summaryrefslogtreecommitdiff
path: root/sys/net
AgeCommit message (Collapse)Author
2001-06-28forgot to init fr_timeoutNiels Provos
2001-06-28first stab at packet normalization. includes full ip reassembly.Niels Provos
okay dhartmei@, dugsong@
2001-06-28Disallow filter modification when the system is "highly secure".Hugh Graham
Passed by dhartmei.
2001-06-27change pf_tree_key->addr[2] from u_int32_t to struct in_addr for NielsDaniel Hartmeier
2001-06-27in rdr rules, let port 0 be the port wildcard; ok dhartmei@jasoni
2001-06-27change pf_tree_node->state to void *, so Niels can use a tree for fragment ↵Daniel Hartmeier
handling
2001-06-27use proper icmp defineNiels Provos
2001-06-27add -z flag for zeroing statistics. -s status no longer resets anythingKjell Wooding
2001-06-27add microtime, which seems to have gotten lost.Kjell Wooding
2001-06-27IPFILTER->NPFAngelos D. Keromytis
2001-06-27introduce the ALTQ queue macros into sys/net files.Kenjiro Cho
the new model removes direct references to the fields in ifp->if_snd, and defines the following macros to manipulate ifp->if_snd. IFQ_ENQUEUE(ifq, m, pktattr, err) IFQ_DEQUEUE(ifq, m) IFQ_POLL(ifq, m) IFQ_PURGE(ifq) IFQ_IS_EMPTY(ifq) the new model also enforces some rules regarding how to use these macros. details are descrined in http://www.csl.sony.co.jp/~kjc/software/altq-new-design.txt
2001-06-27ALTQ base modifications to the kernel.Kenjiro Cho
- ALTQ introduces a set of new queue macros that coexist with the traditional IF_XXX macros. - "struct ifaltq" replaces "struct ifqueue" in "struct ifnet". - assign cdev major 74 for i386 and 54 for alpha as ALTQ control interface.
2001-06-27Don't bzero() after doing a TAILQ_INIT()...Angelos D. Keromytis
2001-06-27Initialize acquire state list in newly allocated policy.Angelos D. Keromytis
2001-06-27state counter changesTheo de Raadt
2001-06-27big KNFTheo de Raadt
2001-06-27remove unneccessary check in ioctlTheo de Raadt
2001-06-27Get rid of M_COPY_* macros; either use M_MOVE_* or M_DUP_*, dependingAngelos D. Keromytis
on how macros should be treated. Code by fgsch@, ok by me and itojun@
2001-06-27typoDug Song
2001-06-27for other protocols, keep correct track of match statsNiels Provos
2001-06-27handle non-TCP/UDP/ICMP protocolsDug Song
2001-06-27remove print_ip, its unusedNiels Provos
2001-06-27clean up TAILQ usageNiels Provos
2001-06-27KNFNiels Provos
2001-06-27KNFNiels Provos
2001-06-27only set reason code match if there was a rule that we matchedNiels Provos
2001-06-27Don't cache packets that hit policies -- we'll do that at the PCB forAngelos D. Keromytis
local packets.
2001-06-26update match countsNiels Provos
2001-06-26name comparison operatorsDug Song
2001-06-26fix PFRES_MAX handlingTheo de Raadt
2001-06-26array of counters indexed by reason codesTheo de Raadt
2001-06-26rules have numbers now, use them. add two spl locks.Daniel Hartmeier
2001-06-26clean up copyrightNiels Provos
2001-06-26rule nr is in rule nowNiels Provos
2001-06-26add rule nr for NielsDaniel Hartmeier
2001-06-26pass rule to logging for state matchesNiels Provos
2001-06-26log-all causes state matches to log packets to pflogNiels Provos
2001-06-26add rule pointer and log option to statesDaniel Hartmeier
2001-06-26get rid of another printfNiels Provos
2001-06-26use reasons in pull_hdr, default log if pull_hdr fails. okay deraadt@Niels Provos
2001-06-26Use pool(9) for IPsec policy structures.Angelos D. Keromytis
2001-06-26Keep the PFKEY sequence number at the TDB, plus a little bit of KNFAngelos D. Keromytis
2001-06-26no longer pass around **mTheo de Raadt
2001-06-26deal with NULL rule being passed to loggingNiels Provos
2001-06-26fix logging. the ip header is contained in the first mbuf. itojun and me.Niels Provos
2001-06-26forgot htonsNiels Provos
2001-06-26add a subreason to the link header to allow us to determine why a packet wasNiels Provos
dropped or passed. from discussion with theo and me.
2001-06-26allow 0.0.0.0/x in rulesPeter Stromberg
2001-06-26more suitable error values when DIOCSTART/STOP fail; peters@telia.netDaniel Hartmeier
2001-06-26no // commentsMarkus Friedl
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-11 22:18:18 +0000