| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2002-12-06 | let pfctl -v print out "block drop" instead of just "block" in the drop | Henning Brauer | |
| case. fixes the last self-regress test. ok markus@ | |||
| 2002-12-06 | Section and tag comparisions should be case-insensitive. PR#3010, Mike Neuman. | Hakan Olsson | |
| 2002-12-06 | unkown; torh@bogus.net | Theo de Raadt | |
| 2002-12-06 | Introduce anchors and named rule sets, allowing to load additional rule | Daniel Hartmeier | |
| sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons. Idea and ok deraadt@ | |||
| 2002-12-05 | fix a small cosmetic problem. if ifa_lookup was called in LOOKUP_NET mode, | Henning Brauer | |
| it would return things like 127.0.0.1/8. when 127.0.0.1/8 is passed through the new selftests, it becomes 127.0.0.0/8. fix: instead of just copying addr.mask in ifa_lookup, use set_ipmask, so it is 127.0.0.0/8 from the beginning on. | |||
| 2002-12-05 | one step further to "program output is valid program input" and the related | Henning Brauer | |
| extra regress testing opportunities (an excellent idea by markus@). only print rule numbers in case of pfctl -v -v; but not with pfctl -v. ok markus@ frantzen@ mcbride@ | |||
| 2002-12-05 | -quote varset in -v output | Henning Brauer | |
| -don't add 's' in set timeout -v output makes the feedback regression tests succeed. ok markus@ mcbride@ | |||
| 2002-12-05 | Replace warnx with warn on ioctls so that we get the error message associated | Ryan Thomas McBride | |
| with the warning. From DJ Gregor. ok henning@ dhartmei@ | |||
| 2002-12-05 | correct sizeof() to memset(). sync w/kame | Jun-ichiro itojun Hagino | |
| 2002-12-04 | bit_ffc(3) returns a -1 location for a full bitset. Problem found by | Hakan Olsson | |
| Olivier Courtay. | |||
| 2002-12-04 | allow ACQUIRE with empty EXT_ADDRESS_SRC; PR 2996; ok angelos@, ho@ | Markus Friedl | |
| 2002-12-04 | in host(), apply a given netmask to all members of the node_host list | Henning Brauer | |
| returned by ifa_lookup(). reported by Alejandro G. Belluscio ok dhartmei@ | |||
| 2002-12-04 | do not warn for unused variables except with -v -v; henning ok | Theo de Raadt | |
| 2002-12-03 | Add -4/-6 cmdline options to select what address family (IPv4,v6) to use. | Hakan Olsson | |
| niklas@ ok. | |||
| 2002-12-03 | LOG_DBG for missing ca/, certs/, crls/ dirs, not | Hakan Olsson | |
| log_error(). Suggested by markus@. | |||
| 2002-12-03 | be nice and shutdown the socket after beeing done; pointed out by kenjiro | Henning Brauer | |
| 2002-12-02 | KNF | Henning Brauer | |
| 2002-12-02 | permit more flexible pass/block lines. the options giving at the end of | Theo de Raadt | |
| a line can now be placed in any order, and some merging of duplicat options is also done. this is easier to use. | |||
| 2002-12-02 | allow for "altq on $interface" without specifying a bandwidth. The | Henning Brauer | |
| interface's bandwidth is taken then. as a side-effect, "altq on $interface bandwidth xx%" is also possible now, it's relative to the interface's bandwidth then. ok theo | |||
| 2002-12-01 | deal with not-ALTQ-enabled kernels | Henning Brauer | |
| 2002-12-01 | Match pf_ioctl.c cleanup; set up the pool_ticket when loading rules | Ryan Thomas McBride | |
| ok dhartmei@ henning@ | |||
| 2002-11-30 | oops | Theo de Raadt | |
| 2002-11-30 | do not syslog with extra newline | Theo de Raadt | |
| 2002-11-30 | move damn unmask() proto into place as well | Michael Shalayeff | |
| 2002-11-30 | move unmask back into pf_print_state.c where it was, and please keep it ↵ | Michael Shalayeff | |
| there; henning@ ok | |||
| 2002-11-29 | no need for extra hrs; henning@ ok | Michael Shalayeff | |
| 2002-11-29 | coredumps are not nice. | Henning Brauer | |
| deal with the fact that when we are merging the lists in host_list both can be NULL. found at EuroBSDCon 2002 while I was explaining the expansion process to Paul de Weerd ok dhartmei@ | |||
| 2002-11-29 | in pfctl_find_altq_node also compare the interface. | Henning Brauer | |
| fixes pfctl -sq output in case the queuespec was expanded to >1 queues on different interfaces | |||
| 2002-11-29 | print queuespec only once in verbose mode, even if referenced more often | Henning Brauer | |
| 2002-11-29 | FREE_LIST nqueues later; can be used more than once | Henning Brauer | |
| 2002-11-28 | qlimit before tbrsize | Henning Brauer | |
| 2002-11-28 | print qlimit on altq if not equal to the default value | Henning Brauer | |
| 2002-11-28 | allow qlimit on altq spec | Henning Brauer | |
| 2002-11-28 | - Remove extra space before -> in print_rdr | Ryan Thomas McBride | |
| - Print hex keys lowercase ok dhartmei@ henning@ | |||
| 2002-11-28 | - Adjust to match replacement of md5 with pf_hash | Ryan Thomas McBride | |
| - Allow keys to be specified in hex (must be 128 bits, mainly to make pfctl -v output paresable by pfctl) or as a string. Randomly generate key if one is not specified. Suggestions and fixes from camield@ ok mickey@ camield@ henning@ | |||
| 2002-11-27 | handle the "no bandwidth specified" case earlier and easier. | Henning Brauer | |
| 2002-11-27 | -use a #define for default qlimit instead of hardcoding it | Henning Brauer | |
| -print qlimit in print_queue if it is not the default one -assign the default qlimit early in the parser instead of using 0 | |||
| 2002-11-27 | next round in print fixes: | Henning Brauer | |
| -only print priority if it is not equal to the default one -space handling overhaul | |||
| 2002-11-27 | use a #define for default priority instead of hardcoding it | Henning Brauer | |
| 2002-11-27 | Make sure daemon() does not close any fd opened during initialization. | Hakan Olsson | |
| niklas@ ok. | |||
| 2002-11-27 | in print_altq() correctly print scheduler type and options | Henning Brauer | |
| 2002-11-27 | fix tbrsize spec | Henning Brauer | |
| 2002-11-27 | Update document date. | Hakan Olsson | |
| 2002-11-27 | fix error message for altq ifspec without child queues | Henning Brauer | |
| 2002-11-26 | make bandwidth specification on queue truly optional | Henning Brauer | |
| 2002-11-26 | queue comes before NAT | Henning Brauer | |
| 2002-11-25 | repair decide_address_family | Henning Brauer | |
| you cannot just taked the first address family you meet as rule's address family... either all are equal, or the rule has no explicit AF. found by danh@ ok theo | |||
| 2002-11-25 | for loN and link1 translate the iface into address properly; henning@ ok | Michael Shalayeff | |
| 2002-11-25 | 1Kb = 1000b, not 1024; as discussed with kjc@ and theo | Henning Brauer | |
| 2002-11-25 | KNF | Henning Brauer | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |