index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
sys
/
net
/
if_pfsync.c
Age
Commit message (
Expand
)
Author
2013-08-07
states learnt via pfsync from a peer with the same ruleset checksum were
David Gwynne
2013-06-20
Revert previous and unbreak asr, the new include should be protected.
Martin Pieuchot
2013-06-20
Allocate the various hook head descriptors as part of the ifnet
Martin Pieuchot
2013-05-10
Since pf_state_key_attach can decide to free the provided state
Mike Belopuhov
2013-03-28
no need for a lot of code to include proc.h
Ted Unangst
2013-03-26
Remove various read-only *maxlen variables and use IFQ_MAXLEN directly.
Martin Pieuchot
2012-10-30
Use time_uptime for expiration values as time_second can be skewed at
Florian Obser
2012-10-09
simplify hook_disestablish() handling by always resetting the hook when
Markus Friedl
2012-10-08
make sure we don't call hook_disestablish() twice e.g. ifconfig -syncdev
Markus Friedl
2012-09-20
pfsync_cancel_full_update needs to restore carp demotions since
Mike Belopuhov
2012-09-20
spltdb() was really just #define'd to be splsoftnet(); replace the former
Bret Lambert
2012-09-19
update the tdb replay counter endian conversion to 64 bits;
Mike Belopuhov
2012-07-26
rename all_state_flags to state_flags to finish the transition
Mike Belopuhov
2012-06-30
Fix a number of problems introduced by the link state handling commit:
Mike Belopuhov
2012-06-30
backout rev1.185 as it's not what i have intended to commit
Mike Belopuhov
2012-06-29
add ESN-related bits missed in the previous commit
Mike Belopuhov
2012-06-28
Fix a number of problems introduced by the link state handling commit:
Mike Belopuhov
2012-04-11
fix all the suser calls which pass an incorrect p_acflag argument;
Mike Belopuhov
2012-04-07
remove superfluous return, ok mikeb
Camiel Dobbelaar
2012-04-03
Fix kernel compilation with pf but without pfsync pseudo-device by
Mike Belopuhov
2012-02-03
The kernel did not compile without INET6. Put some #ifdefs into
Alexander Bluhm
2012-01-16
do carp demotion adjustments on syncdev link state change.
Mike Belopuhov
2011-12-01
Make sure we only enter pf_route() when undefering in the PF_ROUTETO case.
Ryan Thomas McBride
2011-11-29
use a u_int64_t for the state id in pfsync_state. this makes it consistent
David Gwynne
2011-11-27
Protect more operations in the pfsync_clone_destroy to prevent
Mike Belopuhov
2011-11-26
Apply route-to to deferred packet; without this the first packet of a
Ryan Thomas McBride
2011-11-25
use time_uptime to set state creation values as time_second can be
David Gwynne
2011-11-16
Improve flag setting ioctl so that bulk updates are requested
Mike Belopuhov
2011-11-09
State expire time is a baseline time ("last active") for expiry
Camiel Dobbelaar
2011-11-04
Select a correct protocol for a stack side state key when importing
Mike Belopuhov
2011-10-31
Don't forget to cancel bulk update failure timeout when destroying an
Mike Belopuhov
2011-10-30
Allow setting big MTU values on the pfsync interface but not larger
Mike Belopuhov
2011-10-20
remove a bogus chunk accidentally introduced by mcbride in rev1.141;
Mike Belopuhov
2011-10-13
Since the IPv6 madness is not enough introduce NAT64 -- which is actually
Claudio Jeker
2011-08-03
someone (*cough*henning*cough*) made pf_state.state_flags a u_int16_t
David Gwynne
2011-08-02
Replace one byte of padding with sa_family_t af in pfsync_state_key;
Ryan Thomas McBride
2011-07-06
cosnistently use IFQ_SET_MAXLEN, surfaced in a discussion with + ok bluhm
Henning Brauer
2011-07-04
use mtod.
David Hill
2011-05-10
when undeferring a packet, try to timeout_del first to check if you
David Gwynne
2011-04-02
dont let pfsync defer packets for states with NOSYNC set.
David Gwynne
2011-03-02
when sending deferred packets use ip6_output for v6 frames instead of
David Gwynne
2011-01-11
delay deferred packets for a maximum of 20ms instead of 100 ticks (which
David Gwynne
2010-11-29
use m_pulldown to get a contig view of the pfsync_header instead of
David Gwynne
2010-11-29
get rid of struct pfsync_pkt. it was used to store data on the stack to
David Gwynne
2010-11-28
there's no need to take splsoftnet in the input packet action handlers
David Gwynne
2010-09-27
must have either PR_WAITOK or PR_NOWAIT set.
David Gwynne
2010-09-08
creating a pfsync interface is always done from process context, so
Bret Lambert
2010-07-28
pfsync_bulk_fail was mucking around with pfsync_softc and sending packets
David Gwynne
2010-07-25
Add missing braces so a loop will function as intended.
Jonathan Gray
2010-07-09
Add support for using IPsec in multiple rdomains.
Reyk Floeter
[next]