summaryrefslogtreecommitdiff
path: root/sys/net/pf_ioctl.c
AgeCommit message (Expand)Author
2021-06-23augment the global pf state list with its own locks.David Gwynne
2021-06-02whitespace tweaks, no functional change.David Gwynne
2021-02-09pfsync_state_import() must not be called with the pf state lock held,Patrick Wildt
2021-02-09Activate use of PF_LOCK() by removing the WITH_PF_LOCK ifdefs.Patrick Wildt
2020-12-16Reject rules with invalid port rangeskn
2020-10-22- missing NET_UNLOCK() in pf_ioctl.c error pathAlexandr Nedvedicky
2020-10-21- move NET_LOCK() further down in pf_ioctl.c. Also move memory allocationsAlexandr Nedvedicky
2020-10-02relax check for valid onrdomain range. onrdomain is -1 if the value isClaudio Jeker
2020-10-01rdomain IDs do not need to exist for "on rdomain N" to workkn
2020-08-24Rehash main ruleset after rule expirationkn
2020-08-24Remove ptr_array from struct pf_rulesetkn
2020-07-21when calculating the ruleset's checksum, skip automatic table names.Henning Brauer
2020-06-24kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9)cheloha
2020-05-27Document the various flavors of NET_LOCK() and rename the reader version.Martin Pieuchot
2020-04-19fix insufficient input sanitization in pf_rulecopyin() and pf_pool_copyin()Alexandr Nedvedicky
2020-04-12Stop processing packets under non-exclusive (read) netlock.Martin Pieuchot
2020-02-18Cleanup <sys/kthread.h> and <sys/proc.h> includes.Martin Pieuchot
2020-01-08Check address family of pf ioctl(2) DIOCNATLOOK parameter at kernelAlexander Bluhm
2019-11-26Use proper NUL byte not zero with stringskn
2019-11-26fix kernel crash in pf_ioctl with WITH_PF_LOCK and NET_TASKQ > 1Alexandr Nedvedicky
2019-11-17"set delay" never worked as committed: the delay field was not copiedOtto Moerbeek
2019-05-09Add a sysctl accessor to struct pf_status. The pf_status only holds theClaudio Jeker
2019-02-18Change ps_len of struct pfioc_states and psn_len of structAlexander Bluhm
2018-12-27Check for main ruleset explicitlykn
2018-12-17Rename pf_anchor_remove() to pf_remove_anchor()kn
2018-12-17Use timeout_add_sec() instead of timeout_add() with a multiplication with hzClaudio Jeker
2018-12-10Remove useless macroskn
2018-10-01Allow DIOCRGETADDRS when securelevel(7) > 1kn
2018-09-11- moving state look up outside of PF_LOCK()Alexandr Nedvedicky
2018-07-22Fix arguments of pf_purge_expired_{src_nodes,rules}()Stefan Fritsch
2018-07-10provide a generic packet delay functionality. packets to be delayed are markedHenning Brauer
2018-04-24Use pf_rm_rule() instead of pool_put() to decrement references byAlexander Bluhm
2018-04-13Remove compatibility with pfctl from 6.1 and plug a few leaksMike Belopuhov
2018-04-05Explicitly check PF_TRANS_RULESET in DIOCXBEGIN, DIOCXCOMMIT, and DIOCXROLLBACK.Lawrence Teo
2018-02-08add DIOCGETSYNFLWATS to get current synflood detection watermarks,Henning Brauer
2018-02-07look ma, henning forgot to PF_LOCK/_UNLOCK in the new ioctls, ok procterHenning Brauer
2018-02-06syncookies for pf.Henning Brauer
2018-02-06some finger muscle workout:Henning Brauer
2018-01-19In pfioctl() a pf unlock was missing in the error path.Alexander Bluhm
2017-11-28The divert structure was using the port number to indicate thatAlexander Bluhm
2017-11-13add a generic packet rate matching filter. allows things likeHenning Brauer
2017-10-31- add one more softnet taskqAlexandr Nedvedicky
2017-10-30- fine tuning PF_LOCK in pfioctl()Alexandr Nedvedicky
2017-08-11Remove NET_LOCK()'s argument.Martin Pieuchot
2017-08-06Reduce contention on the NET_LOCK() by moving the logic of the pfpurgeMartin Pieuchot
2017-07-27For pf the anchor is a C string so ensure that the value passed in via ioctlClaudio Jeker
2017-07-19Rework HFSC vs FQ-CoDel checksMike Belopuhov
2017-07-05Convert pf tagname malloc(9) into pool_get(9) to make it MP safe.Alexander Bluhm
2017-06-28Introduce a simple mechanism to select the appropriate queue managerMike Belopuhov
2017-06-28Tighten up FQ-CoDel vs HFSC checksMike Belopuhov
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 12:40:36 +0000