| Age | Commit message (Expand) | Author |
|---|
| 2011-07-05 | add missing ifdefs for INET6; diff from form, ok henning, bluhm, claudio | Mike Belopuhov |
| 2011-07-04 | Rename the pf_pdesc field rh_cnt to badopts as it is also used for | Alexander Bluhm |
| 2011-07-04 | IPv4 packets with IP options get dropped and no state is created. | Alexander Bluhm |
| 2011-07-04 | Bye bye pf_test6(). Only one pf_test function for both IPv4 and v6. | Claudio Jeker |
| 2011-07-03 | bring in least-states load balancing algorithm | Joerg Zinke |
| 2011-07-03 | In pf_setup_pdesc() the code for analysing TCP and UDP headers was | Alexander Bluhm |
| 2011-07-03 | garbage collect unused parameter to PFLOG_PACKET | Henning Brauer |
| 2011-07-03 | Refactor the fragment handling in pf_setup_pdesc() so that AF_INET | Claudio Jeker |
| 2011-07-01 | The pf_headers union may also contain a mld_hdr or nd_neighbor_solicit | Alexander Bluhm |
| 2011-06-23 | Set pd->af very early in pf_setup_pdesc() since the AF is used in | Claudio Jeker |
| 2011-06-21 | There is no need to handle fragmented TCP reset packets in a special | Alexander Bluhm |
| 2011-06-20 | More cleanup in pf_test/pf_test6 this time mostly the fragment | Claudio Jeker |
| 2011-06-14 | KNF (no change in .o files) | Ryan Thomas McBride |
| 2011-06-02 | When checking to see if a rule is referenced by any source-tracking nodes, | Stuart Henderson |
| 2011-05-25 | Don't do last minute changes to diffs. Revert the argument change to | Claudio Jeker |
| 2011-05-24 | Merge pf_scrub_ip() and pf_scrub_ip6() into a single function. Call | Claudio Jeker |
| 2011-05-22 | Do not pass AF specific information to pf_test_rule() and PFLOG_PACKET() | Claudio Jeker |
| 2011-05-13 | Revert the pf->socket linking diff. | Owain Ainsworth |
| 2011-04-24 | Double link between pf states and sockets. Henning has already | Alexander Bluhm |
| 2011-04-23 | pf_scrub_ip() does not modify the given mbuf pointer. So don't | Alexander Bluhm |
| 2011-04-12 | put the accepted socket of a diverted connection into the routing domain | Mike Belopuhov |
| 2011-04-07 | Correctly initialize local variables in pf_check_proto_cksum(), even for | Miod Vallat |
| 2011-04-06 | Allow PF to filter on the rdomain a packet belongs to. This allows to | Claudio Jeker |
| 2011-04-05 | in pf_check_proto_cksum, consider packets with the CSUM_OUT flags set | Henning Brauer |
| 2011-04-05 | mechanic rename M_{TCP|UDP}V4_CSUM_OUT -> M_{TCP|UDP}_CSUM_OUT | Henning Brauer |
| 2011-04-05 | handle ACK prioritization for v6, ok henning@ | Stuart Henderson |
| 2011-04-05 | ditch fastroute, an ipf feature that made its way into pf before | Mike Belopuhov |
| 2011-04-04 | de-guttenberg our stack a bit | Henning Brauer |
| 2011-04-04 | and stop special casing the bridge for the ip cksum hardware offload | Henning Brauer |
| 2011-04-04 | there is no point at all in updating the ip checksum. it is always | Henning Brauer |
| 2011-03-24 | Reassemble IPv6 fragments in pf. In the forward case, pf refragments | Alexander Bluhm |
| 2011-03-07 | Declare the inline function pf_addr_compare() non-static in pfvar.h | Alexander Bluhm |
| 2011-03-05 | The function pf_tag_packet() never fails. Remove a redundant check | Alexander Bluhm |
| 2011-02-23 | fixup source address rewriting for the icmp errors with the rdr-to setup. | Mike Belopuhov |
| 2011-02-14 | Add missing byte-order swap to pf_match_addr_range. Without this, rules | Stuart Henderson |
| 2011-02-06 | pf_translate() may be called from pflog_packet(). Make sure that | Alexander Bluhm |
| 2011-02-06 | pf_test() and pf_test6() drop IPv4-ICMP6 and IPv6-ICMP packets. Do | Alexander Bluhm |
| 2011-02-05 | When a packet with an unusual protocol number got rewritten, the | Alexander Bluhm |
| 2011-01-22 | Pf must not scrub packets which will be dropped anyway. | Alexander Bluhm |
| 2011-01-19 | Give pf_normalize_ip() the same 3 way semantics as pf_test(). | Alexander Bluhm |
| 2011-01-11 | Perform IP options check in pf_test_rule(), before creating state. | Ryan Thomas McBride |
| 2011-01-10 | If pf_test() was called recursively, the global variable pf_hdrs | Alexander Bluhm |
| 2011-01-10 | DPFPRINTF already adds the "pf: ", no need to put it in the error | Ryan Thomas McBride |
| 2011-01-05 | Remove mbuf ptr save dance in pf_test6(). It was a leftover with | Alexander Bluhm |
| 2010-12-31 | Address comparisson is implemented twice in pf.c. Put this into a | Alexander Bluhm |
| 2010-12-24 | in pf_src_connlimit, the indices to sk->addr were swapped. | Henning Brauer |
| 2010-12-07 | remove a bunch of unused arguments | Jonathan Gray |
| 2010-09-24 | itojun picked exactly the right reason in that REASON_SET call. really no | Henning Brauer |
| 2010-09-24 | use pd->rdomain for the PF_MISMATCHAW checks in pf_test_fragment instead of | Henning Brauer |
| 2010-09-24 | no need to pf_tag_packet in the stateless case in pf_test since | Henning Brauer |
