Hakan Olsson | |
| 2001-07-06 | Remove the .c and .h files that the build process generates. | Hakan Olsson | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |