Age | Commit message (Expand) | Author |
2007-12-02 | DIOC{GET,ADD}STATE incorrectly use a user provided pointer without using | Christopher Pascoe |
2007-12-02 | When pf_insert_state state succeeds, increase the state count on the | Christopher Pascoe |
2007-12-02 | initialize altq->altq_disc to NULL, from Max Laier | Daniel Hartmeier |
2007-12-02 | Don't put state key if pf_insert_state fails. pf_detach_state would have | Christopher Pascoe |
2007-12-02 | Don't leak state if key allocation fails during add. | Christopher Pascoe |
2007-12-02 | Set expiry timestamp when importing a state, otherwise it expires on the | Christopher Pascoe |
2007-12-02 | DIOCADDSTATE would always dereference a NULL pointer during this copy | Christopher Pascoe |
2007-09-27 | Add loginterface support for groups. | Marco Pfatschbacher |
2007-09-15 | malloc sweep: | Henning Brauer |
2007-09-01 | replace the machine dependant bytes-to-clicks macro by the MI ptoa() | Martin Reindl |
2007-08-30 | mechanic change: | Henning Brauer |
2007-06-24 | Save some bytes and make code more readable by removing junk union and | Ryan Thomas McBride |
2007-06-21 | force logif to zero if no logging is asked for | Henning Brauer |
2007-06-07 | PR 5502 From: Marc Huber <Marc.Huber@web.de> | Henning Brauer |
2007-06-01 | factor out duplicated code to allocate state key and cross-reference it | Henning Brauer |
2007-05-31 | Move the state id and creatorid (used mainly by pfsync) into struct pf_state. | Ryan Thomas McBride |
2007-05-31 | First step of rearranging pf's state table internals... | Ryan Thomas McBride |
2007-05-29 | Add a name argument to the RWLOCK_INITIALIZER macro. | Thordur I. Bjornsson |
2007-02-26 | because sparc has variable pagesize, ctob() varies between machines, and we | Theo de Raadt |
2007-02-23 | if machine has more than 100MB of physmem, default the max table entries | Theo de Raadt |
2007-02-09 | allow counters to be reset with DIOCGETRULES. | Henning Brauer |
2006-11-20 | ioctl to explicitly remove source tracking nodes, | Ryan Thomas McBride |
2006-10-27 | Split ruleset manipulation functions out into pf_ruleset.c to allow them to | Ryan Thomas McBride |
2006-10-25 | add a "u_int8_t logif" to struct pfrule to select to which pflog interface | Henning Brauer |
2006-08-30 | allow DIOCNATLOOK to look up NAT states for protocols without port | Damien Miller |
2006-07-21 | fix a bug in the input sanity check of DIOCCHANGERULE (not used by pfctl, | Daniel Hartmeier |
2006-07-06 | allow rules to point to an alternate routing table, and tag packets | Henning Brauer |
2006-05-28 | Enable adaptive timeouts by default, with adaptive.start of 60% of the | Ryan Thomas McBride |
2006-03-04 | With the exception of two other small uncommited diffs this moves | Brad Smith |
2006-01-06 | DIOCNATLOOK was forgotten in the second access control switch. it's a | Daniel Hartmeier |
2006-01-06 | for DIOCCLRSTATUS (pfctl -Fi), reset 'Enabled for x' time, too. simplifies | Daniel Hartmeier |
2006-01-05 | bzero after malloc; ok dhartmei | Theo de Raadt |
2005-12-10 | C99 section 6.8.6.4 says "A return statement with an expression shall | Kenneth R Westerback |
2005-10-27 | Basic support for attaching states from pfsync to the correct rules. | Ryan Thomas McBride |
2005-09-28 | Improve the safety of pf IOCTLs, taking into account that some paths can sleep. | Christopher Pascoe |
2005-09-05 | in DIOCCHANGERULE, properly initialize table, if used in NAT rule. | Daniel Hartmeier |
2005-08-18 | Malloc temporary buffers in pfioctl rather than having several large | Christopher Pascoe |
2005-08-18 | Rearrange pf_state and pfi_kif so that the parts of the structure needed | Christopher Pascoe |
2005-08-12 | Fill out interface name and state creation time correctly in | Christopher Pascoe |
2005-08-07 | Do not blindly reset the state count to zero after a clear, as we may not | Christopher Pascoe |
2005-08-07 | verify ticket in DIOCADDADDR, from Boris Polevoy, ok deraadt@ | Daniel Hartmeier |
2005-08-05 | make three functions non-static (namespace is no issue, they might get | Daniel Hartmeier |
2005-08-04 | instead of static locals, malloc/free. the goal is to reduce stack usage, | Daniel Hartmeier |
2005-08-02 | Instead of copying a table structure so we can mask off a bit before | Christopher Pascoe |
2005-08-01 | Use a string directly rather than making a copy, save on stack space. | Christopher Pascoe |
2005-07-31 | Perform pf state/rule/table expiry in a kernel thread instead of running | Christopher Pascoe |
2005-07-26 | Add missing newline to error message. | Christopher Pascoe |
2005-07-11 | add missing {} around TAILQ_FOREACH block, found by David Hill | Daniel Hartmeier |
2005-06-30 | in order for pfvar.h not to conflict with openssl's crypto.h, use | Nikolay Sturm |
2005-06-13 | make the packet and byte counters on rules and src nodes per direction, | Henning Brauer |