| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2007-10-14 | include in bnf, wanted by jmc | Theo de Raadt | |
| 2007-10-13 | support an include directive; file of course must also be "secure" like | Theo de Raadt | |
| the main configuration file; ok henning | |||
| 2007-09-30 | while rdr'ing port spamd to portsmtpis perfectly valid, it is at least | Henning Brauer | |
| a bit confuzzling, so swap. From: Olli Hauer <ohauer@gmx.de> | |||
| 2007-09-27 | Mention "set loginterface <ifgroup>" | Marco Pfatschbacher | |
| 2007-08-30 | document address ranges, with help from jmc@ | Daniel Hartmeier | |
| 2007-07-17 | typo; from Stephan A. Rickauer | Jason McIntyre | |
| 2007-06-26 | checkd -> checked; from Nicholas Marriott | Jason McIntyre | |
| 2007-06-08 | make it clearer where ifgroups can be used | Henning Brauer | |
| From: Stuart Henderson <stu@spacehopper.org> | |||
| 2007-05-31 | convert to new .Dd format; | Jason McIntyre | |
| 2007-05-08 | Document the fact that 'allow-opts' applies to IPv6 now as well. | Ryan Thomas McBride | |
| ok jmc@ dhartmei@ henning@ deraadt@ claudio@ | |||
| 2007-04-14 | set timeout source-track -> set timeout src.track; from Jason Testart | Jason McIntyre | |
| and a missing full stop... | |||
| 2007-03-21 | Basic ruleset optimization is now the default. | Ryan Thomas McBride | |
| Use 'set ruleset-optimization none' or the -o none argument to prevent pfctl from optimizing the ruleset before loading it. | |||
| 2006-12-01 | Correct the explanation of NAT evaluation order. binat is always first, | Camiel Dobbelaar | |
| then rdr on inbound packets or nat on outbound packets. This is _not_ necessarily the same order in which the rules are defined in the ruleset. ok jmc dhartmei henning | |||
| 2006-11-29 | stateles -> stateless; from stuart henderson | Jason McIntyre | |
| 2006-11-28 | bad space; | Jason McIntyre | |
| 2006-11-28 | mention rtable shitz now that it is enabled in the forwarding path | Henning Brauer | |
| 2006-11-09 | desireable -> desirable; | Jason McIntyre | |
| 2006-11-01 | tweaks; | Jason McIntyre | |
| 2006-10-31 | Document set ruleset-optimization [ none | basic | profile ]. | Ryan Thomas McBride | |
| 2006-10-28 | Document inline anchor loading with { } delimited blocks. | Ryan Thomas McBride | |
| 2006-10-26 | tweak; | Jason McIntyre | |
| 2006-10-26 | tweaks; ok henning | Jason McIntyre | |
| 2006-10-26 | eep! unbreak. | Ryan Thomas McBride | |
| 2006-10-26 | Document hostid. | Ryan Thomas McBride | |
| pointed out by Pierre-Yves Ritschard. | |||
| 2006-10-25 | document how ot send logs to alternate pflog interfaces | Henning Brauer | |
| 2006-10-23 | remove trailing space; | Jason McIntyre | |
| 2006-10-22 | Move the stateful content up to the FILTERING section and flesh it out | Ryan Thomas McBride | |
| somewhat to reflect the default 'keep state' behaviour of pf.conf. prodding by theo, ok jmc@ | |||
| 2006-10-11 | fix mark up mistake; | Jason McIntyre | |
| 2006-10-11 | Document 'anchor "foo" quick'. | Ryan Thomas McBride | |
| 2006-10-06 | these fixes got lost somehow; | Jason McIntyre | |
| 2006-10-06 | missing fixes for STATEFUL INSPECTION; | Jason McIntyre | |
| 2006-10-06 | kill trailing whitespace; | Jason McIntyre | |
| 2006-10-06 | Document the fact that 'flags S/SA keep state' is now the implicit default, | Ryan Thomas McBride | |
| as well as 'no state' and 'flags any' options. ok jmc@ | |||
| 2006-09-12 | for apps which use interface groups, point to the section of | Jason McIntyre | |
| ifconfig(8) where they are explained; ok mcbride mpf henning | |||
| 2006-08-31 | knock out the cpp/m4 stuff from MACROS; after discussion with many... | Jason McIntyre | |
| 2006-08-22 | back out -r1.497 (support for "tagged {}" lists), it broke "tagged" support | Daniel Hartmeier | |
| for nat rules. sorry, existing functionality trumps syntactic sugar. feel free to resubmit a complete patch. closes PR 5207. | |||
| 2006-08-02 | in the BNF section, note that a comma is optional, closes PR 5191 | Daniel Hartmeier | |
| 2006-07-25 | document "tos": pointed out by maxim bourmistrov | Jason McIntyre | |
| diff from jared r r spiegel ok dhartmei | |||
| 2006-07-09 | The timeout value is called src.track, not source-track. | Ryan Thomas McBride | |
| 2006-06-18 | typo: queu -> queue | Hans-Joerg Hoexer | |
| ok claudio@ | |||
| 2006-05-28 | put previous in the correct place; ok mcbride | Jason McIntyre | |
| 2006-05-28 | Adaptive timeouts are now on by default. | Ryan Thomas McBride | |
| 2006-05-14 | interface bandwidths can change; ok henning | Theo de Raadt | |
| 2006-05-01 | update the "tagged" line; ok dhartmei | Jason McIntyre | |
| 2006-05-01 | add support for "tagged {}" lists, from Pierre-Yves Ritschard | Daniel Hartmeier | |
| 2006-04-30 | - replace <> with .Aq | Jason McIntyre | |
| - replace OpenBSD with .Ox from wiz@netbsd | |||
| 2006-03-14 | implement a Unicast Reverse Path Forwarding (uRPF) check for pf(4) | Damien Miller | |
| which optionally verifies that a packet is received on the interface that holds the route back to the packet's source address. This makes it an automatic ingress filter, but only when routing is fully symmetric. bugfix feedback claudio@; ok claudio@ and dhartmei@ | |||
| 2006-02-20 | new ftp-proxy | Camiel Dobbelaar | |
| ok jmc markus | |||
| 2006-01-18 | Document the "tables" and "table-entries" limit options. | Joel Knight | |
| ok jmc@ mcbride@ | |||
| 2005-11-17 | document "log (user)" | Joel Knight | |
| wording help and ok jmc@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |