| Age | Commit message (Expand) | Author |
|---|
| 2015-10-13 | - pf_insert_src_node(): global argument (arg6) is useless, function | Alexandr Nedvedicky |
| 2015-10-08 | use the state id to set a flowid on an mbuf. | David Gwynne |
| 2015-09-23 | Always increment rt_use inside rtalloc(9) instead of doing it in some | Martin Pieuchot |
| 2015-09-13 | There's no point in abstracting ifp->if_output() as long as pf_test() | Martin Pieuchot |
| 2015-09-12 | Stop overwriting the rt_ifp pointer of RTF_LOCAL routes with lo0ifp. | Martin Pieuchot |
| 2015-09-12 | If M_PREPEND() fails, it frees the mbuf. In this case pf_translate_af() | Alexander Bluhm |
| 2015-09-11 | rtfree(9) accepts NULL now. | Martin Pieuchot |
| 2015-09-11 | Kill yet another argument to functions in IPv6. This time ip6_output's | Claudio Jeker |
| 2015-09-10 | Kill two simple in6_ifstat_inc(). | Martin Pieuchot |
| 2015-09-09 | add if_put after the if_get. | David Gwynne |
| 2015-09-01 | - route-to, dup-to, reply-to should not override the block action | Alexandr Nedvedicky |
| 2015-08-19 | PF must keep IPv6 fragment size as chosen by sender also for packets, | Alexandr Nedvedicky |
| 2015-07-21 | - added /* FALLTHROUGH */ comments, typecasts (u_int32_t)-1, ... | Alexandr Nedvedicky |
| 2015-07-20 | Add some panics to default paths where code later assumes a non default | Jonathan Gray |
| 2015-07-20 | INET6 is here to stay, so stop hauling around never-compiled code | Ryan Thomas McBride |
| 2015-07-19 | rule_item might leak, when pf_create_state() fails | sashan |
| 2015-07-19 | unsinged variables should not be compared to be leq than 0 (unsigned a <= 0) | sashan |
| 2015-07-19 | unused arguments at pf_normalize_tcp_init() and pf_refragment6() | sashan |
| 2015-07-18 | pf_send_tcp() should also use unhandled_af() | sashan |
| 2015-07-18 | msg.mpi | sashan |
| 2015-07-18 | Even if pf(4) is not compiled with SMALL_KERNEL add a define around | Martin Pieuchot |
| 2015-07-18 | INET/INET6 address family check should be unified in PF | sashan |
| 2015-07-17 | remove obsolete INET kernel option | Ted Unangst |
| 2015-07-16 | Kill IP_ROUTETOETHER. | Martin Pieuchot |
| 2015-07-16 | Expand ancient NTOHL/NTOHS/HTONS/HTONL macros. | Martin Pieuchot |
| 2015-07-08 | Linking the local socket to pf states went wrong when IPsec was | Alexander Bluhm |
| 2015-06-30 | Get rid of the undocumented & temporary* m_copy() macro added for | Martin Pieuchot |
| 2015-06-22 | Increment rule counters only after successful state insertion | Mike Belopuhov |
| 2015-06-16 | Store a unique ID, an interface index, rather than a pointer to the | Martin Pieuchot |
| 2015-06-07 | Introduce unhandled_af() for cases where code conditionally does | Jonathan Gray |
| 2015-06-05 | Improve error handling and recovery during state insertion | Mike Belopuhov |
| 2015-05-26 | Don't create ICMP states on reply packets unless tracking states sloppy | Mike Belopuhov |
| 2015-05-22 | Cut down on if statements around pf_icmp_state_lookup | Mike Belopuhov |
| 2015-05-22 | Cleanup leftover PF_ICMP_MULTI_* code that is not needed anymore. | Mike Belopuhov |
| 2015-05-11 | fix a potential use-after-free in pf_state_rm_src_node | Henning Brauer |
| 2015-04-17 | Stubs and support code for NIC-enabled IPsec bite the dust. | Mike Belopuhov |
| 2015-04-11 | the hfsc pools are only used in hfsc.c, so move the init of them | David Gwynne |
| 2015-04-08 | Destination table needs it's own negation flag passed to the pfr_update_stats. | Mike Belopuhov |
| 2015-03-18 | remove the congestion handling from struct ifqueue. | David Gwynne |
| 2015-03-16 | When state creations happen in short term by outgoing packets of one | YASUOKA Masahiko |
| 2015-03-14 | Remove some includes include-what-you-use claims don't | Jonathan Gray |
| 2015-02-14 | Rather than using 0xff as a placeholder for "don't check prio", use 0xff to | Stuart Henderson |
| 2015-02-12 | change log(matches) semantics slightly to make it more useful. since it | Henning Brauer |
| 2015-02-10 | include the "set prio" values. | Henning Brauer |
| 2015-02-10 | since we inherit prio (as in, the queuing priority) from outside sources, | Henning Brauer |
| 2015-02-09 | correctly reset max_win if the SYN-ACK lacks a wscale option. pf | Markus Friedl |
| 2015-02-07 | pf synproxy will do the 3WHS on behalf of the target machine, and once | Henning Brauer |
| 2015-02-05 | Make sure pf(4) does not see embedded scopes. | Martin Pieuchot |
| 2015-01-24 | Userland (base & ports) was adapted to always include <netinet/in.h> | Theo de Raadt |
| 2014-12-19 | unifdef INET in net code as a precursor to removing the pretend option. | Ted Unangst |
