Age | Commit message (Expand) | Author |
2010-12-15 | Be more careful when copying the pf rule from userland into the kernel. | Claudio Jeker |
2010-06-30 | fix route label awesomeness, issue also known as PR6416 | Henning Brauer |
2010-06-28 | Clean up iterface stats handling: | Ryan Thomas McBride |
2010-06-27 | Fix DIOCCHANGERULE ioctl broken in the remove of the address pools. | Ryan Thomas McBride |
2010-01-18 | Convert pf debug logging to using log()/addlog(), a single standardised | Ryan Thomas McBride |
2010-01-12 | First pass at removing the 'pf_pool' mechanism for translation and routing | Ryan Thomas McBride |
2009-12-24 | add support to pf for filtering a packet by the interface it was received | David Gwynne |
2009-12-14 | fix sticky-address - by pretty much re-implementing it. still following | Henning Brauer |
2009-11-24 | kill obsolete natpass | Henning Brauer |
2009-11-23 | remove the nat_rule pointer on pf_state and pf_pdesc, obsolete after | Henning Brauer |
2009-11-22 | cleanup after the NAT changes. we used to have multiple rulesets (scrub, | Henning Brauer |
2009-11-11 | Fix some memory leaks in error cases. | Jonathan Gray |
2009-11-03 | Use u_int16_t for rdomains for everything. Using various types makes | Claudio Jeker |
2009-11-03 | rtables are stacked on rdomains (it is possible to have multiple routing | Claudio Jeker |
2009-10-28 | Add a dedicated pf pool for route options as suggested by henning, | Jonathan Gray |
2009-10-06 | Replace if (af) tests operating as an af blacklist with stricter switch | Ryan Thomas McBride |
2009-09-01 | the diff theo calls me insanae for: | Henning Brauer |
2009-05-31 | make set loginterface, set hostid, set reassemble and set debug | Henning Brauer |
2009-04-16 | Really turn fragment reassembly on by default. pfctl must handle this | David Krause |
2009-04-07 | turn fragment reassembly on by default. the is little to no reason to | Henning Brauer |
2009-04-06 | 1) scrub rules are completely gone. | Henning Brauer |
2009-03-09 | Make the DIOCSETIFFLAG, DIOCSETLIMIT, and DIOCSETTIMEOUT ioctls | Ryan Thomas McBride |
2009-02-16 | pfsync v5, mostly written at n2k9, but based on work done at n2k8. | David Gwynne |
2009-02-15 | Revert previous. | Marc Balmer |
2009-02-15 | Fix compilation of kernels that have pf, but not pfsync. | Marc Balmer |
2008-11-24 | Fix splasserts seen in pr 5987 by propagating a flag that discribes | Mike Belopuhov |
2008-10-23 | use the correct idiom for NFOO things which come from "foo.h" files | Theo de Raadt |
2008-06-29 | Simplify state creation code; merge state import/export code between pfsync | Ryan Thomas McBride |
2008-06-22 | Revert 1.203; it's not safe to blindly walk the tailq instead of the rbtree | Ryan Thomas McBride |
2008-06-14 | Include "pflog.h" so that we get NPFLOG. | Joel Sing |
2008-06-14 | pool_get()s not in interrupt context should not be PR_NOWAIT, but | Henning Brauer |
2008-06-11 | Split address setup operations into a separate function. More to come. | Ryan Thomas McBride |
2008-06-10 | Simplify code slightly; use PR_ZERO with pool_get() rather than bzero(). | Ryan Thomas McBride |
2008-06-10 | when walking the entire state table it makes much more sense to walk | Henning Brauer |
2008-06-10 | save somespace in the state by collapsing two 8 bit ints used as booleans | Henning Brauer |
2008-06-10 | implement a sloppy tcpstate tracker which does not look at sequence | Henning Brauer |
2008-05-30 | trivial KNF before we go further | Henning Brauer |
2008-05-29 | Second half of PF state table rearrangement. | Ryan Thomas McBride |
2008-05-29 | rewrite the state table logic. | Henning Brauer |
2008-05-18 | KNF | Ryan Thomas McBride |
2008-05-09 | Add support to kill states by rule label or state id. | Marco Pfatschbacher |
2008-05-06 | Add a counter to record how many states have been created by a rule. | Marco Pfatschbacher |
2008-05-06 | Prevent possible overflow of int variable on large memory machines. | Tobias Weingartner |
2007-12-02 | DIOC{GET,ADD}STATE incorrectly use a user provided pointer without using | Christopher Pascoe |
2007-12-02 | When pf_insert_state state succeeds, increase the state count on the | Christopher Pascoe |
2007-12-02 | initialize altq->altq_disc to NULL, from Max Laier | Daniel Hartmeier |
2007-12-02 | Don't put state key if pf_insert_state fails. pf_detach_state would have | Christopher Pascoe |
2007-12-02 | Don't leak state if key allocation fails during add. | Christopher Pascoe |
2007-12-02 | Set expiry timestamp when importing a state, otherwise it expires on the | Christopher Pascoe |
2007-12-02 | DIOCADDSTATE would always dereference a NULL pointer during this copy | Christopher Pascoe |