Age | Commit message (Expand) | Author |
2021-07-26 | Use per-CPU counters for tunnel descriptor block (tdb) statistics. | mvs |
2021-07-22 | Add sizes for free() in zlib | Theo Buehler |
2021-07-20 | Turn pipex(4) session statistics to per-CPU counters. This makes pipex(4) | mvs |
2021-07-20 | The current workaround to disable parallel IPsec did not work. | Alexander Bluhm |
2021-07-19 | Fix an alignment fault observed on an octeon machine while pppoe(4) was | Stefan Sperling |
2021-07-14 | Export SA replay counters via pfkey and print with ipsecctl. | tobhe |
2021-07-09 | ifq_hdatalen can return 0 if ifq_empty is true, which avoids locks. | David Gwynne |
2021-07-08 | Initialize `ipsec_acquire_pool' pool (9) within pfkey_init() instead of | mvs |
2021-07-08 | Debug printfs in encdebug were inconsistent, some missing newlines | Alexander Bluhm |
2021-07-07 | tell ether_input() to call pf_test() outside of smr_read sections, | Alexandr Nedvedicky |
2021-07-07 | pfsync_undefer() must be called outside of PF_LOCK | Alexandr Nedvedicky |
2021-07-05 | Export tdb MTU to userland via SADB_GET. This helps debug path MTU | tobhe |
2021-07-05 | etherbridge_map was way too clever, so simplify it. | David Gwynne |
2021-06-30 | Remove splnet() from ifnewlladdr(), it is not needed anymore. | Alexander Bluhm |
2021-06-25 | let pfsync_request_update actually retry when it overfills a packet. | David Gwynne |
2021-06-23 | rtsock: revert from timeout_set_flags(9) to timeout_set_proc(9); ok mvs@ | cheloha |
2021-06-23 | augment the global pf state list with its own locks. | David Gwynne |
2021-06-23 | pf_purge_expired_states can check the time once instead of for every state. | David Gwynne |
2021-06-23 | pfsync_undefer_notify needs to be careful before dereferecing state keys. | David Gwynne |
2021-06-23 | rework pf_state_expires to avoid confusion around state->timeout. | David Gwynne |
2021-06-17 | more consistently use pfsync_free_deferral to free the mbuf. | David Gwynne |
2021-06-15 | use getnsecuptime instead of getmicrouptime. | David Gwynne |
2021-06-15 | get the uptime before comparing to it. | David Gwynne |
2021-06-15 | factor out nsecuptime and getnsecuptime. | David Gwynne |
2021-06-15 | rework pfsync deferal timeout handling. | David Gwynne |
2021-06-09 | whitespace tweak. no functional change. | David Gwynne |
2021-06-02 | With parallel execution of pf_test() two packets may try to update the same | Alexandr Nedvedicky |
2021-06-02 | whitespace tweaks, no functional change. | David Gwynne |
2021-06-02 | only read the if_bpf pointer once. | David Gwynne |
2021-06-02 | tpmr_input is called in an smr crit section, so it doesnt need its own. | David Gwynne |
2021-06-02 | read the tpmr if_flags once in tpmr_input so link flags apply consistently. | David Gwynne |
2021-06-02 | use ipv4_check and ipv6_check to well, check ip headers before running pf. | David Gwynne |
2021-06-02 | use ipv4_check and ipv6_check provided by the network stacks. | David Gwynne |
2021-06-01 | Check `so_state' in rtm_senddesync() and return if SS_ISCONNECTED or | mvs |
2021-06-01 | a couple of minor whitespace tweaks. no functional change. | David Gwynne |
2021-05-30 | Declare all struct protosw as constant. | Alexander Bluhm |
2021-05-27 | ajacoutot says i missed copying some bits from bridge for divert-to. | David Gwynne |
2021-05-27 | ajacouto says i missed copying some bits from bridge for divert-to. | David Gwynne |
2021-05-26 | Use `so_lock' to protect key management (PF_KEY) sockets. This can be | mvs |
2021-05-26 | add support for pf divert-to on tpmr, like what was done for veb(4). | David Gwynne |
2021-05-26 | support divert-to when pf applies it to a packet. | David Gwynne |
2021-05-25 | As network features are not added dynamically, the domain structures | Alexander Bluhm |
2021-05-25 | The arrays sadb_exts_allowed_out and sadb_exts_required_out are | Alexander Bluhm |
2021-05-17 | fix state key reference underflow, when sk == skrev | Alexandr Nedvedicky |
2021-05-17 | Revert. Last change should not have been committed. | Claudio Jeker |
2021-05-17 | Increase the default buffer space using on PF_UNIX sockets to 8k. | Claudio Jeker |
2021-05-16 | panic does not require a \n at the end. When one is provided, it looks wrong. | Theo de Raadt |
2021-05-16 | In route detach we delete `rop_timeout' while `rop' is still linked to | mvs |
2021-05-15 | Fix IPsec NAT-T to work with pipex(4). Introduce a new packet tag | YASUOKA Masahiko |
2021-05-06 | Kill pfkeyv2_parsemessage() declaration which is absolutely useless | mvs |