| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2003-06-21 | s/for spall files/for small files/ | Daniel Hartmeier | |
| 2003-06-17 | Sync with share/misc/license.template and add missing DARPA credit | Todd C. Miller | |
| where applicable. | |||
| 2003-06-17 | add adaptive, interval, and frag timeouts to pf.conf and BNF | David Krause | |
| ok henning@ dhartmei@ | |||
| 2003-06-12 | qlimit referenced twice from queueopts, PR 3312 | Henning Brauer | |
| 2003-06-11 | ref table-rule from line, PR 3311 | Henning Brauer | |
| 2003-06-11 | document that is is unsupported to use return-rst/icmp or synproxy | Philipp Buehler | |
| on bridging firewalls henning@ ok, spelling fixes from jmc@ | |||
| 2003-06-10 | fix grammer regarding queues; noted by jlouis@mongers.org | Theo de Raadt | |
| 2003-06-09 | Switch to 2 clause licenses. Spotted by Theo. | Hugh Graham | |
| 2003-06-07 | update BNF to show that tagging is also possible on rdr/nat/binat | Henning Brauer | |
| 2003-06-07 | second part of the diff from Joel Knight that was sitting in my inbox for | Henning Brauer | |
| far too long: better tag documentation. help and ok jmc@ | |||
| 2003-06-07 | update BNF to include "! tagged" | Henning Brauer | |
| 2003-06-07 | document "load anchor from file" | Henning Brauer | |
| mostly from Joel Knight help and ok jmc@ | |||
| 2003-06-06 | - section reorder | Jason McIntyre | |
| - macro fixes - kill whitespace at EOL | |||
| 2003-06-04 | Don't mention the "alwaysuseklogin" option as it has never been used | Hans Insulander | |
| by us. ok millert@ | |||
| 2003-06-03 | make crystal clear that NAT happens before filtering and what that | Henning Brauer | |
| means for the filter rules. from Joel Knight again ok cedric@, silence everybody else | |||
| 2003-06-03 | Don't refer to kerberos 4 | Hans Insulander | |
| 2003-06-03 | Use an ISC-tyle license for all my code; it is simpler and more permissive. | Todd C. Miller | |
| 2003-06-02 | Remove the advertising clause in the UCB license which Berkeley | Todd C. Miller | |
| rescinded 22 July 1999. Proofed by myself and Theo. | |||
| 2003-06-02 | revert to previous BNF formatting; requested by deraadt@ | David Krause | |
| ok deraadt@ dhartmei@ CVSt e--------------------------------------------------------------------- | |||
| 2003-06-02 | Nuke clause 3 & 4. | Jason Wright | |
| 2003-05-30 | the secgtion is called QUEUEING, not QUEUE RULES, so point people to | Henning Brauer | |
| QUEUEING and not QUEUE RULES... found by Joel Knight | |||
| 2003-05-23 | consistently uppercase abbreviations; | Jason McIntyre | |
| ok henning@ | |||
| 2003-05-21 | typos from pjanzen@ | Jason McIntyre | |
| 2003-05-17 | tweak; 10x jmc | Henning Brauer | |
| 2003-05-17 | tweak | David Krause | |
| ok dhartmei@ | |||
| 2003-05-17 | spelling fix | David Krause | |
| 2003-05-17 | tweak | Henning Brauer | |
| 2003-05-17 | document tags | David Krause | |
| ok henning@ | |||
| 2003-05-16 | tweak; | Jason McIntyre | |
| ok dhartmei@ | |||
| 2003-05-16 | TCP SYN proxy. Instead of 'keep state' or 'modulate state', one can use | Daniel Hartmeier | |
| 'synproxy state' for TCP connections. pf will complete the TCP handshake with the active endpoint before passing any packets to the passive end- point, preventing spoofed SYN floods from reaching the passive endpoint. No additional memory requirements, no cookies needed, random initial sequence numbers, uses the existing sequence number modulators to translate packets after the handshakes. ok frantzen@ | |||
| 2003-05-16 | removed unnecessary macros: | Jason McIntyre | |
| - don't need .Pp before/after .Sh - don't need .Ns before punctuation ok krw@ millert@ david@ | |||
| 2003-05-15 | tweak; | Jason McIntyre | |
| ok frantzen@ | |||
| 2003-05-15 | document scrub opt "reassemble tcp" | Mike Frantzen | |
| 2003-05-12 | Use an example that acutally makes some sense. | Daniel Hartmeier | |
| 2003-05-12 | Adaptive timeout value scaling. Allows to reduce timeout values as the | Daniel Hartmeier | |
| number of state table entries grows, so entries time out faster before the table fills up. Works both globally and per-rule. ok frantzen@ | |||
| 2003-05-11 | document the dynamic min-ttl TCP scrub behavior | Mike Frantzen | |
| 2003-05-10 | 'return' now causes an ICMP unreachable for non-TCP/UDP/ICMP protocols. | Daniel Hartmeier | |
| 2003-05-10 | uppercase all non-literals in BNF.. might make some stuff more clear ;) | Philipp Buehler | |
| commitski henning@ | |||
| 2003-05-10 | typos; | Jason McIntyre | |
| 2003-05-10 | typo; | Jason McIntyre | |
| 2003-05-10 | quote non-alphabetic literals | Philipp Buehler | |
| 'over the desk' oks.. | |||
| 2003-05-10 | document that kernel automatically handles first swap partition | Jason McIntyre | |
| ("swap_device" in swapctl -l) and does not need to be added to /etc/fstab. krw@, fries@, rohee@, millert@, henning@ ok. | |||
| 2003-05-10 | BNF for load anchor stuff | Henning Brauer | |
| 2003-05-09 | Talk about the .db version of login.conf; idea from mpech@ | Todd C. Miller | |
| 2003-05-09 | Update to reflect reality. The kerberos authentication methods listed | Todd C. Miller | |
| were out of date and there were missing -v options. | |||
| 2003-05-07 | changed example fstab file; fs_passno should be 2 for non-root filesystems. | Jason McIntyre | |
| 2003-05-06 | fix formatting in the BNF | Henning Brauer | |
| 2003-05-01 | BNF update for label on antispoof | Henning Brauer | |
| 2003-04-29 | document hfsc | Henning Brauer | |
| mostly from Berk D. Demir <bdd at ieee.org> with tweaks by me some nits and ok jmc@ | |||
| 2003-04-29 | port 8081 -> 8021 for ftp-proxy in the examples, so it matches pf.conf | Daniel Hartmeier | |
| and inetd.conf defaults | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |