| Age | Commit message (Expand) | Author |
|---|
| 2010-12-31 | Address comparisson is implemented twice in pf.c. Put this into a | Alexander Bluhm |
| 2010-12-24 | in pf_src_connlimit, the indices to sk->addr were swapped. | Henning Brauer |
| 2010-12-07 | remove a bunch of unused arguments | Jonathan Gray |
| 2010-09-24 | itojun picked exactly the right reason in that REASON_SET call. really no | Henning Brauer |
| 2010-09-24 | use pd->rdomain for the PF_MISMATCHAW checks in pf_test_fragment instead of | Henning Brauer |
| 2010-09-24 | no need to pf_tag_packet in the stateless case in pf_test since | Henning Brauer |
| 2010-09-24 | hello, this is captain obvious speaking: | Henning Brauer |
| 2010-09-24 | remove misleading XXX comment. it is pretty clear by now that | Henning Brauer |
| 2010-09-24 | nicer linewraps, purely cosmetic | Henning Brauer |
| 2010-09-24 | kill some unused arguments to pf_create_state | Jonathan Gray |
| 2010-09-23 | Break out rule counter update code into a separate function, makes the | Ryan Thomas McBride |
| 2010-09-22 | add a new log opt PF_LOG_MATCHES | Henning Brauer |
| 2010-09-22 | various whitespace fixes that my hands did while i was looking for sth | Henning Brauer |
| 2010-09-21 | assert copyrights / bump years | Henning Brauer |
| 2010-09-21 | after ruleset eval is done, we must apply actions from the last matching | Henning Brauer |
| 2010-09-21 | do not increment states_tot on match rules. it is purely cosmetic, this | Henning Brauer |
| 2010-09-21 | make "match log" rules log on the fly. thus you can log and see the packet | Henning Brauer |
| 2010-09-21 | remove now obsolete XXX comment | Henning Brauer |
| 2010-09-21 | make pf_translate (void so far) return 1 if it actually changed something | Henning Brauer |
| 2010-09-21 | factor our the code to set up pf_pdesc, a central structure in pf carrying | Henning Brauer |
| 2010-08-05 | In pf_icmp_mapping() the ICMP and ICMPv6 types shared the same | Alexander Bluhm |
| 2010-07-02 | m_copyback can fail to allocate memory, but is a void fucntion so gymnastics | Bret Lambert |
| 2010-07-01 | g/c unused param to pf_translate | Henning Brauer |
| 2010-06-27 | fix a comment and add a new one to make clear what the mbuf ptr save dance | Henning Brauer |
| 2010-06-27 | stuff nsaddr/ndaddr/nsport/ndport (addrs/ports after NAT, used a lot while | Henning Brauer |
| 2010-05-07 | Start cleaning up the mess called rtalloc*. Kill rtalloc2, make rtalloc1 | Claudio Jeker |
| 2010-02-04 | pf_get_sport() picks a random port from the port range specified in a | Stuart Henderson |
| 2010-01-18 | Convert pf debug logging to using log()/addlog(), a single standardised | Ryan Thomas McBride |
| 2010-01-14 | henning and I are both dumbasses, testing &foo against NULL is pointless. | Ryan Thomas McBride |
| 2010-01-14 | When printing states in debug output, print the rule number that created | Ryan Thomas McBride |
| 2010-01-14 | i forgot to remove a now obsolete comment in pf_create_state about | Henning Brauer |
| 2010-01-14 | in pf_create_state, when we fixed the leaks, we were a bit too trigger | Henning Brauer |
| 2010-01-13 | in pf_state_key_detach, ensure that the state key pointer on the state | Henning Brauer |
| 2010-01-12 | First pass at removing the 'pf_pool' mechanism for translation and routing | Ryan Thomas McBride |
| 2010-01-11 | "final" leak in state creation: in pf_state_key_setup, if we actually | Henning Brauer |
| 2010-01-11 | fix a bug in pf_create_state that was a major source of amusement for me | Henning Brauer |
| 2009-12-24 | add support to pf for filtering a packet by the interface it was received | David Gwynne |
| 2009-12-14 | fix sticky-address - by pretty much re-implementing it. still following | Henning Brauer |
| 2009-12-08 | move "pf: key search" and "pf: key setup" messages to PF_DEBUG_NOISY | Stuart Henderson |
| 2009-11-26 | magical fix for a fault which reliably brings my firewalls down. i think | David Gwynne |
| 2009-11-23 | with the old code we initialized the state keys early in some cases | Henning Brauer |
| 2009-11-23 | one kinda-missing log |= PFLOG_FORCE in the v6 case, spotted by claudio | Henning Brauer |
| 2009-11-23 | sync the handling of the log flag from pf_test (where it is correct) | Henning Brauer |
| 2009-11-23 | pf_test_fragment: we need to bail out if action == PF_DROP, not | Henning Brauer |
| 2009-11-23 | sync some comments with reality | Henning Brauer |
| 2009-11-23 | remove the nat_rule pointer on pf_state and pf_pdesc, obsolete after | Henning Brauer |
| 2009-11-22 | cleanup after the NAT changes. we used to have multiple rulesets (scrub, | Henning Brauer |
| 2009-11-21 | knf | Henning Brauer |
| 2009-11-05 | IPv6 support for divert sockets. | Michele Marchetto |
| 2009-11-03 | rtables are stacked on rdomains (it is possible to have multiple routing | Claudio Jeker |
