| Age | Commit message (Expand) | Author |
|---|
| 2009-06-26 | invert direction for inner icmp state lookups (e.g. traceroute with icmp) | Markus Friedl |
| 2009-06-22 | Check that the address family is appropriate before processing ICMPv4 and | Joel Sing |
| 2009-06-22 | Always drop ICMPv6 in IPv4 datagrams, not only when compiled with INET6. | Joel Sing |
| 2009-06-22 | Fix scrub max-mss for IPv6 traffic. | Joel Sing |
| 2009-06-08 | in pf_print_state_parts, do not use skw->proto to print the protocol | Henning Brauer |
| 2009-06-08 | "do not call PF_ANEQ with af=0, dragons". fixes a problem with skip | Stuart Henderson |
| 2009-06-05 | Initial support for routing domains. This allows to bind interfaces to | Claudio Jeker |
| 2009-05-18 | The routing table index rtableid has type unsigned int in the routing | Alexander Bluhm |
| 2009-04-30 | treat log as what it is, a flag variable. effectively a noop now but stops | Henning Brauer |
| 2009-04-23 | print the type of the icmp message we're bitching about when debugging is | David Gwynne |
| 2009-04-17 | move the lastr = r assignment behind the anchor rule check so we don't | Henning Brauer |
| 2009-04-15 | little dose of scrubbing after the monster changes: | Henning Brauer |
| 2009-04-15 | move OK ICMP to NOISY level, makes it easier to run at MISC level; ok henning@ | David Krause |
| 2009-04-14 | Correctly handle the case when state might be NULL in pf_test like | Alexander Yurchenko |
| 2009-04-11 | Avoid dereferencing a null pointer when pf attempts to translate a | Joel Sing |
| 2009-04-06 | 1) scrub rules are completely gone. | Henning Brauer |
| 2009-03-15 | Introduce splsoftassert(), similar to splassert() but for soft interrupt | Miod Vallat |
| 2009-03-14 | Some ICMP types that also have icmp_id, pointed out by markus@ | Ryan Thomas McBride |
| 2009-03-09 | Make the DIOCSETIFFLAG, DIOCSETLIMIT, and DIOCSETTIMEOUT ioctls | Ryan Thomas McBride |
| 2009-03-07 | Make sure pd2 has a pointer to the icmp header in the payload; fixes | Ryan Thomas McBride |
| 2009-03-05 | Stricter state checking for ICMP and ICMPv6 packets: include the ICMP type | Ryan Thomas McBride |
| 2009-02-27 | fix quick reuse of tcp states. | Henning Brauer |
| 2009-02-16 | pfsync v5, mostly written at n2k9, but based on work done at n2k8. | David Gwynne |
| 2009-01-30 | sync the part copied from ip_output: always initialize IP checksum | Christian Weisgerber |
| 2009-01-30 | sprinkle splassert(IPL_SOFTNET) around the code that inserts, unlinks, and | David Gwynne |
| 2009-01-29 | Split the address selection from pools away from pf.c and put it in | Pierre-Yves Ritschard |
| 2009-01-27 | If a packet translation was a NOP, undo separate NAT key and | Marco Pfatschbacher |
| 2009-01-16 | In pf_test_rule(), if we don't create a state, free any state keys that | David Krause |
| 2008-11-24 | Fix splasserts seen in pr 5987 by propagating a flag that discribes | Mike Belopuhov |
| 2008-11-21 | Change rn_mpath_next() to be able to walk over the full multipath list | Claudio Jeker |
| 2008-10-28 | Always skip "urpf-failed" test for IPv6 link local addresses. | Marco Pfatschbacher |
| 2008-10-23 | use the correct idiom for NFOO things which come from "foo.h" files | Theo de Raadt |
| 2008-10-02 | When redirect is used with sticky-address and a matching pass rule uses | Joel Sing |
| 2008-09-28 | Teach PF pf_print_state_parts() about IPv4 in IP and IPv6 in IP | Joel Sing |
| 2008-09-17 | remove dead stores and newly created unused variables. | Charles Longeau |
| 2008-09-10 | re-enable the state key linking. i believe the bugs that hit us shortly | Henning Brauer |
| 2008-09-09 | welcome pflow(4), a netflow v5 compatible flow export interface. | Henning Brauer |
| 2008-09-03 | before linking state keys compare them to verify they actually are the | Henning Brauer |
| 2008-09-02 | remove dead stores and newly created unused variables. | Charles Longeau |
| 2008-08-26 | introduce a function to be called when addressing information has changed, | Henning Brauer |
| 2008-08-22 | Make pf_print_host() print IPv6 addresses correctly. | Alexander Bluhm |
| 2008-08-02 | do not write the pf state key pointer to the pkhdr. | Henning Brauer |
| 2008-07-22 | after pf_state_key_atach nothing must use the state keys passed to it any | Henning Brauer |
| 2008-07-21 | some whitespace cleanup I did while looking through the code | David Krause |
| 2008-07-21 | fix typo that broke rdr rules (without pass) with non-TCP/UDP/ICMP protocols | David Krause |
| 2008-07-14 | m_copy can return NULL, so check for it | Henning Brauer |
| 2008-07-10 | check pf NAT source port allocation against net.inet.(tcp|udp).baddynamic | Damien Miller |
| 2008-07-10 | In pf_state_insert(), if the first pf_state_key_attach() fails, the | David Krause |
| 2008-07-05 | in pf_state_key_attach(), when there is already an existing state key that | David Krause |
| 2008-07-04 | in pf_state_key_attach(), when we find that there already is a state key | Henning Brauer |
