Age | Commit message (Expand) | Author |
2004-01-06 | Drop UDP packets with destination port 0, or zero or oversized payload | Daniel Hartmeier |
2004-01-05 | 0 -> (void *)NULL for last argument of icmp_error(), which is of type | Daniel Hartmeier |
2004-01-04 | better macro name (IF_LOCKED -> BOUND_IFACE). from markus. | Cedric Berger |
2003-12-31 | spacing. note this, cedric | Theo de Raadt |
2003-12-31 | Many improvements to the handling of interfaces in PF. | Cedric Berger |
2003-12-19 | i wrote much of these, assert my copyright | Henning Brauer |
2003-12-18 | resolve compiler warnings, from Pyun YongHyeon, ok cedric@, mcbride@ | Daniel Hartmeier |
2003-12-15 | ryan left a few for me ;-) | Henning Brauer |
2003-12-15 | Fix whitespace screwups before henning wakes up. | Ryan Thomas McBride |
2003-12-15 | Add initial support for pf state synchronization over the network. | Ryan Thomas McBride |
2003-12-15 | Add support to track stateful connections by source ip. This allows us | Ryan Thomas McBride |
2003-12-12 | Move PF interface code to new net/pf_if.c | Cedric Berger |
2003-12-11 | Fix PR3587 and other related problems with NAT and table stats. | Cedric Berger |
2003-12-08 | Mbuf tag tcp and udp packets which are translated to localhost, and | Ryan Thomas McBride |
2003-11-28 | More pf stats fixups: | Ryan Thomas McBride |
2003-11-21 | Remove redundant arguments to pf_sockaddr_lookup(); proto and af are already | Ryan Thomas McBride |
2003-11-21 | Remove unused "ipoff" arguments. | Ryan Thomas McBride |
2003-11-16 | pf_test() and pf_test6() consistency: | Ryan Thomas McBride |
2003-11-09 | remove stale forward declaration | Daniel Hartmeier |
2003-11-04 | add in(6)_pcblookup_listen() and replace all calls to in_pcblookup() | Markus Friedl |
2003-11-03 | pf_route() can change output NIC, so we need to check its capabilities. | Cedric Berger |
2003-10-31 | Remove remenants of pf_tree stuff that I missed. | Ryan Thomas McBride |
2003-10-29 | fix binat for incoming connections when a netblock (not just a single | Daniel Hartmeier |
2003-10-25 | Build state search indexes directly on pf_state instead of pf_tree_node. | Ryan Thomas McBride |
2003-10-10 | make sure pd is initialized before use (or byte counters may increase | Daniel Hartmeier |
2003-10-02 | correct endian handling of ip->ip_off. | Jun-ichiro itojun Hagino |
2003-09-26 | Rearchitecture of the userland/kernel IOCTL interface for transactions. | Cedric Berger |
2003-09-26 | Move statistics counters from individual pf_test_<proto>() and | Ryan Thomas McBride |
2003-09-24 | Remove state setup no-ops. | Ryan Thomas McBride |
2003-09-01 | KNF | Henning Brauer |
2003-09-01 | Make nat rule update the table counters when no filtering rule is used. | Cedric Berger |
2003-08-28 | fix "pfctl -vvsr" output for rules with tables inside anchors. | Cedric Berger |
2003-08-21 | Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF. | Mike Frantzen |
2003-08-18 | prevent looutput() feedback of broadcast/multicast packets if they are | Daniel Hartmeier |
2003-08-17 | Missing break, change NULL -> 0 for int parameter (no functional | Daniel Hartmeier |
2003-08-14 | m_copyback()'s 4th arg is const void *, nuke (caddr_t) casts. | Jason Wright |
2003-08-09 | This patch remove the restriction that tables cannot be used in routing or | Cedric Berger |
2003-08-07 | make pf_match take u_int32_t instead of u_int16_t | Henning Brauer |
2003-07-29 | Set pf_state->rt_ifp when creating the state entry, instead of doing it | Daniel Hartmeier |
2003-07-29 | More aggressive and easier to understand skip steps for addresses. | Cedric Berger |
2003-07-19 | Simplify struct pf_pooladdr to include struct pf_addr_wrap directly | Cedric Berger |
2003-07-12 | Remove two htons(), which were meant as ntohs(), and are wrong since | Daniel Hartmeier |
2003-07-09 | do not flip ip_len/ip_off in netinet stack. deraadt ok. | Jun-ichiro itojun Hagino |
2003-07-04 | cosmetic changes to keep the different code paths in sync; ok henning | Markus Friedl |
2003-07-04 | -add a "natpass" field to pf_rule | Henning Brauer |
2003-07-04 | bad redundant copy; ok daniel | Markus Friedl |
2003-06-29 | normalize IPv6 packet (no reass, but it is a start). dhartmei & henning ok | Jun-ichiro itojun Hagino |
2003-06-29 | unused global. dhartmei ok | Jun-ichiro itojun Hagino |
2003-06-28 | remove duplicated prototype (they are in pfvar.h). dhartmei ok | Jun-ichiro itojun Hagino |
2003-06-24 | in the ipv6 case, allow route-to to route to link-local addresses | Henning Brauer |