| Age | Commit message (Expand) | Author |
|---|
| 2011-04-06 | Allow PF to filter on the rdomain a packet belongs to. This allows to | Claudio Jeker |
| 2011-04-05 | in pf_check_proto_cksum, consider packets with the CSUM_OUT flags set | Henning Brauer |
| 2011-04-05 | mechanic rename M_{TCP|UDP}V4_CSUM_OUT -> M_{TCP|UDP}_CSUM_OUT | Henning Brauer |
| 2011-04-05 | handle ACK prioritization for v6, ok henning@ | Stuart Henderson |
| 2011-04-05 | ditch fastroute, an ipf feature that made its way into pf before | Mike Belopuhov |
| 2011-04-04 | de-guttenberg our stack a bit | Henning Brauer |
| 2011-04-04 | and stop special casing the bridge for the ip cksum hardware offload | Henning Brauer |
| 2011-04-04 | there is no point at all in updating the ip checksum. it is always | Henning Brauer |
| 2011-03-24 | Reassemble IPv6 fragments in pf. In the forward case, pf refragments | Alexander Bluhm |
| 2011-03-07 | Declare the inline function pf_addr_compare() non-static in pfvar.h | Alexander Bluhm |
| 2011-03-05 | The function pf_tag_packet() never fails. Remove a redundant check | Alexander Bluhm |
| 2011-02-23 | fixup source address rewriting for the icmp errors with the rdr-to setup. | Mike Belopuhov |
| 2011-02-14 | Add missing byte-order swap to pf_match_addr_range. Without this, rules | Stuart Henderson |
| 2011-02-06 | pf_translate() may be called from pflog_packet(). Make sure that | Alexander Bluhm |
| 2011-02-06 | pf_test() and pf_test6() drop IPv4-ICMP6 and IPv6-ICMP packets. Do | Alexander Bluhm |
| 2011-02-05 | When a packet with an unusual protocol number got rewritten, the | Alexander Bluhm |
| 2011-01-22 | Pf must not scrub packets which will be dropped anyway. | Alexander Bluhm |
| 2011-01-19 | Give pf_normalize_ip() the same 3 way semantics as pf_test(). | Alexander Bluhm |
| 2011-01-11 | Perform IP options check in pf_test_rule(), before creating state. | Ryan Thomas McBride |
| 2011-01-10 | If pf_test() was called recursively, the global variable pf_hdrs | Alexander Bluhm |
| 2011-01-10 | DPFPRINTF already adds the "pf: ", no need to put it in the error | Ryan Thomas McBride |
| 2011-01-05 | Remove mbuf ptr save dance in pf_test6(). It was a leftover with | Alexander Bluhm |
| 2010-12-31 | Address comparisson is implemented twice in pf.c. Put this into a | Alexander Bluhm |
| 2010-12-24 | in pf_src_connlimit, the indices to sk->addr were swapped. | Henning Brauer |
| 2010-12-07 | remove a bunch of unused arguments | Jonathan Gray |
| 2010-09-24 | itojun picked exactly the right reason in that REASON_SET call. really no | Henning Brauer |
| 2010-09-24 | use pd->rdomain for the PF_MISMATCHAW checks in pf_test_fragment instead of | Henning Brauer |
| 2010-09-24 | no need to pf_tag_packet in the stateless case in pf_test since | Henning Brauer |
| 2010-09-24 | hello, this is captain obvious speaking: | Henning Brauer |
| 2010-09-24 | remove misleading XXX comment. it is pretty clear by now that | Henning Brauer |
| 2010-09-24 | nicer linewraps, purely cosmetic | Henning Brauer |
| 2010-09-24 | kill some unused arguments to pf_create_state | Jonathan Gray |
| 2010-09-23 | Break out rule counter update code into a separate function, makes the | Ryan Thomas McBride |
| 2010-09-22 | add a new log opt PF_LOG_MATCHES | Henning Brauer |
| 2010-09-22 | various whitespace fixes that my hands did while i was looking for sth | Henning Brauer |
| 2010-09-21 | assert copyrights / bump years | Henning Brauer |
| 2010-09-21 | after ruleset eval is done, we must apply actions from the last matching | Henning Brauer |
| 2010-09-21 | do not increment states_tot on match rules. it is purely cosmetic, this | Henning Brauer |
| 2010-09-21 | make "match log" rules log on the fly. thus you can log and see the packet | Henning Brauer |
| 2010-09-21 | remove now obsolete XXX comment | Henning Brauer |
| 2010-09-21 | make pf_translate (void so far) return 1 if it actually changed something | Henning Brauer |
| 2010-09-21 | factor our the code to set up pf_pdesc, a central structure in pf carrying | Henning Brauer |
| 2010-08-05 | In pf_icmp_mapping() the ICMP and ICMPv6 types shared the same | Alexander Bluhm |
| 2010-07-02 | m_copyback can fail to allocate memory, but is a void fucntion so gymnastics | Bret Lambert |
| 2010-07-01 | g/c unused param to pf_translate | Henning Brauer |
| 2010-06-27 | fix a comment and add a new one to make clear what the mbuf ptr save dance | Henning Brauer |
| 2010-06-27 | stuff nsaddr/ndaddr/nsport/ndport (addrs/ports after NAT, used a lot while | Henning Brauer |
| 2010-05-07 | Start cleaning up the mess called rtalloc*. Kill rtalloc2, make rtalloc1 | Claudio Jeker |
| 2010-02-04 | pf_get_sport() picks a random port from the port range specified in a | Stuart Henderson |
| 2010-01-18 | Convert pf debug logging to using log()/addlog(), a single standardised | Ryan Thomas McBride |
