| Age | Commit message (Expand) | Author |
|---|
| 2013-10-19 | pf_cksum doesn't need to compute the pseudo hdr cksum any more. | Henning Brauer |
| 2013-10-17 | The header file netinet/in_var.h included netinet6/in6_var.h. This | Alexander Bluhm |
| 2013-10-12 | new bandwidth shaping subsystem, kernel side | Henning Brauer |
| 2013-10-11 | Prevent non-data packets from being dropped. | Gerhard Roth |
| 2013-10-09 | Don't leak ruleitems from match rules when hitting a per-rule max state limit. | Camiel Dobbelaar |
| 2013-09-27 | IPv6 atomic fragments must not go the reassembly queue, but be | Alexander Bluhm |
| 2013-08-19 | in pf_test_rule, when dealing with a match rule, obey the match rule's quick | Henning Brauer |
| 2013-07-05 | Collect and display 'match' counters for pf tables. | Bret Lambert |
| 2013-06-26 | put the cksum diff back, of course with the bug fixed where we could | Henning Brauer |
| 2013-06-26 | Rudimentary counter fix for tables used in match rules. | Bret Lambert |
| 2013-06-17 | Before pulling the TCP options from the mbuf onto the stack, do an | Alexander Bluhm |
| 2013-06-05 | after the pf_test_state folding, in pf_test in the proto switch, the | Henning Brauer |
| 2013-06-04 | fold pf_test_state_{tcp,udp,other} into one pf_test_state. | Henning Brauer |
| 2013-06-04 | add a pointer to the protocol checksum header field to pf_pdesc and set | Henning Brauer |
| 2013-06-04 | make pf_change_ap() usable without a port. if the port pointer is NULL, | Henning Brauer |
| 2013-06-03 | Link pf states and socket inpcbs together more tightly. The linking | Alexander Bluhm |
| 2013-06-03 | Update o[sd]port whenever n[sd]port is changed. This fixes a | Alexander Bluhm |
| 2013-06-03 | fix anchor quick with nested anchors. we lost the quick flag as soon as | Henning Brauer |
| 2013-06-02 | set up osport and odport (original src/dst port) in pf_setup_pdesc instead | Henning Brauer |
| 2013-06-01 | pf_step_{into,out_of}_anchor() are only ever called from pf_test_rule() | Henning Brauer |
| 2013-05-14 | Pass the correct pointer to pool_put if pf_state_key_attach fails. | Mike Belopuhov |
| 2013-05-10 | Since pf_state_key_attach can decide to free the provided state | Mike Belopuhov |
| 2013-05-03 | Export ingress/egress interface index in pflow(4). | Florian Obser |
| 2013-04-10 | Remove various external variable declaration from sources files and | Martin Pieuchot |
| 2013-03-29 | Declare struct pf_state_key in the mbuf and in_pcb header files to | Alexander Bluhm |
| 2013-03-28 | Unfortunately the satosin, sintosa, ifatoia, satosin6, sin6tosa, | Alexander Bluhm |
| 2013-03-11 | Add a separate "translation" counter and use this rather than "memory" | Stuart Henderson |
| 2013-01-20 | Make pf TCP sequence number tracking less strict by one octet for | Alexander Bluhm |
| 2012-11-23 | make sure to always pass an array of struct pf_src_node pointers to | Mike Belopuhov |
| 2012-11-06 | backout csum diff for the moment, requested by theo | Henning Brauer |
| 2012-11-01 | redo most of the protocol (tcp/udp/...) checksum handling | Henning Brauer |
| 2012-10-30 | Use time_uptime for expiration values as time_second can be skewed at | Florian Obser |
| 2012-10-21 | Add the IP_DIVERTFL socket option on divert(4) sockets to control | Sebastian Benoit |
| 2012-09-19 | More radix internals pushdown; place rn_mpath_next, which accepts and | Bret Lambert |
| 2012-09-18 | prio 0 is valid, therefore, I chose an "impossible" value for prio meaning | Henning Brauer |
| 2012-08-30 | Sloppy state tracking renders ICMP direction check useless | Mike Belopuhov |
| 2012-07-26 | rename all_state_flags to state_flags to finish the transition | Mike Belopuhov |
| 2012-07-10 | With address family translation, the ip length of the quoted ip | Alexander Bluhm |
| 2012-07-07 | rename prio in struct pf_rule and related structs to set_prio so it is | Henning Brauer |
| 2012-06-26 | initialize 'reason' variable before passing it to the pflog_packet; | Mike Belopuhov |
| 2012-05-12 | Ignore/preserve ECN bits on ToS matching and scrubbing. | Marco Pfatschbacher |
| 2012-04-11 | SLIST_REMOVE_NEXT -> SLIST_REMOVE_AFTER for better consistency and | Christian Weisgerber |
| 2012-04-03 | Fix kernel compilation with pf but without pfsync pseudo-device by | Mike Belopuhov |
| 2012-02-05 | Improve the ICMPv6 direction check | Mike Belopuhov |
| 2012-02-03 | The kernel did not compile without INET6. Put some #ifdefs into | Alexander Bluhm |
| 2012-01-28 | improve icmp virtual id generation for ND and MLD packets so that | Mike Belopuhov |
| 2012-01-28 | try to lookup the icmp state based on a correct packet descriptor; | Mike Belopuhov |
| 2012-01-26 | Clean up the pf normalization code: | Alexander Bluhm |
| 2012-01-26 | Minor fixes for pf_walk_header6(): | Alexander Bluhm |
| 2012-01-18 | Remove dead assignments and newly created unused variables. | Charles Longeau |
