| Age | Commit message (Expand) | Author |
|---|
| 2004-06-25 | re-introduce PF_INOUT and move PF_FORWARD def to the end. | Jun-ichiro itojun Hagino |
| 2004-06-25 | IPv6 reassembly on "scrub" directive. | Jun-ichiro itojun Hagino |
| 2004-06-21 | Get rid of pf_test_eh() wrapper. | Ryan Thomas McBride |
| 2004-06-14 | Remove DIOCBEGINRULES, DIOCCOMMITRULES, DIOCBEGINALTQS, DIOCCOMMITALTQS, | Cedric Berger |
| 2004-06-10 | rename struct pf_rule_addr member 'not' to 'neg', as 'not' is a reserved | Daniel Hartmeier |
| 2004-05-19 | Allow recursive anchors (anchors within anchors, up to 64 | Daniel Hartmeier |
| 2004-05-11 | pf_cksum_fixup() was called without last argument from normalization, | Daniel Hartmeier |
| 2004-05-05 | Use RFC1323 PAWS timestamps as a logical extension to the conventional TCP | Mike Frantzen |
| 2004-04-28 | make return-rst work on pure bridges. ok dhartmei@ henning@ mcbride@ | Cedric Berger |
| 2004-04-27 | validate the sequence numbers on TCP resets are an exact match. check is only | Mike Frantzen |
| 2004-04-26 | anchor refcounting. ok dhartmei@ mcbride@ | Cedric Berger |
| 2004-04-25 | get rid of a complete state tree walk at state expire while in splnet() | Philipp Buehler |
| 2004-04-24 | Add "probability xxx" rule modifier. ok deraadt@ | Cedric Berger |
| 2004-03-22 | Support for best effort bulk transfers of states when pfsync syncif is | Ryan Thomas McBride |
| 2004-02-20 | Make pfsync deal with clearing states bound to a group or interface (eg | Ryan Thomas McBride |
| 2004-02-19 | Makes pfctl -Fs and pfctl -w works with the optional -i specifier. | Cedric Berger |
| 2004-02-19 | the 2nd round of the qid assignment change. | Kenjiro Cho |
| 2004-02-10 | KNF | Daniel Hartmeier |
| 2004-02-10 | KNF | Henning Brauer |
| 2004-02-04 | Fix a number of bugs with setting pool limits which I introduced with | Ryan Thomas McBride |
| 2003-12-31 | Many improvements to the handling of interfaces in PF. | Cedric Berger |
| 2003-12-15 | ryan left a few for me ;-) | Henning Brauer |
| 2003-12-15 | Add initial support for pf state synchronization over the network. | Ryan Thomas McBride |
| 2003-12-15 | Add support to track stateful connections by source ip. This allows us | Ryan Thomas McBride |
| 2003-12-12 | Move PF interface code to new net/pf_if.c | Cedric Berger |
| 2003-12-11 | Fix PR3587 and other related problems with NAT and table stats. | Cedric Berger |
| 2003-11-08 | Add 'no-sync' state option to prevent state transition messages for states | Ryan Thomas McBride |
| 2003-10-31 | Remove remenants of pf_tree stuff that I missed. | Ryan Thomas McBride |
| 2003-10-25 | Build state search indexes directly on pf_state instead of pf_tree_node. | Ryan Thomas McBride |
| 2003-09-26 | Rearchitecture of the userland/kernel IOCTL interface for transactions. | Cedric Berger |
| 2003-08-22 | pf spelling police | David Krause |
| 2003-08-22 | KNF | Henning Brauer |
| 2003-08-22 | don't expose pf_osfp_fingerprint() to ! _KERNEL. tcpdump et al use | Mike Frantzen |
| 2003-08-21 | Add Michal Zalewski's p0f v2 style passive OS fingerprinting to PF. | Mike Frantzen |
| 2003-08-09 | This patch remove the restriction that tables cannot be used in routing or | Cedric Berger |
| 2003-08-07 | make pf_match take u_int32_t instead of u_int16_t | Henning Brauer |
| 2003-07-31 | Make table tickets per-ruleset instead of global. | Cedric Berger |
| 2003-07-19 | Simplify struct pf_pooladdr to include struct pf_addr_wrap directly | Cedric Berger |
| 2003-07-04 | -add a "natpass" field to pf_rule | Henning Brauer |
| 2003-07-03 | unused global. dhartmei ok | Jun-ichiro itojun Hagino |
| 2003-06-30 | change that queue ID allocator so it always has the queues sorted by ID. | Henning Brauer |
| 2003-06-30 | move prototype for pf_tag_purge() to pfvar.h | Henning Brauer |
| 2003-06-29 | normalize IPv6 packet (no reass, but it is a start). dhartmei & henning ok | Jun-ichiro itojun Hagino |
| 2003-06-21 | count packets and bidirectionally on state entries, allowing for fine-grained | Damien Miller |
| 2003-06-20 | Add MSS support to the synproxy. The client's MSS is sent to the server, | Daniel Hartmeier |
| 2003-06-09 | Attempt to resolve byte order confusion in nat code once and for all. | Ryan Thomas McBride |
| 2003-06-08 | A table in an anchor creates a real anchor: pfctl -sA works. | Cedric Berger |
| 2003-06-03 | move some prototypes to pfvar.h. needed soon. | Henning Brauer |
| 2003-05-17 | allow inverse matching on tags | Henning Brauer |
| 2003-05-17 | Add an 'action' code that allows the SYN proxy to swallow/drop a packet | Daniel Hartmeier |
