| Age | Commit message (Expand) | Author |
|---|
| 2004-12-17 | ICMP state entries use the ICMP ID as port for the unique state key. When | Daniel Hartmeier |
| 2004-12-14 | Initialise init_addr in pf_map_addr() in the PF_POOL_ROUNDROBIN, | Ryan Thomas McBride |
| 2004-12-11 | Handle errors in pf_route{,6} more gracefully. | Marco Pfatschbacher |
| 2004-12-10 | allow pf to filter on route labels | Henning Brauer |
| 2004-12-07 | KNF | Ryan Thomas McBride |
| 2004-12-07 | re-commit mcbride@'s 'flush global', this time without the breakage in | Daniel Hartmeier |
| 2004-12-07 | tree does not compile, spotted by dlg (not obvious how to fix) | Theo de Raadt |
| 2004-12-07 | Change the default for 'overload <table> flush' to flush only states from the | Ryan Thomas McBride |
| 2004-12-06 | support max-src-conn-rate with synproxy, ok mcbride@ | Daniel Hartmeier |
| 2004-12-05 | IPv6 packets can contain headers (like options) before the TCP/UDP/ICMP6 | Daniel Hartmeier |
| 2004-12-04 | Add kernel code to keep track of tcp connections which have completed | Ryan Thomas McBride |
| 2004-11-24 | fix a bug that leads to a crash when binat rules of the form | Daniel Hartmeier |
| 2004-11-19 | remove superfluous m_tag_copy/m_tag_prepend, already covered by m_copym2() | Daniel Hartmeier |
| 2004-11-12 | The flag to re-filter pf-generated packets was set wrong by synproxy | Daniel Hartmeier |
| 2004-11-07 | For RST generated due to state mismatch during handshake, don't set | Daniel Hartmeier |
| 2004-09-29 | reset anchor pointer to NULL when stepping back into the main ruleset, | Daniel Hartmeier |
| 2004-09-20 | pf_routable(), used for the no-route keyword, was a v4 only implementation, | Henning Brauer |
| 2004-09-17 | Clean up reference counting wrt state creation and destruction. Fixes | Ryan Thomas McBride |
| 2004-07-11 | backout IPv6 reass-on-scrub patch (more work needs to be done). | Jun-ichiro itojun Hagino |
| 2004-06-25 | correct "scrub in" behavior for IPv6. | Jun-ichiro itojun Hagino |
| 2004-06-25 | IPv6 reassembly on "scrub" directive. | Jun-ichiro itojun Hagino |
| 2004-06-22 | Pull the plug on source-based routing until remaining bugs are eradicated. | Cedric Berger |
| 2004-06-21 | First step towards more sane time handling in the kernel -- this changes | Thorsten Lockert |
| 2004-06-21 | Get rid of pf_test_eh() wrapper. | Ryan Thomas McBride |
| 2004-06-10 | rename struct pf_rule_addr member 'not' to 'neg', as 'not' is a reserved | Daniel Hartmeier |
| 2004-06-06 | extend routing table to be able to match and route packets based on | Cedric Berger |
| 2004-05-19 | Allow recursive anchors (anchors within anchors, up to 64 | Daniel Hartmeier |
| 2004-05-11 | pf_cksum_fixup() was called without last argument from normalization, | Daniel Hartmeier |
| 2004-05-11 | change pf_route() loop detection: introduce a counter (number of times | Daniel Hartmeier |
| 2004-05-05 | Use RFC1323 PAWS timestamps as a logical extension to the conventional TCP | Mike Frantzen |
| 2004-04-28 | make return-rst work on pure bridges. ok dhartmei@ henning@ mcbride@ | Cedric Berger |
| 2004-04-28 | Dont step into INET6 code, just because af != AF_INET | Philipp Buehler |
| 2004-04-27 | validate the sequence numbers on TCP resets are an exact match. check is only | Mike Frantzen |
| 2004-04-26 | Prevent biases in arc4random() from disclosing the byte order of the firewall. | Ryan Thomas McBride |
| 2004-04-26 | anchor refcounting. ok dhartmei@ mcbride@ | Cedric Berger |
| 2004-04-25 | prevent an endless loop with route-to lo0, fixes PR 3736, | Daniel Hartmeier |
| 2004-04-25 | get rid of a complete state tree walk at state expire while in splnet() | Philipp Buehler |
| 2004-04-25 | sync 'other' in test6, too. | Philipp Buehler |
| 2004-04-25 | don't add PF_GENERATED tag to synproxy generated packets for the second | Daniel Hartmeier |
| 2004-04-24 | Add "probability xxx" rule modifier. ok deraadt@ | Cedric Berger |
| 2004-04-17 | when the input queue congestion flag is set stop evaluating the ruleset | Henning Brauer |
| 2004-04-05 | make pftag ** (pass pointer by reference), otherwise it's never updated. | Daniel Hartmeier |
| 2004-03-26 | Properly m_copyback() modified TCP sequence number after demodulation | Daniel Hartmeier |
| 2004-03-25 | Fix icmp checksum when sequence number modlation is being used. | Ryan Thomas McBride |
| 2004-03-22 | Support for best effort bulk transfers of states when pfsync syncif is | Ryan Thomas McBride |
| 2004-03-11 | Don't call pf_src_tree_remove_state() on error in pf_insert_state(), | Ryan Thomas McBride |
| 2004-03-09 | KNF, ok cedric@ deraadt@ | Ryan Thomas McBride |
| 2004-02-24 | Remove redundant logging from pf_test_other(). | Ryan Thomas McBride |
| 2004-02-24 | KNF | Ryan Thomas McBride |
| 2004-02-20 | Make pfsync deal with clearing states bound to a group or interface (eg | Ryan Thomas McBride |
