| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2006-11-30 | use rmv to unregister ipsec connections; ok hshoexer, ho | Markus Friedl | |
| 2006-11-30 | handle multiple SAs with different same src/dst but different port; | Markus Friedl | |
| store IKE connection string and phase2 IDs in the ipsec rule; cleanup internal API: pass rules around instead of rule members; report Brian Candler; fix with hshoexer, msf; ok hshoexer | |||
| 2006-11-30 | new ui command 'rmv': removes an entry from a list, thus reversing an | Markus Friedl | |
| 'add' operation; ok ho, hshoexer, jmc eVS: ---------------------------------------------------------------------- | |||
| 2006-11-29 | no need to document generation of local.key 3 times; | Jason McIntyre | |
| spotted by mcbride, ok hshoexer; | |||
| 2006-11-29 | zap trailing spaces; | Jason McIntyre | |
| 2006-11-29 | tweak; ok henning | Jason McIntyre | |
| 2006-11-29 | Forgot this in my last committ: Remove not-needed header files. | Marc Balmer | |
| Also from Kevin Steves. | |||
| 2006-11-29 | Remove an unused variable. | Marc Balmer | |
| From Kevin Steves. | |||
| 2006-11-29 | Document the new location of local.pub, and clarify the fact that local.key | Ryan Thomas McBride | |
| contains the entire keypair. ok deraadt jmc | |||
| 2006-11-29 | Document the new timestamping behaviour here, too, and note that enabling | Marc Balmer | |
| PPS is a device specific operation that might need special software (e.g. from our ports tree). gpsd is such an application and it has just been enabled to nicely play with the new timestamping. | |||
| 2006-11-28 | add -T to synopsis; | Jason McIntyre | |
| 2006-11-28 | add additional link states to report the half duplex / full duplex | Reyk Floeter | |
| state, if known by the driver. this is required to check the full duplex state without depending on the ifmedia ioctl which can't be called in the kernel without process context. ok henning@, brad@ | |||
| 2006-11-28 | -T in synopsis and briefly in manpage | Henning Brauer | |
| 2006-11-28 | do not re-add existing entries; ok hshoexer | Markus Friedl | |
| 2006-11-28 | fix servicecurve check; no point in checking the same sc three times, it | Henning Brauer | |
| was obviously intended to check all three. has been wrong since the beginning, 4 years... noticed by Earl Lapus <earl.lapus@gmail.com>, Vasil Dimov <vd@FreeBSD.org> mailed me then, ok mcbride | |||
| 2006-11-27 | correct comment | Kevin Steves | |
| 2006-11-27 | Recognize when we are sending to a unicast destination IP address and | Kevin Steves | |
| instead of using BPF, which currently will always set the destination MAC to broadcast, send using a SOCK_RAW socket and sendmsg() so the frame has a unicast destination MAC. Fixes an issue when using a bootp forwarder where unicast DHCPREQUESTs are dropped at the router/gateway until we reach T2/REBINDING and change the destination IP to broadcast. ok henning@ (but doesn't like using a raw socket for this) | |||
| 2006-11-27 | remove invalid comment | Kevin Steves | |
| 2006-11-26 | repair missing DPADD requests | Theo de Raadt | |
| 2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter | |
| phase 2 traffic. this allows policy-based filtering of encrypted and unencrypted ipsec traffic with pf(4). see ipsec.conf(5) and isakmpd.conf(5) for details and examples. this is work in progress and still needs some testing and feedback, but it is safe to put it in now. ok hshoexer@ | |||
| 2006-11-24 | fix typo for remote port; from Brian Candler | Markus Friedl | |
| 2006-11-22 | sync dhclient and dhcpd parse.c areas where we can. | Kevin Steves | |
| mainly formatting, whitespace; ok henning@ | |||
| 2006-11-22 | fix some warning messages and comments in parse_date(); ok henning@ | Kevin Steves | |
| 2006-11-21 | remove spurious ; after bracket, no binary change | Kevin Steves | |
| 2006-11-21 | remove unused #defines, no binary change; ok henning@ | Kevin Steves | |
| 2006-11-21 | do not delete sections that might be shared with other connections | Markus Friedl | |
| however, this workaround might leak config entries in isakmpd; ok (for now) hshoexer | |||
| 2006-11-21 | introduce sysctl net.inet6.ip6.multicast_mtudisc (for multicast routers). | Jun-ichiro itojun Hagino | |
| deraadt ok. manpage nit by jmc. | |||
| 2006-11-21 | re-order includes and eliminate duplicates, no binary change; ok henning@ | Kevin Steves | |
| 2006-11-20 | -K argument to kill source tracking nodes explicitly, behaves like the | Ryan Thomas McBride | |
| -k argument for killing states; From Berk D. Demir <bdd@mindcast.org> ok dhartmei henning | |||
| 2006-11-20 | knf: sizeof x -> sizeof(x) | Jun-ichiro itojun Hagino | |
| 2006-11-19 | Default snaplen has been 116 for a while now. | Joel Knight | |
| 2006-11-19 | Try DIOCGPDINFO before DIOCGDINFO when trying to determine the 'label' | Kenneth R Westerback | |
| geometry for a unit. DIOCGPDINFO avoids using the on-disk label or the cached copy of it and returns a 'spoofed' label that retains the geometry info placed in the label by the driver. Unfortunately DIOCGPDINFO is not universally implemented, though sd and wd do. This is what disklabel(8) does when it wants geometry so this makes fdisk a bit more consistant with disklabel. This fixes 'fdisk -i' and 'reinit' when trying to install from a miniroot on, e.g., landisk. i.e. no need to zero out the disklabel before doing 'fdisk -i'. 'get it in snaps' deraadt@ | |||
| 2006-11-17 | change semantics of ff01::/16 to interface local multicast | Jun-ichiro itojun Hagino | |
| (to sync up with more recent IPv6 spec) ok from: deraadt mcbride | |||
| 2006-11-16 | only look at routing table 0 (main one) | Henning Brauer | |
| 2006-11-16 | make RFC2292/3542 selection automagically happen. | Jun-ichiro itojun Hagino | |
| 2006-11-15 | remove KAME_SCOPEID #ifdef. | Jun-ichiro itojun Hagino | |
| __KAME__ should suffice (__KAME__ should be nuked too?) | |||
| 2006-11-14 | memory requirements are relevant only for mount_mfs; ok jmc@ | Otto Moerbeek | |
| 2006-11-13 | briefly describe phases 1 and 2, and use these terms more | Jason McIntyre | |
| consistently in the rest of the page; help/ok hshoexer | |||
| 2006-11-13 | previous was not quite right; | Jason McIntyre | |
| 2006-11-13 | fix a macro mistake; | Jason McIntyre | |
| 2006-11-13 | Handle rules with addresses from mismatched address families correctly. | Ryan Thomas McBride | |
| ok msf@ | |||
| 2006-11-11 | Fix memory leak, from Charles Longeau, many okays | Pedro Martelletto | |
| 2006-11-11 | EXAMPLES was getting too lengthy, so trim some of the ones that were | Jason McIntyre | |
| either obscure, bordering on the duplicate, or referring to pseudo devices; if you want examples for pseudo devices, put them in their specific man page, please. ok jcs | |||
| 2006-11-10 | landisk has no kbd(8) | Theo de Raadt | |
| 2006-11-10 | Add -nwid command to allow wireless interfaces to not prefer a specific | Michael Knudsen | |
| access point. Does the same as nwid "" but since we have -nwkey for nwkey etc. this is nice for consistency. ok mbalmer reyk man stuff also ok jmc | |||
| 2006-11-10 | enable -g again | Alexander von Gernler | |
| help from millert@, ok deraadt@ pedro@ | |||
| 2006-11-10 | check both rule sourace and destination when grouping sa's | Mathieu Sauve-Frankel | |
| fixes PR5262 ok hshoexer@ | |||
| 2006-11-10 | When using -vv, also show grouped SAs. | Hans-Joerg Hoexer | |
| 2006-11-10 | Fix grouping for SAs. Now all combinations of SAs are possible, | Hans-Joerg Hoexer | |
| not only ESP+AH (ie. ESP inside AH). | |||
| 2006-11-10 | Do not count sa, ike and tcpmd5 rules twice. Fixes PR 5263. | Hans-Joerg Hoexer | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |