Age | Commit message (Expand) | Author |
2001-08-18 | Add new ioctl for adding/removing individual rules to/from the active rule set. | Daniel Hartmeier |
2001-08-18 | make pfctl -s state SCREAM; frantzen is now happy | Theo de Raadt |
2001-08-11 | Add support for ICMP errors referring to ICMP queries/replies. Fixes | Daniel Hartmeier |
2001-08-01 | stateless tcp normalization along the lines of the normalization paper by | Niels Provos |
2001-07-29 | Implement rule skipping. This is a transparent evaluation optimization, | Daniel Hartmeier |
2001-07-19 | Fix/complete the handling of the binary ops >< and <> to behave | Kenneth R Westerback |
2001-07-17 | support min-ttl, okay dhartmei@ | Niels Provos |
2001-07-17 | normalize ip_off, make IP_DF stripping optional, return rst is a flag now. | Niels Provos |
2001-07-17 | split ip normalization out into a separate file, okay dhartmei@ | Niels Provos |
2001-07-09 | Extend nat/rdr syntax. Add source/destination selection. Make | Daniel Hartmeier |
2001-07-06 | Allow negative match on interface name for nat and rdr | Chris Cappuccio |
2001-07-06 | do not use quad for counters | Theo de Raadt |
2001-07-03 | add DIOCNATLOOK ioctl and pf_natlook structure, this enables a userland | Bob Beck |
2001-07-01 | tag packets generated by pf (return-rst, return-icmp) so they are not filtere... | Daniel Hartmeier |
2001-07-01 | Add port ranges to the rdr directive. Connections can be redirected | Kjell Wooding |
2001-06-29 | Fix PF_SCRUB enumerator. | Angelos D. Keromytis |
2001-06-29 | fix counter/reason array usage | Daniel Hartmeier |
2001-06-28 | first stab at packet normalization. includes full ip reassembly. | Niels Provos |
2001-06-27 | add -z flag for zeroing statistics. -s status no longer resets anything | Kjell Wooding |
2001-06-27 | state counter changes | Theo de Raadt |
2001-06-26 | name comparison operators | Dug Song |
2001-06-26 | fix PFRES_MAX handling | Theo de Raadt |
2001-06-26 | array of counters indexed by reason codes | Theo de Raadt |
2001-06-26 | add rule nr for Niels | Daniel Hartmeier |
2001-06-26 | add rule pointer and log option to states | Daniel Hartmeier |
2001-06-26 | use reasons in pull_hdr, default log if pull_hdr fails. okay deraadt@ | Niels Provos |
2001-06-26 | no longer pass around **m | Theo de Raadt |
2001-06-26 | add a subreason to the link header to allow us to determine why a packet was | Niels Provos |
2001-06-26 | Replicated TCP sequence tracking code in PF from Guido's IPF paper. | Mike Frantzen |
2001-06-25 | remaining lists converted to TAILQs | Daniel Hartmeier |
2001-06-25 | use TAILQ instead of homegrown list, other lists will follow | Daniel Hartmeier |
2001-06-25 | revised ioctl interface, first getopt version of pfctl | Daniel Hartmeier |
2001-06-25 | Rename the rest of the structs to be consistent. | Artur Grabowski |
2001-06-25 | More renaming. | Artur Grabowski |
2001-06-25 | Avoid common names. Needs more work. | Artur Grabowski |
2001-06-25 | use only ioctl return values found in errno.h | Daniel Hartmeier |
2001-06-24 | rename ioctlbuffer to pfioc. | Artur Grabowski |
2001-06-24 | pack structures better; dhartmei ok | Theo de Raadt |
2001-06-24 | REGENTS? ;) | Daniel Hartmeier |
2001-06-24 | PACKETFILTER_H now PFVAR_H. thanks smart | Kjell Wooding |
2001-06-24 | Initial import of pf, an all-new ipf-compatable packet filter. | Kjell Wooding |