| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2002-12-09 | allow setting of ifcost with brconfig. enables selection of preferred | Markus Friedl | |
| port/path to root bridge among several LANs. unlike ifpriority, which allows you to select designated port if serveral interfaces belong to the same LAN; ok jason@ | |||
| 2002-12-09 | do not allow redefinitions in variable option blocks; henning ok | Theo de Raadt | |
| 2002-12-08 | strncpy is evil. | Henning Brauer | |
| 2002-12-08 | GNU semantics say that if optstring begins with '-' then | Todd C. Miller | |
| each non-option shall be treated as arguments to option '\1'. BSD getopt match '-' in optstring with a '-' on the command line. This is used to support deprecated options like "su -" that would otherwise prevent the use of getopt(). Resolving this simply requires that the leading '-' be moved somewhere else (I moved it to the end of optstring) since position within optstring is not meaningful. | |||
| 2002-12-08 | allow flexible options order like Theo did for rules. | Henning Brauer | |
| idea, lots of input, motivation and ok deraadt@ ATTENTION: this changes the syntax. the "scheduler" keyword is gone now. old: altq on $interface scheduler cbq ... new: altq on $interface cbq ... | |||
| 2002-12-07 | Support parameters in anchor rules. Allows conditional evaluation, like: | Daniel Hartmeier | |
| anchor spews inet proto tcp from any to any port smtp ok deraadt | |||
| 2002-12-07 | more KNF | Henning Brauer | |
| 2002-12-07 | KNF | Henning Brauer | |
| 2002-12-07 | TAILQ_INSERT_TAIL instead of TAILQ_INSERT_HEAD. Makes addresses print | Ryan Thomas McBride | |
| out in correct order when getting rules from kernel (affects pfctl -s). ok henning@ | |||
| 2002-12-07 | shadow cleanup | Henning Brauer | |
| ok mcbride@ frantzen@ | |||
| 2002-12-07 | kill an unused param to lungetc | Henning Brauer | |
| 2002-12-07 | KNF | Henning Brauer | |
| 2002-12-07 | get the interface's MTU instead of assuming 1500 | Henning Brauer | |
| 2002-12-07 | Convert the hash of a string key to network byte order. Makes regression | Ryan Thomas McBride | |
| work on all platforms. Bug found by dhartmei@ ok dhartmei@ henning@ | |||
| 2002-12-06 | Set transform from default. PR#3008 | Hakan Olsson | |
| 2002-12-06 | fix linebreak in example; ok ho@, jason@ | Markus Friedl | |
| 2002-12-06 | style | Henning Brauer | |
| 2002-12-06 | Remove negated address list check again, doesn't work right yet. | Daniel Hartmeier | |
| 2002-12-06 | let pfctl -v print out "block drop" instead of just "block" in the drop | Henning Brauer | |
| case. fixes the last self-regress test. ok markus@ | |||
| 2002-12-06 | Section and tag comparisions should be case-insensitive. PR#3010, Mike Neuman. | Hakan Olsson | |
| 2002-12-06 | unkown; torh@bogus.net | Theo de Raadt | |
| 2002-12-06 | Introduce anchors and named rule sets, allowing to load additional rule | Daniel Hartmeier | |
| sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons. Idea and ok deraadt@ | |||
| 2002-12-05 | fix a small cosmetic problem. if ifa_lookup was called in LOOKUP_NET mode, | Henning Brauer | |
| it would return things like 127.0.0.1/8. when 127.0.0.1/8 is passed through the new selftests, it becomes 127.0.0.0/8. fix: instead of just copying addr.mask in ifa_lookup, use set_ipmask, so it is 127.0.0.0/8 from the beginning on. | |||
| 2002-12-05 | one step further to "program output is valid program input" and the related | Henning Brauer | |
| extra regress testing opportunities (an excellent idea by markus@). only print rule numbers in case of pfctl -v -v; but not with pfctl -v. ok markus@ frantzen@ mcbride@ | |||
| 2002-12-05 | -quote varset in -v output | Henning Brauer | |
| -don't add 's' in set timeout -v output makes the feedback regression tests succeed. ok markus@ mcbride@ | |||
| 2002-12-05 | Replace warnx with warn on ioctls so that we get the error message associated | Ryan Thomas McBride | |
| with the warning. From DJ Gregor. ok henning@ dhartmei@ | |||
| 2002-12-05 | correct sizeof() to memset(). sync w/kame | Jun-ichiro itojun Hagino | |
| 2002-12-04 | bit_ffc(3) returns a -1 location for a full bitset. Problem found by | Hakan Olsson | |
| Olivier Courtay. | |||
| 2002-12-04 | allow ACQUIRE with empty EXT_ADDRESS_SRC; PR 2996; ok angelos@, ho@ | Markus Friedl | |
| 2002-12-04 | in host(), apply a given netmask to all members of the node_host list | Henning Brauer | |
| returned by ifa_lookup(). reported by Alejandro G. Belluscio ok dhartmei@ | |||
| 2002-12-04 | do not warn for unused variables except with -v -v; henning ok | Theo de Raadt | |
| 2002-12-03 | Add -4/-6 cmdline options to select what address family (IPv4,v6) to use. | Hakan Olsson | |
| niklas@ ok. | |||
| 2002-12-03 | LOG_DBG for missing ca/, certs/, crls/ dirs, not | Hakan Olsson | |
| log_error(). Suggested by markus@. | |||
| 2002-12-03 | be nice and shutdown the socket after beeing done; pointed out by kenjiro | Henning Brauer | |
| 2002-12-02 | KNF | Henning Brauer | |
| 2002-12-02 | permit more flexible pass/block lines. the options giving at the end of | Theo de Raadt | |
| a line can now be placed in any order, and some merging of duplicat options is also done. this is easier to use. | |||
| 2002-12-02 | allow for "altq on $interface" without specifying a bandwidth. The | Henning Brauer | |
| interface's bandwidth is taken then. as a side-effect, "altq on $interface bandwidth xx%" is also possible now, it's relative to the interface's bandwidth then. ok theo | |||
| 2002-12-01 | deal with not-ALTQ-enabled kernels | Henning Brauer | |
| 2002-12-01 | Match pf_ioctl.c cleanup; set up the pool_ticket when loading rules | Ryan Thomas McBride | |
| ok dhartmei@ henning@ | |||
| 2002-11-30 | oops | Theo de Raadt | |
| 2002-11-30 | do not syslog with extra newline | Theo de Raadt | |
| 2002-11-30 | move damn unmask() proto into place as well | Michael Shalayeff | |
| 2002-11-30 | move unmask back into pf_print_state.c where it was, and please keep it ↵ | Michael Shalayeff | |
| there; henning@ ok | |||
| 2002-11-29 | no need for extra hrs; henning@ ok | Michael Shalayeff | |
| 2002-11-29 | coredumps are not nice. | Henning Brauer | |
| deal with the fact that when we are merging the lists in host_list both can be NULL. found at EuroBSDCon 2002 while I was explaining the expansion process to Paul de Weerd ok dhartmei@ | |||
| 2002-11-29 | in pfctl_find_altq_node also compare the interface. | Henning Brauer | |
| fixes pfctl -sq output in case the queuespec was expanded to >1 queues on different interfaces | |||
| 2002-11-29 | print queuespec only once in verbose mode, even if referenced more often | Henning Brauer | |
| 2002-11-29 | FREE_LIST nqueues later; can be used more than once | Henning Brauer | |
| 2002-11-28 | qlimit before tbrsize | Henning Brauer | |
| 2002-11-28 | print qlimit on altq if not equal to the default value | Henning Brauer | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |