| Age | Commit message (Expand) | Author |
|---|
| 2016-09-03 | Let purge thread to remove once rules, not packets. | Alexandr Nedvedicky |
| 2016-09-02 | pool_setipl for pf bits | David Gwynne |
| 2015-12-03 | Add sizes to most free calls. OK sashan@ tedu@ | Claudio Jeker |
| 2015-12-03 | allocate PF tags as M_RTABLE vice M_TEMP | Bret Lambert |
| 2015-12-03 | Rename pf_unlink_state() to pf_remove_state() so the name does not | Alexander Bluhm |
| 2015-11-24 | No need for <net/if_types.h> | Martin Pieuchot |
| 2015-11-23 | There's no longer a need to include <net/hfsc.h> in <net/if_var.h> | Martin Pieuchot |
| 2015-11-20 | shuffle struct ifqueue so in flight mbufs are protected by a mutex. | David Gwynne |
| 2015-10-13 | - pf_insert_src_node(): global argument (arg6) is useless, function | Alexandr Nedvedicky |
| 2015-09-04 | The pf_osfp_pl and pf_osfp_entry_pl never get used in interrupt context. | Mark Kettenis |
| 2015-07-21 | - added /* FALLTHROUGH */ comments, typecasts (u_int32_t)-1, ... | Alexandr Nedvedicky |
| 2015-07-19 | potential memory leak in SIOCADDRULE | sashan |
| 2015-07-19 | unsinged variables should not be compared to be leq than 0 (unsigned a <= 0) | sashan |
| 2015-07-18 | msg.mpi | sashan |
| 2015-04-11 | the hfsc pools are only used in hfsc.c, so move the init of them | David Gwynne |
| 2015-03-14 | Remove some includes include-what-you-use claims don't | Jonathan Gray |
| 2015-02-20 | fix a memory leak in the error case found by Maxime Villard's Brainy | Ted Unangst |
| 2015-02-10 | since we inherit prio (as in, the queuing priority) from outside sources, | Henning Brauer |
| 2015-01-24 | Userland (base & ports) was adapted to always include <netinet/in.h> | Theo de Raadt |
| 2014-12-19 | unifdef INET in net code as a precursor to removing the pretend option. | Ted Unangst |
| 2014-12-09 | More malloc() -> mallocarray() in the kernel. | Doug Hogan |
| 2014-12-05 | Explicitly include <net/if_var.h> instead of pulling it in <net/if.h>. | Martin Pieuchot |
| 2014-11-18 | move arc4random prototype to systm.h. more appropriate for most code | Ted Unangst |
| 2014-08-12 | Finally implement what's stated in the man page regarding parent | Mike Belopuhov |
| 2014-08-12 | Apart from some minor code reshuffling the big change is that we | Mike Belopuhov |
| 2014-07-22 | Fewer <netinet/in_systm.h> ! | Martin Pieuchot |
| 2014-07-12 | add a size argument to free. will be used soon, but for now default to 0. | Ted Unangst |
| 2014-04-22 | Remove some altq tentacles. | Martin Pieuchot |
| 2014-04-19 | shrink pf by 445 lines. | Henning Brauer |
| 2014-03-30 | Eliminates struct pcred by moving the real and saved ugids into | Philip Guenther |
| 2014-02-04 | reduce the length of some pool names. ok deraadt guenther mpi | Ted Unangst |
| 2014-01-20 | support negated matches on the rcvif, ok dlg benno | Henning Brauer |
| 2014-01-03 | Switch frequently allocated structs from malloc(M_DEVBUF) to separate pools. | pelikan |
| 2014-01-03 | Make queues disappear correctly on interfaces being destroyed. | pelikan |
| 2013-11-13 | DIOCGETSRCNODES was leaking a little bit more kernel information | Theo de Raadt |
| 2013-11-12 | two ioctl's were disclosing kernel pointers and such. | Theo de Raadt |
| 2013-10-20 | Deep inside DIOCXCOMMIT, should return a real errno instead of -1 | Theo de Raadt |
| 2013-10-17 | The header file netinet/in_var.h included netinet6/in6_var.h. This | Alexander Bluhm |
| 2013-10-12 | new bandwidth shaping subsystem, kernel side | Henning Brauer |
| 2013-10-12 | give tagname2tag and its siblings an extra "create" parameter. if 1, it | Henning Brauer |
| 2013-03-28 | no need for a lot of code to include proc.h | Ted Unangst |
| 2013-03-27 | Use the correct src/dst ports depending on direction (one of src or dst was | Ryan Thomas McBride |
| 2013-02-26 | Don't try to purge one-time rules from the main ruleset. | Mike Belopuhov |
| 2012-10-30 | Use time_uptime for expiration values as time_second can be skewed at | Florian Obser |
| 2012-09-20 | Lower pf frags limit to not risk running out of mbuf clusters | Camiel Dobbelaar |
| 2012-09-18 | prio 0 is valid, therefore, I chose an "impossible" value for prio meaning | Henning Brauer |
| 2012-07-08 | there was a limit on the number of pflog interfaces - 16. remove that. | Henning Brauer |
| 2012-07-07 | rename prio in struct pf_rule and related structs to set_prio so it is | Henning Brauer |
| 2012-07-07 | restore DIOCKILLSTATE semantics to what they were before the NAT rewrite. | Henning Brauer |
| 2012-04-03 | Fix kernel compilation with pf but without pfsync pseudo-device by | Mike Belopuhov |
