summaryrefslogtreecommitdiff
path: root/sys/net/pfvar.h
AgeCommit message (Expand)Author
2011-06-21There is no need to handle fragmented TCP reset packets in a specialAlexander Bluhm
2011-06-20More cleanup in pf_test/pf_test6 this time mostly the fragmentClaudio Jeker
2011-05-24Merge pf_scrub_ip() and pf_scrub_ip6() into a single function. CallClaudio Jeker
2011-05-22Do not pass AF specific information to pf_test_rule() and PFLOG_PACKET()Claudio Jeker
2011-05-17exclude link local address from the dynamic interface address poolMike Belopuhov
2011-04-23pf_scrub_ip() does not modify the given mbuf pointer. So don'tAlexander Bluhm
2011-04-22pf_pooladdr_pl does not exist anymore. Remove its extern declaration.Alexander Bluhm
2011-04-12put the accepted socket of a diverted connection into the routing domainMike Belopuhov
2011-04-06Allow PF to filter on the rdomain a packet belongs to. This allows toClaudio Jeker
2011-04-05ditch fastroute, an ipf feature that made its way into pf beforeMike Belopuhov
2011-03-25Include original rdomain in DIOCNATLOOK. This allows userland proxiesClaudio Jeker
2011-03-24Reassemble IPv6 fragments in pf. In the forward case, pf refragmentsAlexander Bluhm
2011-03-07Declare the inline function pf_addr_compare() non-static in pfvar.hAlexander Bluhm
2011-03-05The function pf_tag_packet() never fails. Remove a redundant checkAlexander Bluhm
2011-01-11Perform IP options check in pf_test_rule(), before creating state.Ryan Thomas McBride
2010-12-07remove a bunch of unused argumentsJonathan Gray
2010-10-23remove PFR_FLAG_ATOMIC. not used, and doesn't work as advertised.Ted Unangst
2010-10-18Revert non-compatible and undocumented bullshit commited by 3 developersTheo de Raadt
2010-10-17Add quirks support to operating system fingerprinting. tcpdump partJoel Sing
2010-09-22add a new log opt PF_LOG_MATCHESHenning Brauer
2010-09-21assert copyrights / bump yearsHenning Brauer
2010-09-21make pf_translate (void so far) return 1 if it actually changed somethingHenning Brauer
2010-09-21factor our the code to set up pf_pdesc, a central structure in pf carryingHenning Brauer
2010-06-28Clean up iterface stats handling:Ryan Thomas McBride
2010-06-27stuff nsaddr/ndaddr/nsport/ndport (addrs/ports after NAT, used a lot whileHenning Brauer
2010-05-07Start cleaning up the mess called rtalloc*. Kill rtalloc2, make rtalloc1Claudio Jeker
2010-04-28Cast 'a' to (void *) in the REASON_SET macro. Makes gcc4 happy.Robert Nagy
2010-01-20One \ too many in pfvar.h. From Daniel Dickman <didickman@gmail.com>Ryan Thomas McBride
2010-01-18Convert pf debug logging to using log()/addlog(), a single standardisedRyan Thomas McBride
2010-01-13Remove extern reference to pf_pabuf which uses a structJonathan Gray
2010-01-12First pass at removing the 'pf_pool' mechanism for translation and routingRyan Thomas McBride
2009-12-24add support to pf for filtering a packet by the interface it was receivedDavid Gwynne
2009-12-14fix sticky-address - by pretty much re-implementing it. still followingHenning Brauer
2009-11-24kill obsolete natpassHenning Brauer
2009-11-23remove the nat_rule pointer on pf_state and pf_pdesc, obsolete afterHenning Brauer
2009-11-22cleanup after the NAT changes. we used to have multiple rulesets (scrub,Henning Brauer
2009-11-03Use u_int16_t for rdomains for everything. Using various types makesClaudio Jeker
2009-11-03rtables are stacked on rdomains (it is possible to have multiple routingClaudio Jeker
2009-10-28Add a dedicated pf pool for route options as suggested by henning,Jonathan Gray
2009-10-06Redo the route lookup in the output (and IPv6 forwarding) path if theClaudio Jeker
2009-10-04Add (again) support for divert sockets. They allow you to:Michele Marchetto
2009-09-08I had not enough oks to commit this diff.Michele Marchetto
2009-09-08Add support for divert sockets. They allow you to:Michele Marchetto
2009-09-01the diff theo calls me insanae for:Henning Brauer
2009-06-25scrub_flags is a u_int8_t, but PFSTATE_SCRUB_TCP is 0x0100, so theStuart Henderson
2009-06-08bring back the fixed PF_AEQ/ANEQ/AZERO macros, the offending use has beenHenning Brauer
2009-06-08gah. something is not quite right, sthen sees strange behaviour fixedHenning Brauer
2009-06-08unfuck PF_AEQ PF_ANEQ PF_AZERO macos that got fucked when v6 supportHenning Brauer
2009-05-18The routing table index rtableid has type unsigned int in the routingAlexander Bluhm
2009-04-061) scrub rules are completely gone.Henning Brauer