summaryrefslogtreecommitdiff
path: root/sys/net/pfvar.h
AgeCommit message (Expand)Author
2010-06-28Clean up iterface stats handling:Ryan Thomas McBride
2010-06-27stuff nsaddr/ndaddr/nsport/ndport (addrs/ports after NAT, used a lot whileHenning Brauer
2010-05-07Start cleaning up the mess called rtalloc*. Kill rtalloc2, make rtalloc1Claudio Jeker
2010-04-28Cast 'a' to (void *) in the REASON_SET macro. Makes gcc4 happy.Robert Nagy
2010-01-20One \ too many in pfvar.h. From Daniel Dickman <didickman@gmail.com>Ryan Thomas McBride
2010-01-18Convert pf debug logging to using log()/addlog(), a single standardisedRyan Thomas McBride
2010-01-13Remove extern reference to pf_pabuf which uses a structJonathan Gray
2010-01-12First pass at removing the 'pf_pool' mechanism for translation and routingRyan Thomas McBride
2009-12-24add support to pf for filtering a packet by the interface it was receivedDavid Gwynne
2009-12-14fix sticky-address - by pretty much re-implementing it. still followingHenning Brauer
2009-11-24kill obsolete natpassHenning Brauer
2009-11-23remove the nat_rule pointer on pf_state and pf_pdesc, obsolete afterHenning Brauer
2009-11-22cleanup after the NAT changes. we used to have multiple rulesets (scrub,Henning Brauer
2009-11-03Use u_int16_t for rdomains for everything. Using various types makesClaudio Jeker
2009-11-03rtables are stacked on rdomains (it is possible to have multiple routingClaudio Jeker
2009-10-28Add a dedicated pf pool for route options as suggested by henning,Jonathan Gray
2009-10-06Redo the route lookup in the output (and IPv6 forwarding) path if theClaudio Jeker
2009-10-04Add (again) support for divert sockets. They allow you to:Michele Marchetto
2009-09-08I had not enough oks to commit this diff.Michele Marchetto
2009-09-08Add support for divert sockets. They allow you to:Michele Marchetto
2009-09-01the diff theo calls me insanae for:Henning Brauer
2009-06-25scrub_flags is a u_int8_t, but PFSTATE_SCRUB_TCP is 0x0100, so theStuart Henderson
2009-06-08bring back the fixed PF_AEQ/ANEQ/AZERO macros, the offending use has beenHenning Brauer
2009-06-08gah. something is not quite right, sthen sees strange behaviour fixedHenning Brauer
2009-06-08unfuck PF_AEQ PF_ANEQ PF_AZERO macos that got fucked when v6 supportHenning Brauer
2009-05-18The routing table index rtableid has type unsigned int in the routingAlexander Bluhm
2009-04-061) scrub rules are completely gone.Henning Brauer
2009-03-09Make the DIOCSETIFFLAG, DIOCSETLIMIT, and DIOCSETTIMEOUT ioctlsRyan Thomas McBride
2009-02-16pfsync v5, mostly written at n2k9, but based on work done at n2k8.David Gwynne
2009-01-29Split the address selection from pools away from pf.c and put it inPierre-Yves Ritschard
2008-11-24Fix splasserts seen in pr 5987 by propagating a flag that discribesMike Belopuhov
2008-10-08Get rid of the second table entry pool (pfr_kentry_pl2); we're alreadyRyan Thomas McBride
2008-09-22Reorder PFSTATE_PFLOW define:Marco Pfatschbacher
2008-09-09welcome pflow(4), a netflow v5 compatible flow export interface.Henning Brauer
2008-08-26introduce a function to be called when addressing information has changed,Henning Brauer
2008-07-03link pf state keys to tcp pcbs and vice versa.Henning Brauer
2008-06-29Simplify state creation code; merge state import/export code between pfsyncRyan Thomas McBride
2008-06-11store a pointer to the stack side state key in the mbuf packetHenning Brauer
2008-06-10Make counters on table addresses optional and disabled by default.Ryan Thomas McBride
2008-06-10save somespace in the state by collapsing two 8 bit ints used as booleansHenning Brauer
2008-06-10implement a sloppy tcpstate tracker which does not look at sequenceHenning Brauer
2008-05-30trivial KNF before we go furtherHenning Brauer
2008-05-29Second half of PF state table rearrangement.Ryan Thomas McBride
2008-05-29rewrite the state table logic.Henning Brauer
2008-05-18KNFRyan Thomas McBride
2008-05-09Add support to kill states by rule label or state id.Marco Pfatschbacher
2008-05-09divert packets to local socket without modifying the ip header;Markus Friedl
2008-05-08reorder elements in pf_state_peer to avoid wasting memory. cvs blameTheo de Raadt
2008-05-07scrub packets based on tags; ok henningMarkus Friedl
2008-05-07allow setting TOS with scrub; ok mcbride, claudioMarkus Friedl