| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2006-03-25 | allow bpf(4) to ignore packets based on their direction (inbound or | Damien Miller | |
| outbound), using a new BIOCSDIRFILT ioctl; guidance, feedback and ok canacar@ | |||
| 2005-11-03 | re-implement the bpf "filter drop" option that it actually works. the | Reyk Floeter | |
| bpf FILDROP interface exists for about one year but the required interface to the drivers was missing - so it was useless. this new approach based on a design by henning@ uses a new mbuf flag to mark filtered packets and to drop them in the generic network stack input routines (like ether_input). for example; after some additional testing, this could be used by dhclient to filter everything except DHCP packets (track tech@ for a corresponding dhclient diff). the "filter dropped" packets won't reach the network stack. so it's probably some kind of a very basic application layer packet filter ;). ok canacar@, discussed with henning@ and others | |||
| 2005-07-31 | Introduce bpf_mtap_af and bpf_mtap_hdr to be used when passing a mbuf chain | Christopher Pascoe | |
| to bpf with either an address family or other header added. These helpers only allocate a much smaller struct m_hdr on the stack when needed, rather than leaving 256 byte struct mbufs on the stack in deep call paths. Also removes a fair bit of duplicated code. commit now, tune after deraadt@ | |||
| 2005-01-07 | add support for BIOCGDLTLIST and BIOCSDLT, see bpf(4) | Reyk Floeter | |
| ok canacar@, fgsch@, tested by some other people | |||
| 2004-12-17 | knf cleanup, convert old k&r-style functions to ansi-style for a | Reyk Floeter | |
| consistent style in sys/net/bpf.c. ok henning@, "looks fine" canacar@ | |||
| 2004-06-22 | Add a new "filter drop" flag to bpf and related ioclts. | Can Erkin Acar | |
| When enabled, it notifies the calling interface that the packet matches a bpf filter and should be dropped. ok henning@ markus@ frantzen@ | |||
| 2004-05-16 | add DLT_PPP_ETHER DLT type | Brad Smith | |
| From NetBSD ok deraadt@ | |||
| 2004-04-26 | - make the k field in struct bpf_insn unsigned, as promised in the | Otto Moerbeek | |
| manual page. - more strict bpf code validation, preventing arbitrary kernel memory read and writes. Some help from frantzen@ and canacar@; testing jmc@ markus@; ok canacar@ henning@ franzen@ | |||
| 2004-02-06 | as seen in netbsd. crank bpf sizes to adapt to faster networks. | Ted Unangst | |
| max size goes to 2MB, default goes to 32k. ok canacar@ mcbride@ | |||
| 2003-10-22 | Add locking and write filtering to bpf descriptors. | Can Erkin Acar | |
| Locking prevents dangerous ioctls such as changing the interface and sending signals to be executed by an unprivileged process. A filter can also be applied to packets injected through a bpf descriptor. These features allow programs using bpf descriptors to safely drop/seperate privileges. ok frantzen@ henning@ mcbride@ | |||
| 2003-08-25 | add DLT_IEEE802_11; deraadt@ ok. | Federico G. Schwindt | |
| 2003-06-02 | Remove the advertising clause in the UCB license which Berkeley | Todd C. Miller | |
| rescinded 22 July 1999. Proofed by myself and Theo. | |||
| 2003-05-14 | Use official (from pcap people) link type for pflog. | Can Erkin Acar | |
| With this change, the log header format also changes. The new log format is extendible and allows logging of the originating anchor and ruleset information. ok henning@ dhartmei@ frantzen@ | |||
| 2002-11-29 | minor KNF | Henning Brauer | |
| 2002-11-29 | expose state table changes | Michael Shalayeff | |
| 2002-03-14 | First round of __P removal in sys | Todd C. Miller | |
| 2001-10-02 | change timeval to bpf_timeval; 32 bit in size, permitting much greater ↵ | Theo de Raadt | |
| portability | |||
| 2001-06-25 | extend the logging via a new link header type. export interface, direction, | Niels Provos | |
| action and rule nr. | |||
| 2001-06-09 | By popular demand, protect from multiple inclusion, and fix to use the | Angelos D. Keromytis | |
| same naming style. | |||
| 2001-05-28 | add BIOC[GS]HDRCMPLT ioctl for BPF, to disable overwriting of link level ↵ | Dug Song | |
| source address in forged frames. from NetBSD. art@ok | |||
| 2000-06-19 | de-#ifdef-ize | Jason Wright | |
| 1999-08-08 | Support detaching of network interfaces. Still work to do in ipf, and | Niklas Hallqvist | |
| other families than inet. | |||
| 1999-07-04 | fix link level type codes | Brad Smith | |
| 1999-07-04 | Typos | Marc Espie | |
| 1999-05-26 | Implement DLT_RAW, DLT_{SLIP,PPP}_BSDOS from libpcap 0.4 | Brad Smith | |
| 1998-06-26 | fix bpf select(); from mts@rare.net | Theo de Raadt | |
| 1998-06-10 | make the packets which were successfully processed by IPSec available to | Niels Provos | |
| bpf via the enc0 interface, using linktype DLT_ENC. | |||
| 1998-06-04 | add DLT_LOOP support; 4-byte header indicates proto; cstone@pobox.com | Theo de Raadt | |
| 1997-03-17 | Removed static specifiers. Align bpf headers on sizeof(long) boundaries | Niklas Hallqvist | |
| as it begins with a timeval struct. This fixes the alpha bpf panics. Removed double prototypes. Reordered includes. The last change came from NetBSD. Updated $NetBSD$ tags. Slight KNF too. | |||
| 1996-07-12 | refresh to the latest bpf code release. | Michael Shalayeff | |
| 1996-05-07 | gross BPF_HDR hack, do better | Theo de Raadt | |
| 1996-03-03 | From NetBSD: 960217 merge | Niklas Hallqvist | |
| 1995-10-18 | initial import of NetBSD tree | Theo de Raadt | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |