| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 1999-06-03 | Repair amiga builds (int schedules need some machine-specific macros) | Marc Espie | |
| 1999-06-01 | Introduce M_PFKEY kmem type, and use it. (angelos@ ok) | Hakan Olsson | |
| 1999-06-01 | Fix some mips -> __mips__ stuff. | Per Fogelstrom | |
| 1999-05-31 | Fix M_TEMP memory leak in pfkeyv2_expire() | Hakan Olsson | |
| (likewise future pfkeyv2_acquire()) | |||
| 1999-05-26 | Implement DLT_RAW, DLT_{SLIP,PPP}_BSDOS from libpcap 0.4 | Brad Smith | |
| 1999-05-24 | Only do basic work in the ethernet interrupt context, and queue packets to | Jason Wright | |
| be bridged. Do the real work in a scheduled netisr. | |||
| 1999-05-23 | Avoid bzero + free after failed malloc(). From niklas@ | Hakan Olsson | |
| 1999-05-21 | For hard expiration-pressure you need to protect PF_KEY socket | Niklas Hallqvist | |
| queueing with spltdb() | |||
| 1999-05-16 | spltdb introduced, protection for tdb lists and related structures, so | Niklas Hallqvist | |
| they won't disappear behind our back by an expiration. Cleanup expiration logic too. | |||
| 1999-05-16 | The enc interface should not be IFF_LOOPBACK, as AH and ESP uses that | Niklas Hallqvist | |
| as receiving interface for filtering | |||
| 1999-05-16 | Add support for static ARP entries that cannot be overwritten. | Hakan Olsson | |
| Ordinary static ARPs that are overwritten will no longer still be static. | |||
| 1999-05-14 | A new scalable IPsec SA expiration model. | Niklas Hallqvist | |
| 1999-05-03 | Plug mbuf leak | Niklas Hallqvist | |
| 1999-04-22 | we don't need to include buf.h | Artur Grabowski | |
| 1999-04-11 | Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default. | Niklas Hallqvist | |
| If you are going to use either of AH or ESP or both, enable these in /etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now named net.inet.ip.encdebug. Some corrected function signatures too. | |||
| 1999-04-09 | when the REPLACE flag was used, but no former flows was there, we did not | Niklas Hallqvist | |
| increment the IPSEC use counter, potentially missing IPSEC processing on output. | |||
| 1999-03-31 | Implement SADB_SAFLAGS_X_REPLACEFLOW | Niklas Hallqvist | |
| 1999-03-27 | add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing | Niels Provos | |
| SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company. | |||
| 1999-03-24 | Implement lifetime expiration notifications. Fix some typos. Remove statics. | Niklas Hallqvist | |
| 1999-03-19 | Add flag to allow some interfaces to not see packets with unknown destination. | Jason Wright | |
| 1999-03-19 | Add the ability to mark an interface as "non-learning" | Jason Wright | |
| 1999-03-13 | make ifa_refcnt a u_int; andrewb@demon.net | Theo de Raadt | |
| 1999-03-12 | big overhaul: | Jason Wright | |
| o SNAP encapsulated IP filtering o static address cache entries o address deletion from cache o dynamic & full cache flush o filter packets based on each interface, not on the bridge as a whole o KNF nits o allow addition of ~IFF_UP interfaces o man page & user level fixes to match the above | |||
| 1999-03-05 | bump cache timeout up a bit | Jason Wright | |
| 1999-03-05 | Make address cache expiration actually work and provide a knob | Jason Wright | |
| for adjusting the timeout. | |||
| 1999-03-05 | restrict replay window size to 32 | Theo de Raadt | |
| 1999-03-05 | update allocation statistics | Theo de Raadt | |
| 1999-03-04 | remove unnecessary malloc checks when using WAITOK | Theo de Raadt | |
| 1999-03-04 | clear key headers earlier | Theo de Raadt | |
| 1999-03-04 | more paranoid maintenance | Theo de Raadt | |
| 1999-03-02 | keep track of SATYPE registrations per PFKEY socket | Theo de Raadt | |
| 1999-03-02 | ESRCH, not EEXIST; markus.friedl@informatik.uni-erlangen.de | Theo de Raadt | |
| 1999-03-01 | completely (almost) revamped ioctl's: | Jason Wright | |
| o new ioctls for getting/setting cache size (default == 100) o changed SIOCBRDGRT -> SIOCBRDGRTS o changed SIOCBRDGIDX -> SIOCBRDGIFS | |||
| 1999-02-27 | rearrange strcutures to avoid bad padding; deraadt. | Jason Wright | |
| 1999-02-26 | Ethernet bridge/IP firewall driver. | Jason Wright | |
| 1999-02-25 | Allow PF_KEY kernel message replies for X_ADDFLOW, X_DELFLOW, and X_GRPSPIS | Angelos D. Keromytis | |
| 1999-02-25 | Unnecessary ifdef | Angelos D. Keromytis | |
| 1999-02-25 | missing ifdef IPSEC | Angelos D. Keromytis | |
| 1999-02-25 | Possible cause of responses not going back to userland. | Angelos D. Keromytis | |
| 1999-02-25 | Removed osdep.h dependencies. | Angelos D. Keromytis | |
| 1999-02-24 | Not used anymore. | Angelos D. Keromytis | |
| 1999-02-24 | PF_KEY_V2, with local extensions for SPD management. | Angelos D. Keromytis | |
| 1999-02-24 | Work with pfkey instead of pfencap | Angelos D. Keromytis | |
| 1999-02-11 | fix tabs to spaces between #define and NAME, to match the rest of the file | Michael Shalayeff | |
| 1999-02-11 | oops, PPP_XNS protocol type for NS from freebsd | Michael Shalayeff | |
| 1999-02-05 | Don't count IPsec-related "route misses", as we're not really finding | Angelos D. Keromytis | |
| unreachable hosts/networks. | |||
| 1999-02-04 | deal with rts_* members being u_int32_ now; cmetz | Theo de Raadt | |
| 1999-02-04 | u_int32_t for routing statistics variables | Theo de Raadt | |
| 1999-02-04 | ipv6 support for atm | Theo de Raadt | |
| 1999-01-11 | Remove unnecessary panic(). | Angelos D. Keromytis | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |