| Age | Commit message (Expand) | Author |
|---|
| 2018-06-18 | Refactor the six ways to find TCP options into one new function. As a result: | Richard Procter |
| 2018-06-04 | The function pf_create_state() calls pf_set_protostate() before | Alexander Bluhm |
| 2018-06-01 | While sending the pf syncookie, we are holding the pf lock. So | Alexander Bluhm |
| 2018-05-10 | pf route-to should not send packets from 127.0.0.1 or ::1 address | Alexander Bluhm |
| 2018-04-06 | All users of the PFLOG_PACKET() macro are inside "#if NPFLOG > 0". | Alexander Bluhm |
| 2018-03-06 | If source and destination addresses are equal, the incoming and | Alexander Bluhm |
| 2018-02-27 | make kernel compile again without INET6 | Sebastian Benoit |
| 2018-02-18 | - regression in pflog output | Alexandr Nedvedicky |
| 2018-02-06 | syncookies for pf. | Henning Brauer |
| 2018-02-06 | some finger muscle workout: | Henning Brauer |
| 2018-01-19 | Use the pf state key linking functions in two more places instead | Alexander Bluhm |
| 2018-01-16 | If pf route-to is used for locally generated packets, they may have | Alexander Bluhm |
| 2018-01-15 | When pf(4) forwards incoming packets with route-to or reply-to, | Alexander Bluhm |
| 2018-01-10 | Use pf_send_icmp() consistently in pf_route(). It sets the routing | Alexander Bluhm |
| 2017-12-29 | Make sure that pf_mbuf_link_state_key() does not overwrite an | Alexander Bluhm |
| 2017-12-29 | Make the functions which link the pf state keys to mbufs, inpcbs, | Alexander Bluhm |
| 2017-12-28 | pf drops IPv4 packets with any options by default. For IPv6 the | Alexander Bluhm |
| 2017-12-24 | There was a corner case where linking the inp to the state key did | Alexander Bluhm |
| 2017-12-04 | RFC 4861 requires that all neighbor discovery packets have 255 in | Alexander Bluhm |
| 2017-12-01 | Simplify the reverse PCB lookup logic. The PF_TAG_TRANSLATE_LOCALHOST | Alexander Bluhm |
| 2017-11-28 | The divert structure was using the port number to indicate that | Alexander Bluhm |
| 2017-11-22 | It does not make sense to call pcb lookup from pf during packet | Alexander Bluhm |
| 2017-11-20 | Sprinkle some NET_ASSERT_LOCKED(), const and co to prepare running | Martin Pieuchot |
| 2017-11-13 | add a generic packet rate matching filter. allows things like | Henning Brauer |
| 2017-11-13 | remove the ability for pf_ouraddr to say that a packet is forwarded. | David Gwynne |
| 2017-10-31 | - add one more softnet taskq | Alexandr Nedvedicky |
| 2017-08-14 | move pf_get_wscale + pf_get_mss prototypes to pfvar.h (diff shrinkage) | Henning Brauer |
| 2017-08-14 | add half-open tcp states accounting, road paved by sashan | Henning Brauer |
| 2017-08-13 | to change a state's state (that term is overloaded in pf, protocol state | Henning Brauer |
| 2017-08-11 | Remove NET_LOCK()'s argument. | Martin Pieuchot |
| 2017-08-06 | Reduce contention on the NET_LOCK() by moving the logic of the pfpurge | Martin Pieuchot |
| 2017-07-04 | Revert previous, it exposed two edge cases still requiring the | Martin Pieuchot |
| 2017-07-03 | Drop the KERNEL_LOCK() in pf_purge_thread(). | Martin Pieuchot |
| 2017-06-21 | Fix kernel diagnostic assertion "(sk->inp == NULL) || (sk->inp->inp_pf_sk | Alexander Bluhm |
| 2017-06-05 | - let's add PF_LOCK() | Alexandr Nedvedicky |
| 2017-05-31 | Block IPv6 packets in pf(4) that have hop-by-hop options header or | Alexander Bluhm |
| 2017-05-30 | teach pf_build_tcp() about SACK, ok & with sashan | Henning Brauer |
| 2017-05-29 | export_pflow() is no longer grabbing the NET_LOCK(), so no need to | Martin Pieuchot |
| 2017-05-28 | Limit the nested header chain for IPv6 extensions headers and for | Alexander Bluhm |
| 2017-05-28 | Fix bad white spaces, wrap long lines, kill some empty lines. | Alexander Bluhm |
| 2017-05-28 | Pf was handling IPv4 and IPv6 differently regarding AH extension | Alexander Bluhm |
| 2017-05-23 | Move the common length check in pf_pull_hdr() after the address | Alexander Bluhm |
| 2017-05-20 | - fixes regression found by pf_forward test | Alexandr Nedvedicky |
| 2017-05-19 | Change PF behavior to allow MLD Listener Report packets to be sent | Rafael Zalamena |
| 2017-05-16 | - percpu anchor stacks | Alexandr Nedvedicky |
| 2017-05-16 | Replace remaining splsoftassert(IPL_SOFTNET) by NET_ASSERT_LOCKED(). | Martin Pieuchot |
| 2017-05-15 | Enable the NET_LOCK(), take 3. | Martin Pieuchot |
| 2017-05-05 | Put back the call to pf_remove_src_node lost in the netlock backout | Mike Belopuhov |
| 2017-05-04 | Introduce sstosa() for converting sockaddr_storage with a type safe | Alexander Bluhm |
| 2017-03-17 | Revert the NET_LOCK() and bring back pf's contention lock for release. | Martin Pieuchot |
