Age | Commit message (Expand) | Author |
2012-12-29 | pass pf_pool directly to pfr_pool_get(); simplifies the API; | Markus Friedl |
2012-11-06 | backout csum diff for the moment, requested by theo | Henning Brauer |
2012-11-01 | redo most of the protocol (tcp/udp/...) checksum handling | Henning Brauer |
2012-10-30 | Use time_uptime for expiration values as time_second can be skewed at | Florian Obser |
2012-10-08 | Forward declare struct m_tag in netinet/ip_ipsp.h so we don't need to | Camiel Dobbelaar |
2012-10-05 | include sys/mbuf.h | Camiel Dobbelaar |
2012-09-20 | Lower pf frags limit to not risk running out of mbuf clusters | Camiel Dobbelaar |
2012-09-18 | prio 0 is valid, therefore, I chose an "impossible" value for prio meaning | Henning Brauer |
2012-07-26 | rename all_state_flags to state_flags to finish the transition | Mike Belopuhov |
2012-07-13 | remove confuzzling comment | Henning Brauer |
2012-07-10 | define a PFSTATE_SCRUBMASK. relying on numeric order of flags is stupid | Henning Brauer |
2012-07-07 | rename prio in struct pf_rule and related structs to set_prio so it is | Henning Brauer |
2012-04-03 | Fix kernel compilation with pf but without pfsync pseudo-device by | Mike Belopuhov |
2012-02-03 | The kernel did not compile without INET6. Put some #ifdefs into | Alexander Bluhm |
2012-01-26 | Clean up the pf normalization code: | Alexander Bluhm |
2012-01-16 | Pass struct pf_pdesc to pf_walk_option6() and pf_walk_header6() to | Alexander Bluhm |
2012-01-15 | Calling pf_normalize_ip() from pf_setup_pdesc() was bad as the | Alexander Bluhm |
2011-12-12 | fixup af-to regression with match rules | Mike Belopuhov |
2011-11-29 | use a u_int64_t for the state id in pfsync_state. this makes it consistent | David Gwynne |
2011-11-28 | deprecate PFTM_UNTIL_PACKET. nothing in the tree uses it, and | David Gwynne |
2011-11-26 | Apply route-to to deferred packet; without this the first packet of a | Ryan Thomas McBride |
2011-10-13 | Since the IPv6 madness is not enough introduce NAT64 -- which is actually | Claudio Jeker |
2011-10-07 | rename some vars and functions | Henning Brauer |
2011-10-07 | pf_poolqueue is long dead, remove corpses. from eurobsdcon, ryan ok | Henning Brauer |
2011-09-28 | As requested by henning, move the mbuf pointer into struct pf_pdesc. | Alexander Bluhm |
2011-09-22 | As I have touched half of pf lines anyway, fix whitespaces now. | Alexander Bluhm |
2011-09-20 | Put kif and dir into pdesc an use this instead of passing the values | Alexander Bluhm |
2011-09-19 | Consolidate pf function parameters. Move off and hdrlen into pdesc | Alexander Bluhm |
2011-09-18 | Move the pdesc initialization code into pf_setup_pdesc(). Unify | Alexander Bluhm |
2011-09-18 | Move the call to pf_test_rule() for fragments that have not been | Alexander Bluhm |
2011-09-17 | The pd->ip_sum and pd->proto_sum fields are not needed. Replace | Alexander Bluhm |
2011-08-30 | Add support for one shot rules that remove themselves from an active | Mike Belopuhov |
2011-08-03 | someone (*cough*henning*cough*) made pf_state.state_flags a u_int16_t | David Gwynne |
2011-08-02 | Replace one byte of padding with sa_family_t af in pfsync_state_key; | Ryan Thomas McBride |
2011-07-27 | Add support for weighted round-robin in load balancing pools and tables. | Ryan Thomas McBride |
2011-07-08 | surprisingly, we use pf as classifier for the new priority queueing | Henning Brauer |
2011-07-07 | There were two loops in pf_setup_pdesc() and pf_normalize_ip6() | Alexander Bluhm |
2011-07-07 | Fold pf_test_fragment() into pf_test_rule(), reduce code and fixes | Ryan Thomas McBride |
2011-07-04 | Rename the pf_pdesc field rh_cnt to badopts as it is also used for | Alexander Bluhm |
2011-07-04 | Bye bye pf_test6(). Only one pf_test function for both IPv4 and v6. | Claudio Jeker |
2011-07-03 | bring in least-states load balancing algorithm | Joerg Zinke |
2011-06-21 | There is no need to handle fragmented TCP reset packets in a special | Alexander Bluhm |
2011-06-20 | More cleanup in pf_test/pf_test6 this time mostly the fragment | Claudio Jeker |
2011-05-24 | Merge pf_scrub_ip() and pf_scrub_ip6() into a single function. Call | Claudio Jeker |
2011-05-22 | Do not pass AF specific information to pf_test_rule() and PFLOG_PACKET() | Claudio Jeker |
2011-05-17 | exclude link local address from the dynamic interface address pool | Mike Belopuhov |
2011-04-23 | pf_scrub_ip() does not modify the given mbuf pointer. So don't | Alexander Bluhm |
2011-04-22 | pf_pooladdr_pl does not exist anymore. Remove its extern declaration. | Alexander Bluhm |
2011-04-12 | put the accepted socket of a diverted connection into the routing domain | Mike Belopuhov |
2011-04-06 | Allow PF to filter on the rdomain a packet belongs to. This allows to | Claudio Jeker |