summaryrefslogtreecommitdiff
path: root/sys/net/pf_ioctl.c
AgeCommit message (Expand)Author
2023-05-03Remove net lock from DIOCGETRULESET and DIOCGETRULESETSKlemens Nanni
2023-04-29Remove net lock from DIOCGETQUEUEKlemens Nanni
2023-04-28This change speeds up DIOCGETRULE ioctl(2) which pfctl(8) uses toAlexandr Nedvedicky
2023-04-28Remove net lock from DIOCGETQUEUESKlemens Nanni
2023-04-27Remove net lock from DIOCGETTIMEOUTKlemens Nanni
2023-04-26Introduce `rtlabel_mtx' mutex(9) to protect route labels storage. ThisVitaliy Makkoveev
2023-01-06PF_ANCHOR_STACK_MAX is insufficient protection against stack overflow.Alexandr Nedvedicky
2023-01-05more consistently name pf_state * variables "st".David Gwynne
2023-01-04move the pf_state_tree_id type from pfvar.h to pfvar_priv.h.David Gwynne
2023-01-04move the pf_state_tree rb tree type from pfvar.h to pfvar_priv.hDavid Gwynne
2022-12-21prefix pf_state_key and pf_state_item struct bits to make them more unique.David Gwynne
2022-11-25revert pf.c r1.1152 again: move pf_purge out from under the kernel lockAlexander Bluhm
2022-11-11try pf.c r1.1143 again: move pf_purge out from under the kernel lockDavid Gwynne
2022-11-09simplify expiration of 'once' rules.Alexandr Nedvedicky
2022-11-07revert "move pf_purge out from under the kernel lock".David Gwynne
2022-11-07move pf_purge out from under the kernel lock and avoid the hogging cpuDavid Gwynne
2022-11-06move pfsync_state_import in if_pfsync.c to pf_state_import in pf.cDavid Gwynne
2022-11-06make /dev/pf a clonable device.David Gwynne
2022-08-06Clean up the netlock macros. Merge NET_RLOCK_IN_SOFTNET andAlexander Bluhm
2022-07-28Release PF und NET lock before calling copyin for DIOCXCOMMIT.Moritz Buhl
2022-07-20Add a pool for the allocation of the pf_anchor struct.Moritz Buhl
2022-06-26Allow waiting during ktable allocation in pf_ioctl.mbuhl
2022-05-10move memory allocations in pfr_add_tables() out ofAlexandr Nedvedicky
2022-04-29Release PF und NET lock before calling copyout for DIOCIGETIFACES.mbuhl
2022-04-09Release PF und NET lock before calling copyin for DIOCXROLLBACK.mbuhl
2022-04-07Release PF und NET lock before calling copyin and copyout formbuhl
2022-04-07pf_rollback_rules always has the same return value, make it void.mbuhl
2022-04-04pf_validate_range() must not assume rdr ports are in network order.Alexandr Nedvedicky
2022-03-23Use goto fail consistently to leave the giant switch in pfioctl().Alexander Bluhm
2022-03-23resurrect pf_consistency_lock as pfioctl_rw this time. pfioctl_rwAlexandr Nedvedicky
2022-02-16check pf rule "set prio" values consistently.David Gwynne
2022-02-09let pfattach() to also initialize pf_default_rule_new to avoidAlexandr Nedvedicky
2022-01-24An af-to pf rule must have an address family naf to use afterAlexander Bluhm
2022-01-11move allocations in DIOCSADDRULE and DIOCHANGERULE outside of locks.Alexandr Nedvedicky
2021-12-26DIOCHANGERRULE ioctl must set pointer to ruleset in rule it inserts.Alexandr Nedvedicky
2021-12-26make 'set skip on ...' in pf.conf dynamicAlexandr Nedvedicky
2021-11-16move memory allocations in pfr_add_addrs() outside of NET_LOCK()/PF_LOCK()Alexandr Nedvedicky
2021-11-11Allow pfi_kif_get() callers to pre-allocate buffer for new kif. If kifAlexandr Nedvedicky
2021-06-23augment the global pf state list with its own locks.David Gwynne
2021-06-02whitespace tweaks, no functional change.David Gwynne
2021-02-09pfsync_state_import() must not be called with the pf state lock held,Patrick Wildt
2021-02-09Activate use of PF_LOCK() by removing the WITH_PF_LOCK ifdefs.Patrick Wildt
2020-12-16Reject rules with invalid port rangeskn
2020-10-22- missing NET_UNLOCK() in pf_ioctl.c error pathAlexandr Nedvedicky
2020-10-21- move NET_LOCK() further down in pf_ioctl.c. Also move memory allocationsAlexandr Nedvedicky
2020-10-02relax check for valid onrdomain range. onrdomain is -1 if the value isClaudio Jeker
2020-10-01rdomain IDs do not need to exist for "on rdomain N" to workkn
2020-08-24Rehash main ruleset after rule expirationkn
2020-08-24Remove ptr_array from struct pf_rulesetkn
2020-07-21when calculating the ruleset's checksum, skip automatic table names.Henning Brauer
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-18 16:15:01 +0000