summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2002-12-16raidframe -> RAIDframeThierry Deval
2002-12-15correct clri description; from Dan Weeks <danimal at danimal dot org> viaFederico G. Schwindt
PR/3034.
2002-12-15There is no such thing as pf=YES variable, there is a variablemargarida
named pf which you can assign YES. Mention net.inet6.ip6.forwarding. inspired by nick@ and ok'd by henning@
2002-12-15rule set(s) -> ruleset(s)margarida
henning@ ok
2002-12-15more writable spelling; torhHenning Brauer
2002-12-13allow a second queue for higher priorized (currently: tos=lowdelay) packetsHenning Brauer
to be specified per rule queue (qname, priorized_qname) idea dhartmei ok dhartmei@ frantzen@ deraadt@
2002-12-13a bit KNF originally part of another diff soon to come; frantzen@ correctlyHenning Brauer
pointed out that should be a seperate commit.
2002-12-13permit re-ordering of some scrub parameters, and also clean up some otherTheo de Raadt
grammer balony; henning ok
2002-12-13fdisc -> fdesc. form@Mike Pechkin
2002-12-12KNFHenning Brauer
2002-12-12we don't need to keep a private copy of the queue name in expand_rule,Henning Brauer
r->qname is never modified discussed with dhartmei@
2002-12-12Missing 'Cm'. From <andrushock@korovino.net>Mike Pechkin
2002-12-12ansiTheo de Raadt
2002-12-11Minor cosmetic nits picked while reading though init.c:Todd C. Miller
o Use STD{IN,OUT,ERR}_FILENO, not 0-2 o Call exit() from main, not return() (code is never reached anyway) o Change two cases of '!' into "== NULL"
2002-12-11ansi; p/o by Andrushock <andrushock@korovino.net>Alexander Yurchenko
ok gluk@
2002-12-11ansi; modload users please testTheo de Raadt
2002-12-11ansiTheo de Raadt
2002-12-11ansiTheo de Raadt
2002-12-11Replace strncpy + ugly pointer math with sscanif for reading source-hash keysRyan Thomas McBride
ok dhartmei@ henning@
2002-12-11Wording; David KrauseHenning Brauer
2002-12-10don't warnx after ioctl, use warnHenning Brauer
pointed out by form@ via mpech@
2002-12-09KNFTheo de Raadt
2002-12-09replace (properly guarded) strncpy using logic by a strsep & strlcpy usingHenning Brauer
one. discussion & ok dhartmei@
2002-12-09(properly guarded) strcpy() -> strlcpy()Daniel Hartmeier
2002-12-09KNFMarkus Friedl
2002-12-09allow setting of ifcost with brconfig. enables selection of preferredMarkus Friedl
port/path to root bridge among several LANs. unlike ifpriority, which allows you to select designated port if serveral interfaces belong to the same LAN; ok jason@
2002-12-09do not allow redefinitions in variable option blocks; henning okTheo de Raadt
2002-12-08strncpy is evil.Henning Brauer
2002-12-08GNU semantics say that if optstring begins with '-' thenTodd C. Miller
each non-option shall be treated as arguments to option '\1'. BSD getopt match '-' in optstring with a '-' on the command line. This is used to support deprecated options like "su -" that would otherwise prevent the use of getopt(). Resolving this simply requires that the leading '-' be moved somewhere else (I moved it to the end of optstring) since position within optstring is not meaningful.
2002-12-08allow flexible options order like Theo did for rules.Henning Brauer
idea, lots of input, motivation and ok deraadt@ ATTENTION: this changes the syntax. the "scheduler" keyword is gone now. old: altq on $interface scheduler cbq ... new: altq on $interface cbq ...
2002-12-07Support parameters in anchor rules. Allows conditional evaluation, like:Daniel Hartmeier
anchor spews inet proto tcp from any to any port smtp ok deraadt
2002-12-07more KNFHenning Brauer
2002-12-07KNFHenning Brauer
2002-12-07TAILQ_INSERT_TAIL instead of TAILQ_INSERT_HEAD. Makes addresses printRyan Thomas McBride
out in correct order when getting rules from kernel (affects pfctl -s). ok henning@
2002-12-07shadow cleanupHenning Brauer
ok mcbride@ frantzen@
2002-12-07kill an unused param to lungetcHenning Brauer
2002-12-07KNFHenning Brauer
2002-12-07get the interface's MTU instead of assuming 1500Henning Brauer
2002-12-07Convert the hash of a string key to network byte order. Makes regressionRyan Thomas McBride
work on all platforms. Bug found by dhartmei@ ok dhartmei@ henning@
2002-12-06Set transform from default. PR#3008Hakan Olsson
2002-12-06fix linebreak in example; ok ho@, jason@Markus Friedl
2002-12-06styleHenning Brauer
2002-12-06Remove negated address list check again, doesn't work right yet.Daniel Hartmeier
2002-12-06let pfctl -v print out "block drop" instead of just "block" in the dropHenning Brauer
case. fixes the last self-regress test. ok markus@
2002-12-06Section and tag comparisions should be case-insensitive. PR#3010, Mike Neuman.Hakan Olsson
2002-12-06unkown; torh@bogus.netTheo de Raadt
2002-12-06Introduce anchors and named rule sets, allowing to load additional ruleDaniel Hartmeier
sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons. Idea and ok deraadt@
2002-12-05fix a small cosmetic problem. if ifa_lookup was called in LOOKUP_NET mode,Henning Brauer
it would return things like 127.0.0.1/8. when 127.0.0.1/8 is passed through the new selftests, it becomes 127.0.0.0/8. fix: instead of just copying addr.mask in ifa_lookup, use set_ipmask, so it is 127.0.0.0/8 from the beginning on.
2002-12-05one step further to "program output is valid program input" and the relatedHenning Brauer
extra regress testing opportunities (an excellent idea by markus@). only print rule numbers in case of pfctl -v -v; but not with pfctl -v. ok markus@ frantzen@ mcbride@
2002-12-05-quote varset in -v outputHenning Brauer
-don't add 's' in set timeout -v output makes the feedback regression tests succeed. ok markus@ mcbride@
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 00:06:17 +0000