| Age | Commit message (Expand) | Author |
|---|
| 2017-07-04 | Revert previous, it exposed two edge cases still requiring the | Martin Pieuchot |
| 2017-07-03 | Drop the KERNEL_LOCK() in pf_purge_thread(). | Martin Pieuchot |
| 2017-06-21 | Fix kernel diagnostic assertion "(sk->inp == NULL) || (sk->inp->inp_pf_sk | Alexander Bluhm |
| 2017-06-05 | - let's add PF_LOCK() | Alexandr Nedvedicky |
| 2017-05-31 | Block IPv6 packets in pf(4) that have hop-by-hop options header or | Alexander Bluhm |
| 2017-05-30 | teach pf_build_tcp() about SACK, ok & with sashan | Henning Brauer |
| 2017-05-29 | export_pflow() is no longer grabbing the NET_LOCK(), so no need to | Martin Pieuchot |
| 2017-05-28 | Limit the nested header chain for IPv6 extensions headers and for | Alexander Bluhm |
| 2017-05-28 | Fix bad white spaces, wrap long lines, kill some empty lines. | Alexander Bluhm |
| 2017-05-28 | Pf was handling IPv4 and IPv6 differently regarding AH extension | Alexander Bluhm |
| 2017-05-23 | Move the common length check in pf_pull_hdr() after the address | Alexander Bluhm |
| 2017-05-20 | - fixes regression found by pf_forward test | Alexandr Nedvedicky |
| 2017-05-19 | Change PF behavior to allow MLD Listener Report packets to be sent | Rafael Zalamena |
| 2017-05-16 | - percpu anchor stacks | Alexandr Nedvedicky |
| 2017-05-16 | Replace remaining splsoftassert(IPL_SOFTNET) by NET_ASSERT_LOCKED(). | Martin Pieuchot |
| 2017-05-15 | Enable the NET_LOCK(), take 3. | Martin Pieuchot |
| 2017-05-05 | Put back the call to pf_remove_src_node lost in the netlock backout | Mike Belopuhov |
| 2017-05-04 | Introduce sstosa() for converting sockaddr_storage with a type safe | Alexander Bluhm |
| 2017-03-17 | Revert the NET_LOCK() and bring back pf's contention lock for release. | Martin Pieuchot |
| 2017-03-09 | Prevent integer overflow in PF when calculating the adaptive timeout. | Claudio Jeker |
| 2017-03-07 | Don't overwrite the flow ID once it's set | Mike Belopuhov |
| 2017-03-07 | Enforce that tcbtable and udbtable must be accessed with the NET_LOCK(). | Martin Pieuchot |
| 2017-02-09 | percpu counters for TCP stats | Jeremie Courreges-Anglas |
| 2017-02-05 | Use percpu counters for ip6stat | Jeremie Courreges-Anglas |
| 2017-01-30 | whitespace, from bluhm@ | Sebastian Benoit |
| 2017-01-30 | removes the pf_consistency_lock and protects the users with | Sebastian Benoit |
| 2017-01-25 | Enable the NET_LOCK(), take 2. | Martin Pieuchot |
| 2017-01-09 | pf_purge_thread() needs the NET_LOCK(). | Martin Pieuchot |
| 2016-12-29 | In pf_refragment6() use the valid route from pf_route6() instead | Alexander Bluhm |
| 2016-12-28 | In pf_find_state() pkt_sk was set to NULL if pkt_sk->reverse was | Alexander Bluhm |
| 2016-12-28 | Better check for a valid route than for an existing route in pf | Alexander Bluhm |
| 2016-12-23 | Replace function names with __func__ in debug prints to make grep | Alexander Bluhm |
| 2016-12-23 | Fix white spaces. No binary change. | Alexander Bluhm |
| 2016-12-06 | Use the sizeof udphdr not the sizeof a pointer to it in the af-to | Jonathan Gray |
| 2016-11-28 | Path MTU discovery and traceroute did not always work with pf af-to. | Alexander Bluhm |
| 2016-11-23 | Explicitly forbid to combine af-to with route-to in pfctl. The | Alexander Bluhm |
| 2016-11-22 | Fold union pf_headers buffer into struct pf_pdesc (enabled by pfvar_priv.h). | Richard Procter |
| 2016-11-21 | In pf_route() and pf_route6() the !r->rt case was only used by | Alexander Bluhm |
| 2016-11-17 | The pf fragment reassembly code accepted IPv6 hop-by-hop headers | Alexander Bluhm |
| 2016-11-14 | Instead of passing an extra mbuf pointer to pf_route(), it should | Alexander Bluhm |
| 2016-11-14 | turn ipstat into a set of percpu counters. | David Gwynne |
| 2016-10-28 | - once rule should not attempt to remove its parent rule. | Alexandr Nedvedicky |
| 2016-10-27 | Pass a struct pf_pdesc to pf_route() like it is done in the other | Alexander Bluhm |
| 2016-10-26 | Put union pf_headers and struct pf_pdesc into separate header file | Alexander Bluhm |
| 2016-10-20 | - PF should send a challenge ACK as response to SYN, which matches existing | Alexandr Nedvedicky |
| 2016-10-18 | split pf_send_tcp() into the part that builds the mbuf and the actual | Henning Brauer |
| 2016-10-18 | The variable dlen is always positive and d may be negative. So | Alexander Bluhm |
| 2016-10-18 | The checksum of a ICMP "need to frag" packet for TCP was wrong when | Alexander Bluhm |
| 2016-10-09 | formatting nit (a tab got lost somewhen) | Henning Brauer |
| 2016-10-06 | Remove redundant comments that say a function must be called at | Alexander Bluhm |
