| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2003-12-30 | fix TAILQ abuse. | Henning Brauer | |
| TAILQ_REMOVE is a no-no within a TAILQ_FOREACH loop. also free the symbol itself after removal. all found while hacking bgpd which incorporates pfctl's sym code (macros). ok cedric@ | |||
| 2003-12-30 | s/inadvertantly/inadvertently; | Jason McIntyre | |
| 2003-12-29 | Add support for % and & units to indicate percent of total space and | Todd C. Miller | |
| percent of available space respectively. From Sebastian Horzela. | |||
| 2003-12-28 | zap bizarre log() prototype. | Marc Espie | |
| Doesn't even change the resulting binary (thank Ian Darwin for that idea) | |||
| 2003-12-27 | Remove extra \n from pf_print_state(). | Ryan Thomas McBride | |
| ok deraadt@ cedric@ | |||
| 2003-12-23 | automagically create pseudo-network interfaces; ok deraadt@ | Markus Friedl | |
| 2003-12-22 | use AES_BLOCK_SIZE only for USE_AES; report martti.kuparinen@iki.fi; ok ho@ | Markus Friedl | |
| 2003-12-20 | make disklabel docs more readable: more logical SYNOPSIS; sort options; | Jason McIntyre | |
| make internal editor help and usage() match the docs; make sure all the forms described in SYNOPSIS are explained; various other tweaks. input from millert@; ok deraadt; | |||
| 2003-12-19 | i wrote much of these, assert my copyright | Henning Brauer | |
| 2003-12-19 | document hw.{cpuspeed,setperf} sysctls; | Jason McIntyre | |
| tweak and ok tedu@ | |||
| 2003-12-19 | assert copyright. i rewrite much of this | Theo de Raadt | |
| 2003-12-18 | Mention the exchange name when giving up on a message. Suggested by | Hakan Olsson | |
| Michael Coulter. | |||
| 2003-12-17 | cosmetics, ok mcbride@ | Daniel Hartmeier | |
| 2003-12-17 | Add support for -DSMALL that doesn't need -lkvm (no -g option) | Todd C. Miller | |
| 2003-12-16 | quotes, spaces and bars do not need to be escaped within displays; | Jason McIntyre | |
| .Nm does not need an argument; dashes should be escaped; | |||
| 2003-12-16 | - s/recieve/receive | Jason McIntyre | |
| - kill whitespace at EOL | |||
| 2003-12-16 | Document new pfsync options (syncif, -syncif and maxupd). | Ryan Thomas McBride | |
| ok deraadt@ | |||
| 2003-12-16 | Check that max-src-states and max-src-nodes are not being set to 0. | Ryan Thomas McBride | |
| 2003-12-16 | hostid is stored in network byte order, print in host byte order. | Ryan Thomas McBride | |
| 2003-12-15 | Support for groups modp2048, modp3072, modp4096, modp6144 and modp8192 (IDs 14 | Hans-Joerg Hoexer | |
| to 18). ok ho@ | |||
| 2003-12-15 | KNF here too | Henning Brauer | |
| 2003-12-15 | Whitespace. | Ryan Thomas McBride | |
| 2003-12-15 | Add initial support for pf state synchronization over the network. | Ryan Thomas McBride | |
| Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@ | |||
| 2003-12-15 | Add support to track stateful connections by source ip. This allows us | Ryan Thomas McBride | |
| to: - Ensure that clients get a consistent IP mapping with load-balanced translation/routing rules - Limit the number of simultaneous connections a client can make - Limit the number of clients which can connect through a rule ok dhartmei@ deraadt@ | |||
| 2003-12-14 | Log the actual port for src and dst, don't assume it's always 500. | Hakan Olsson | |
| 2003-12-14 | Make isakmpd work on big endian linux machines. From Sebastian Klemke. | Hakan Olsson | |
| Also, a few style nits and a better error message text. | |||
| 2003-12-08 | make man page more closely match what's in /proc; | Jason McIntyre | |
| partly from PR 2101 (still open, since code needs fixed); ok tedu@ | |||
| 2003-12-08 | add IOCIFGCLONERS; ifconfig -C; from netbsd; ok henning, deraadt | Markus Friedl | |
| 2003-12-07 | ANSI | Markus Friedl | |
| 2003-12-07 | typo; lists-openbsd@2ls4agd.net | Theo de Raadt | |
| 2003-12-06 | bit more flesh to the create and destroy; thanks jmc | Theo de Raadt | |
| 2003-12-05 | Style nits | Hakan Olsson | |
| 2003-12-05 | madvise() the mfs storage area as randomly accessed as mfs does it's own ↵ | Michael Shalayeff | |
| clustering; tedu@ ok | |||
| 2003-12-04 | Validate SPIs presented in DELETE messages of the informational exchange. | Hans-Joerg Hoexer | |
| ok markus@ | |||
| 2003-12-04 | Typos | Miod Vallat | |
| 2003-12-04 | no, you cannot form a raid from wd0h and wd0h. | Henning Brauer | |
| found by Joel Knight | |||
| 2003-12-03 | add support for ifconfig clone; from netbsd; ok deraadt, henning | Markus Friedl | |
| 2003-12-02 | UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt) | Markus Friedl | |
| ok deraadt@ | |||
| 2003-11-29 | allow ':' (range including boundaries) to be used whereever '><' (range | Daniel Hartmeier | |
| excluding boundaries) is legal. already supported by kernel, requires only removal of three error messages. ok henning@ | |||
| 2003-11-25 | - document interaction with SIGINFO, as observed by Franciszek Holop on misc@ | Jason McIntyre | |
| - add some .Pp - typo | |||
| 2003-11-22 | daniel stumbled over a broken regress test, and it turned out that I forgot | Henning Brauer | |
| to commit a diff from 11/6... do not insert the "block in on ! interface" rule for antispoof statements when the interface in question does not have any IP address, because that then expands to block in on ! interface all which is obviously bad. niklas@ found it, dhartmei@ ok, and I think some more ppl ok I don't remember | |||
| 2003-11-21 | - standard SYNOPSIS | Jason McIntyre | |
| - sort OPTIONS - s/Dq/Sq when quoting single characters - sync usage() - simplify macros | |||
| 2003-11-20 | remove -Werror from userland builds, to give us a chance to | Anil Madhavapeddy | |
| use more verbose warning options if desired. ok millert@, henning@, david@ | |||
| 2003-11-20 | use .Dv for AF_INET and AF_INET6 (kills ugly line break); | Jason McIntyre | |
| spotted by Alexey E. Suslikov; also kill some .Pp's before displays/lists for better PostScript output; | |||
| 2003-11-16 | __attribute__((__packed__)) -> __packed | Anil Madhavapeddy | |
| 2003-11-15 | fix savecore on big endian 64 bit arches. OK millert@ | Marco S Hyman | |
| 2003-11-15 | no dup header sys/types.h. from Andrey Matveev | Ted Unangst | |
| 2003-11-14 | in print_status: | Henning Brauer | |
| -print debuglevel "Loud", this was omitted before (catched by mpech@) -use the fine PF_DEBUG_* defines instead of magic numbers ok markus | |||
| 2003-11-14 | allow the debuglevel to be set from pf.conf (set debug) | Henning Brauer | |
| ok cedric@ | |||
| 2003-11-09 | Unbreak printing of vlan interface information, commented out accidentally | Ryan Thomas McBride | |
| in CARP import. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |