Age | Commit message (Expand) | Author |
2003-08-21 | Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF. | Mike Frantzen |
2003-08-14 | m_copyback()'s 4th arg is const void *, nuke (caddr_t) casts. | Jason Wright |
2003-07-17 | fix scrub frag reassembly after the stack's ip_len/ip_off flip correction | Mike Frantzen |
2003-07-12 | Prevent u_int16_t variable from overflowing and get rid of the compiler | Daniel Hartmeier |
2003-07-10 | correct another incorrect comparison in ip6 normalization. | Jun-ichiro itojun Hagino |
2003-07-10 | wrong comparison of IPv6 packetsize | Jun-ichiro itojun Hagino |
2003-07-09 | check if m->m_pkthdr.len is too short | Jun-ichiro itojun Hagino |
2003-07-09 | don't check exact ip6_plen and m->m_pkthdr.len match, as ip6_input() | Jun-ichiro itojun Hagino |
2003-07-09 | do not flip ip_len/ip_off in netinet stack. deraadt ok. | Jun-ichiro itojun Hagino |
2003-07-09 | KNF | Daniel Hartmeier |
2003-07-01 | wrap pf_normalize_ip6() by #ifdef INET6. pointed out by Wouter Clarie | Jun-ichiro itojun Hagino |
2003-06-29 | normalize IPv6 packet (no reass, but it is a start). dhartmei & henning ok | Jun-ichiro itojun Hagino |
2003-06-28 | redundant (pfvar.h already have it) | Jun-ichiro itojun Hagino |
2003-05-14 | - modulate TCP Timestamps so they can't be used to detect NAT and to preclude | Mike Frantzen |
2003-05-14 | Use official (from pcap people) link type for pflog. | Can Erkin Acar |
2003-05-11 | the start of stateful TCP scrubbing. dynamically determine the highest TTL of | Mike Frantzen |
2003-04-05 | Replace the timeout variables by the content of the timeout | Cedric Berger |
2003-02-18 | Enforce min-ttl and random-id on inbound scrub as well as outbound. | Camiel Dobbelaar |
2003-02-12 | Address the NFS problems recently discussed in various threads. | Daniel Hartmeier |
2003-02-08 | Add scrub option 'random-id', which replaces IP IDs with random values | Daniel Hartmeier |
2003-01-25 | Fix a bug that potentially caused fragments to be dropped when the | Daniel Hartmeier |
2003-01-09 | (whitespace) KNF, re-fold -w 80 | Daniel Hartmeier |
2003-01-07 | Remove table name hashing (pass the name in each ioctl instead), and | Daniel Hartmeier |
2003-01-05 | Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table | Daniel Hartmeier |
2003-01-04 | move noroute from flag in pf_rule_addr into type in pf_addr_wrap. | Daniel Hartmeier |
2003-01-03 | KNF | Theo de Raadt |
2003-01-01 | KNF | Henning Brauer |
2003-01-01 | Remove skip step for action (scrub vs. non-scrub), as scrub rules are | Daniel Hartmeier |
2002-12-31 | Split scrub rules out from the filter rules in the kernel. | Ryan Thomas McBride |
2002-12-18 | KNF | Henning Brauer |
2002-12-18 | Pass skip step values through ioctl interface, pfctl -vvsr shows them, | Daniel Hartmeier |
2002-12-17 | Merge pf_nat/pf_binat/pf_rdr structs into pf_rule. Simplifies code, allows | Ryan Thomas McBride |
2002-12-06 | Introduce anchors and named rule sets, allowing to load additional rule | Daniel Hartmeier |
2002-11-23 | kernel code to allow multiple redirection addresses to be specified for nat | Ryan Thomas McBride |
2002-10-29 | keep all pflog goodies in pflog sources, avoids code duplications; okski fran... | Michael Shalayeff |
2002-10-22 | Convert "int af" and "u_int8_t af" declarations and function arguments | Ryan Thomas McBride |
2002-10-07 | -Wsign-compare clean | Daniel Hartmeier |
2002-06-28 | KNF | Theo de Raadt |
2002-06-11 | split the grammar of scrub(fragcache) into scrub ... 'fragment reassemble', | Mike Frantzen |
2002-06-11 | KNF (tabs, return (x)) | Daniel Hartmeier |
2002-06-11 | SCRUB(fragcache) to do gap tracking and overlap pruning of IPv4 fragments | Mike Frantzen |
2002-06-10 | Don't #include <sys/malloc.h> | Daniel Hartmeier |
2002-06-08 | keep the count of fragments consistent when we have to do a fail safe drop | Mike Frantzen |
2002-06-07 | switch from AVL tree's to herr Provos' red-black trees | Mike Frantzen |
2002-05-21 | Junk gcc's deprecated __FUNCTION__. Use standard __func__ instead. | Marc Espie |
2002-05-19 | KNF again | Theo de Raadt |
2002-05-09 | Add a max-mss option to the scrub rule which will enforce a maximum mss | jasoni |
2002-05-06 | typo in comment | jasoni |
2002-04-24 | Add dynamic (in-kernel) interface name -> address translation. Instead of | Daniel Hartmeier |
2002-04-20 | Move normalization messages from log level 'urgent' to 'misc'. | Daniel Hartmeier |