| Age | Commit message (Expand) | Author |
|---|
| 2004-09-21 | Implement "no scrub" to allow exclusion of specific traffic from scrub rules. | Aaron Campbell |
| 2004-07-17 | Repair breakage from the hackathon's time conversion. Using the timestamp | Mike Frantzen |
| 2004-07-11 | backout IPv6 reass-on-scrub patch (more work needs to be done). | Jun-ichiro itojun Hagino |
| 2004-07-05 | KNF | Henning Brauer |
| 2004-07-03 | quick workaround until proper PF_FORWARD reass gets implemented. | Jun-ichiro itojun Hagino |
| 2004-06-25 | correct "scrub in" behavior for IPv6. | Jun-ichiro itojun Hagino |
| 2004-06-25 | IPv6 reassembly on "scrub" directive. | Jun-ichiro itojun Hagino |
| 2004-06-24 | This moves access to wall and uptime variables in MI code, | Thorsten Lockert |
| 2004-06-21 | First step towards more sane time handling in the kernel -- this changes | Thorsten Lockert |
| 2004-06-10 | rename struct pf_rule_addr member 'not' to 'neg', as 'not' is a reserved | Daniel Hartmeier |
| 2004-05-11 | pf_cksum_fixup() was called without last argument from normalization, | Daniel Hartmeier |
| 2004-05-09 | Don't dereference scrub pointer when it's NULL, fix PR 3775, from | Daniel Hartmeier |
| 2004-05-05 | Use RFC1323 PAWS timestamps as a logical extension to the conventional TCP | Mike Frantzen |
| 2004-04-28 | Dont step into INET6 code, just because af != AF_INET | Philipp Buehler |
| 2004-04-27 | validate the sequence numbers on TCP resets are an exact match. check is only | Mike Frantzen |
| 2004-04-26 | Prevent biases in arc4random() from disclosing the byte order of the firewall. | Ryan Thomas McBride |
| 2004-04-24 | be careful about option lengths. ok henning@ mcbride@ | Mike Frantzen |
| 2004-03-09 | KNF, ok cedric@ deraadt@ | Ryan Thomas McBride |
| 2004-02-10 | KNF | Henning Brauer |
| 2004-01-16 | Fix IPv6 stateful tcp scrubbing by not dereferencing a null pointer. | Ryan Thomas McBride |
| 2003-12-31 | Many improvements to the handling of interfaces in PF. | Cedric Berger |
| 2003-12-18 | TCP timestamp modulation (scrub reassemble tcp) fix from frantzen@ | Daniel Hartmeier |
| 2003-08-29 | Fix three cases of potential accesses to free'd memory. At least one of | Daniel Hartmeier |
| 2003-08-22 | pf spelling police | David Krause |
| 2003-08-22 | KNF | Henning Brauer |
| 2003-08-21 | Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF. | Mike Frantzen |
| 2003-08-14 | m_copyback()'s 4th arg is const void *, nuke (caddr_t) casts. | Jason Wright |
| 2003-07-17 | fix scrub frag reassembly after the stack's ip_len/ip_off flip correction | Mike Frantzen |
| 2003-07-12 | Prevent u_int16_t variable from overflowing and get rid of the compiler | Daniel Hartmeier |
| 2003-07-10 | correct another incorrect comparison in ip6 normalization. | Jun-ichiro itojun Hagino |
| 2003-07-10 | wrong comparison of IPv6 packetsize | Jun-ichiro itojun Hagino |
| 2003-07-09 | check if m->m_pkthdr.len is too short | Jun-ichiro itojun Hagino |
| 2003-07-09 | don't check exact ip6_plen and m->m_pkthdr.len match, as ip6_input() | Jun-ichiro itojun Hagino |
| 2003-07-09 | do not flip ip_len/ip_off in netinet stack. deraadt ok. | Jun-ichiro itojun Hagino |
| 2003-07-09 | KNF | Daniel Hartmeier |
| 2003-07-01 | wrap pf_normalize_ip6() by #ifdef INET6. pointed out by Wouter Clarie | Jun-ichiro itojun Hagino |
| 2003-06-29 | normalize IPv6 packet (no reass, but it is a start). dhartmei & henning ok | Jun-ichiro itojun Hagino |
| 2003-06-28 | redundant (pfvar.h already have it) | Jun-ichiro itojun Hagino |
| 2003-05-14 | - modulate TCP Timestamps so they can't be used to detect NAT and to preclude | Mike Frantzen |
| 2003-05-14 | Use official (from pcap people) link type for pflog. | Can Erkin Acar |
| 2003-05-11 | the start of stateful TCP scrubbing. dynamically determine the highest TTL of | Mike Frantzen |
| 2003-04-05 | Replace the timeout variables by the content of the timeout | Cedric Berger |
| 2003-02-18 | Enforce min-ttl and random-id on inbound scrub as well as outbound. | Camiel Dobbelaar |
| 2003-02-12 | Address the NFS problems recently discussed in various threads. | Daniel Hartmeier |
| 2003-02-08 | Add scrub option 'random-id', which replaces IP IDs with random values | Daniel Hartmeier |
| 2003-01-25 | Fix a bug that potentially caused fragments to be dropped when the | Daniel Hartmeier |
| 2003-01-09 | (whitespace) KNF, re-fold -w 80 | Daniel Hartmeier |
| 2003-01-07 | Remove table name hashing (pass the name in each ioctl instead), and | Daniel Hartmeier |
| 2003-01-05 | Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table | Daniel Hartmeier |
| 2003-01-04 | move noroute from flag in pf_rule_addr into type in pf_addr_wrap. | Daniel Hartmeier |
