src - OpenBSD base system

Age	Commit message (Collapse)	Author
2002-01-02	allow for setting of the loopback MTU, set IFF_RUNNING on address configuration	Dug Song

2002-01-02	Don't forget to deallocate on failure.	Jason Wright

2002-01-01	This is ugly: make a specialized deep copy in bridge_broadcast() that	Jason Wright
	ensures that the payload after the ethernet header is nicely aligned (basically this is two copies, one for the ethernet header and one for the payload) and glue the two copies together. bridge_filter() assumes it has been handed a nicely aligned packet. This should address pr#2248.
2001-12-31	only require write mode for modifying ioctls; dhartmei@, frantzen@, deraadt@ ok	Michael Shalayeff

2001-12-27	revision 1.12 lacks paren around && within \|\| (gcc warns and compilation stops).	Jun-ichiro itojun Hagino

2001-12-26	misplaced (), causing tcp header be examined in non-tcp packets	Michael Shalayeff

2001-12-26	cosmetic	Jun-ichiro itojun Hagino

2001-12-18	NRL license cleaning	Theo de Raadt

2001-12-18	Update rt_ifp in DIOCCHANGERULE.	jasoni
	- noticed by DJ Gregor <gregor.7@osu.edu>
2001-12-15	add support for creating span ports so that one can snoop a bridge	Jason Wright
	from another interface/machine/network.
2001-12-13	remove redundant #if NPF. ok jason@	jasoni

2001-12-12	Remember to add the current time...problem noticed by ho@	Angelos D. Keromytis

2001-12-11	Use queue.h macros.	Jason Wright

2001-12-11	- Log packet while mbuf is still valid.	jasoni
	- If logging and r == NULL, use r0 leaving r untouched. - Note that pf_route/pf_route6 can free the mbuf. Thanks and ok frantzen@
2001-12-10	Add an ioctl to add state entries (DIOCADDSTATE) for proxies.	Daniel Hartmeier

2001-12-10	Add stateful filtering for other (non-TCP/UDP/ICMP) protocol, based on	Daniel Hartmeier
	source/destination addresses/ports only. Add RDR for ICMP. Add NAT/RDR/BINAT for other protocols. Destination and redirection port(s) are now optional for RDR rules. Not specifying destination port(s) means 'redirect all ports', not specifying redirection port(s) means 'redirect to the original port'.
2001-12-10	use queue.h macros for TAILQ operations	Jason Wright

2001-12-10	update ip stats when dropping an ip packet	jasoni
	ok jason@
2001-12-09	Use queue.h TAILQ macros instead of accessing members directly.	Jason Wright
	(And convert a few loops to TAILQ_FOREACH).
2001-12-09	Don't access the tq members directly, use the queue.h macros. Also,	Jason Wright
	convert several of the loops to TAILQ_FOREACH.
2001-12-08	mflags and len were uninitialized in bridge_broadcast (source of some	Jason Wright
	accounting errors me thinks).
2001-12-06	Use hzto() to handle overflow of (hz * timeout) cases --- when using	Angelos D. Keromytis
	extremely long SA expirations.
2001-12-03	reason int -> u_short. From Mike Pechkin.	Daniel Hartmeier

2001-12-03	Don't reset pf_status.debug and .since on DIOCCLRSTATUS.	Daniel Hartmeier
	From Dries Schellekens. Closes PR 2227.
2001-12-01	217 lines of diff for KNF, dhartmei, you are evil	Theo de Raadt

2001-11-30	only make a copy of the mbuf if the route rule is dup-to	jasoni

2001-11-30	unifdef OLDIP6OUTPUT	Jun-ichiro itojun Hagino

2001-11-27	typo - use correct mbuf	jasoni

2001-11-27	do pf_route() before logging in case the logging created a bogus rule	Mike Frantzen
	(fixes a recent panic) OK dhartmei@ jasoni@ mpech@
2001-11-26	add fastroute options similar to what is found in ipf	jasoni
	ok dhartmei@, frantzen@
2001-11-21	Use pf_pull_hdr() instead of manual mbuf traversal. Fixes potential crashes	Daniel Hartmeier
	in pf_test6() for IPv6 packets with options.
2001-11-20	don't allow CHANGEBINAT ioctl in securelevel > 1	Mike Pechkin
	dhartmei@ ok
2001-11-16	yes, signed substraction does not work because of underflows, revert the ↵	Michael Shalayeff
	previous
2001-11-14	use substract when comparing keys, for ip addrs as well.	Michael Shalayeff
	those happen as signed integers and seem to work fine. saves whole bunch of useless code. dhartmei@ ok
2001-11-13	fix pf from going off into the weeds on an ipv6 icmp packet with certain option	Mike Frantzen
	headers. should fix pr #2172 ok dhartmei@
2001-11-08	fix the endif comment	Michael Shalayeff

2001-11-07	enc and pflog were using iana space, move and update w/ iana current list; ↵	Michael Shalayeff
	niels@ angelos@ ok
2001-11-06	Replace inclusion of <vm/foo.h> with the correct <uvm/bar.h> when necessary.	Miod Vallat
	(Look ma, I might have broken the tree)
2001-11-06	Use #defines for skip step values. From dgregor@net.ohio-state.edu.	Daniel Hartmeier

2001-10-24	Reset states counter when clearing states.	Daniel Hartmeier

2001-10-17	make sure we use same key for removal (AF_INET was missing), ok deraadt@, ↵	Markus Friedl
	dhartmei@ reported buy wizz@mniam.net
2001-10-15	Add 'allow-opts' to rules. Packets with IP options will be blocked by	Daniel Hartmeier
	default now, and can be allowed per rule. ok deraadt@
2001-10-13	Patch from Ryan McBride, fixes IPv6 return-rst problem, found by	Daniel Hartmeier
	Todd Fries. ok deraadt@
2001-10-07	fixes pr/2105	Niels Provos

2001-10-05	Fix bug in if_vlan which could cause crashes in timeouts and 'ifconfig -a'	Dale Rahn
	ok niklas@
2001-10-03	M_WAIT in ether_output is wrong. Fix APPLETALK stuff.	Artur Grabowski

2001-10-02	change timeval to bpf_timeval; 32 bit in size, permitting much greater ↵	Theo de Raadt
	portability
2001-10-02	Convert ip_off of the inner IP header to host order in pf_test_state_icmp().	Daniel Hartmeier
	Some of the IP header fields are already converted by ip_input.c (including ip_off), but of course not for inner headers of ICMP packets. The other fields which are left in network order are ok. This broke state search for any ICMP error message who referred to an IP header with the DF flag set, hence any ICMP_UNREACH_NEEDFRAG message. Found by Andreas Gunnarsson <andreas@crt.se>. Thank you.
2001-10-01	Make number of vlan interfaces configurable from UKC.	Niklas Hallqvist
	ok jason@, chris@, deraadt@
2001-09-30	Tune TCP fsm (99.7% - 99.9% accuracy over 1e6 connections)	Mike Frantzen