| Age | Commit message (Expand) | Author |
|---|
| 2012-05-12 | Ignore/preserve ECN bits on ToS matching and scrubbing. | Marco Pfatschbacher |
| 2012-02-03 | The kernel did not compile without INET6. Put some #ifdefs into | Alexander Bluhm |
| 2012-01-26 | Clean up the pf normalization code: | Alexander Bluhm |
| 2012-01-23 | Do not keep state when dropping overlapping IPv6 fragments in pf | Alexander Bluhm |
| 2012-01-15 | Calling pf_normalize_ip() from pf_setup_pdesc() was bad as the | Alexander Bluhm |
| 2012-01-13 | Drop IPv6 packets built from overlapping fragments in pf reassembly. | Alexander Bluhm |
| 2012-01-03 | Instead of having two functions pf_free_fragment() and pf_remove_fragment() | Alexander Bluhm |
| 2011-11-25 | use time_uptime to set state creation values as time_second can be | David Gwynne |
| 2011-09-28 | As requested by henning, move the mbuf pointer into struct pf_pdesc. | Alexander Bluhm |
| 2011-09-22 | As I have touched half of pf lines anyway, fix whitespaces now. | Alexander Bluhm |
| 2011-09-21 | Check the protocol header length for tcp, udp, icmp, icmp6 in | Alexander Bluhm |
| 2011-09-20 | Put kif and dir into pdesc an use this instead of passing the values | Alexander Bluhm |
| 2011-09-19 | Consolidate pf function parameters. Move off and hdrlen into pdesc | Alexander Bluhm |
| 2011-09-18 | Fix various format string types to as a minimum match the width of the | Miod Vallat |
| 2011-07-18 | unbreak set-tos for ipv6; reported by babut at yandex dot ru, | Mike Belopuhov |
| 2011-07-07 | There were two loops in pf_setup_pdesc() and pf_normalize_ip6() | Alexander Bluhm |
| 2011-07-05 | Instead of passing the ip header and mbuf to pf_reassemble(), lookup | Alexander Bluhm |
| 2011-07-05 | add missing ifdefs for INET6; diff from form, ok henning, bluhm, claudio | Mike Belopuhov |
| 2011-07-03 | Refactor the fragment handling in pf_setup_pdesc() so that AF_INET | Claudio Jeker |
| 2011-06-21 | There is no need to handle fragmented TCP reset packets in a special | Alexander Bluhm |
| 2011-06-20 | More cleanup in pf_test/pf_test6 this time mostly the fragment | Claudio Jeker |
| 2011-05-24 | Merge pf_scrub_ip() and pf_scrub_ip6() into a single function. Call | Claudio Jeker |
| 2011-04-23 | pf_scrub_ip() does not modify the given mbuf pointer. So don't | Alexander Bluhm |
| 2011-04-04 | stop fiddling with the ip checksum here too, it is always recalculated | Henning Brauer |
| 2011-03-24 | Reassemble IPv6 fragments in pf. In the forward case, pf refragments | Alexander Bluhm |
| 2011-03-23 | Extract the address family independent functions from pf fragment | Alexander Bluhm |
| 2011-02-01 | The check for invalid IPv6 fragment size in pf_normalize_ip6() was | Alexander Bluhm |
| 2011-01-20 | The reason accounting in pf_reassemble() was not correct. Change | Alexander Bluhm |
| 2011-01-19 | Give pf_normalize_ip() the same 3 way semantics as pf_test(). | Alexander Bluhm |
| 2011-01-06 | Put htons() around ip_randomid() for pf scrub random-id to make it | Alexander Bluhm |
| 2010-12-31 | Remove dead code from pf_norm.c. The fragment cache is some leftover | Alexander Bluhm |
| 2010-07-08 | Use correct alignment for scrub max-mss. Based on a diff from deraadt. | Stuart Henderson |
| 2010-07-02 | m_copyback can fail to allocate memory, but is a void fucntion so gymnastics | Bret Lambert |
| 2010-01-18 | Convert pf debug logging to using log()/addlog(), a single standardised | Ryan Thomas McBride |
| 2009-09-01 | Clear the IP_DF bit if no-df is enabled, not if it is not enabled. | Joel Sing |
| 2009-07-21 | pf_scrub_ip/ip6 prototypes are already in pfvar.h | Henning Brauer |
| 2009-06-25 | scrub_flags is a u_int8_t, but PFSTATE_SCRUB_TCP is 0x0100, so the | Stuart Henderson |
| 2009-04-07 | after i took everything in this fiule apart and reassembled with a lot of | Henning Brauer |
| 2009-04-06 | 1) scrub rules are completely gone. | Henning Brauer |
| 2009-01-31 | unbreak ! INET6 case by sprinking #ifdef INET6 | Henning Brauer |
| 2009-01-29 | move some code around in preparation for future work: | Henning Brauer |
| 2008-05-07 | scrub packets based on tags; ok henning | Markus Friedl |
| 2008-05-07 | allow setting TOS with scrub; ok mcbride, claudio | Markus Friedl |
| 2007-12-30 | In pf_normalize_tcpopt() call pf_pull_hdr() address family safe. | Marcus Glocker |
| 2007-12-30 | Make "scrub max-mss" rule work correctly; | Marcus Glocker |
| 2007-05-28 | double pf performance. | Henning Brauer |
| 2007-05-26 | More comment typos from Diego Casati. Including winners like funtion, allmost, | Kenneth R Westerback |
| 2006-04-16 | After fragment reassembly/trimming, pf must revalidate the mbuf tag of the | Christopher Pascoe |
| 2006-03-25 | fixup IP checksum when modifying IP header fields, based on a patch in | Daniel Hartmeier |
| 2006-03-14 | implement a Unicast Reverse Path Forwarding (uRPF) check for pf(4) | Damien Miller |
