| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2002-02-23 | Pools that are only used in the ioctls can use the nointr allocator. | Artur Grabowski | |
| 2002-02-22 | IEEE80211_NWKEY_* flags; from netbsd | Michael Shalayeff | |
| 2002-02-21 | Correctly initialize the compression case. | Angelos D. Keromytis | |
| 2002-02-17 | Calculate IP checksum and copyback modified headers before logging a | Daniel Hartmeier | |
| packet. Closes PR2402. Note that checksums were only wrong in the logged packet, packets that were passed got a valid checksum anyway. | |||
| 2002-02-15 | pf only uses seconds for time measuring. There is no need to call microtime | Artur Grabowski | |
| on every packet. Use time.tv_sec to get seconds. In the places where it seemed to matter, make sure that time doesn't change under our feet. And it's really unnecessary to do a test on every packet when the test will only fire once every 10 seconds. That's a real waste of time, that's what we have timeouts for. ok frantzen@ | |||
| 2002-02-14 | Reorder struct pf_pdesc members, saves 8 bytes. | Daniel Hartmeier | |
| 2002-02-14 | KNF | Theo de Raadt | |
| 2002-02-14 | Add skip steps for rule action (pass/block vs. scrub) and direction | Daniel Hartmeier | |
| (in vs. out). This speeds up rule set evaluation considerably, because the rules set used to be linearly traversed (even twice) when looking for scrub rules. Ok frantzen@, deraadt@ | |||
| 2002-02-14 | If helps to loop over the correct variable *sigh* | Jason Wright | |
| 2002-02-13 | Be -really- careful not to modify the payload when replacing the ethernet | Jason Wright | |
| header with the 802.1Q header. The reason for this is if_vlan is called by the bridge (via if_start). It cannot modify the mbuf because it might be shared copy. | |||
| 2002-02-13 | sync with KAME. | Kenjiro Cho | |
| make altq actually work with kernl ppp. add if_start for the altq case to kick transmission. don't call ppp_restart() to prevent useless interrupt loop under rate-limiting. | |||
| 2002-02-11 | Remove unused function prototype, from Jason Ish | Daniel Hartmeier | |
| 2002-02-11 | Remove ancient comment regarding memcmp(), from Jason Ish | Daniel Hartmeier | |
| 2002-02-07 | bridge_output() needs a forcibly aligned copy just like bridge_broadcast() | Jason Wright | |
| because of calls it makes to altq; thanks to art for testing and kjc for pointing that I forgot this case. | |||
| 2002-02-07 | Quiet down an annoying message in altq_etherclassify. | Artur Grabowski | |
| 2002-01-23 | compatability -> compatibility. | Federico G. Schwindt | |
| 2002-01-23 | Back out part of last commit, it causes memory to be freed prematurely | Todd C. Miller | |
| in this version of the zlib code; from Wayne Meissner | |||
| 2002-01-23 | It looks like there has been one crack smoking and a few cut and pastes. | Artur Grabowski | |
| PR_FREEHEADER should not be set in pool_init by the caller. It shouldn't be set in pool_init at all. Besides, it's going away soon anyway. | |||
| 2002-01-23 | Pool deals fairly well with physical memory shortage, but it doesn't deal | Artur Grabowski | |
| well (not at all) with shortages of the vm_map where the pages are mapped (usually kmem_map). Try to deal with it: - group all information the backend allocator for a pool in a separate struct. The pool will only have a pointer to that struct. - change the pool_init API to reflect that. - link all pools allocating from the same allocator on a linked list. - Since an allocator is responsible to wait for physical memory it will only fail (waitok) when it runs out of its backing vm_map, carefully drain pools using the same allocator so that va space is freed. (see comments in code for caveats and details). - change pool_reclaim to return if it actually succeeded to free some memory, use that information to make draining easier and more efficient. - get rid of PR_URGENT, noone uses it. | |||
| 2002-01-18 | Fix some zlib memory leaks, originally from Mark Adler | Todd C. Miller | |
| 2002-01-12 | - Only apply fastroute and route-to if we are going in the same | jasoni | |
| direction as the rule. - ok dhartmei@ | |||
| 2002-01-11 | pad the pf_state_{host,peer} to a 32bit quantity; dhartmei@ frantzen@ ok | Michael Shalayeff | |
| 2002-01-09 | Add labels to rules. These are arbitrary names (not to be confused with | Daniel Hartmeier | |
| tags that will be used to tag packets later on). Add pfctl -z to clear per-rule counters. Add pfctl -s labels to output per-rule counters in terse format and only for rules that have labels. Suggested by Henning Brauer. | |||
| 2002-01-08 | Add "no nat/rdr/binat" to nat.conf. The first matching rule applies. | Daniel Hartmeier | |
| If it is a "no" rule, no translation occurs. Useful to exclude certain packets from translation. Suggested by Henning Brauer. | |||
| 2002-01-02 | allow for setting of the loopback MTU, set IFF_RUNNING on address configuration | Dug Song | |
| 2002-01-02 | Don't forget to deallocate on failure. | Jason Wright | |
| 2002-01-01 | This is ugly: make a specialized deep copy in bridge_broadcast() that | Jason Wright | |
| ensures that the payload after the ethernet header is nicely aligned (basically this is two copies, one for the ethernet header and one for the payload) and glue the two copies together. bridge_filter() assumes it has been handed a nicely aligned packet. This should address pr#2248. | |||
| 2001-12-31 | only require write mode for modifying ioctls; dhartmei@, frantzen@, deraadt@ ok | Michael Shalayeff | |
| 2001-12-27 | revision 1.12 lacks paren around && within || (gcc warns and compilation stops). | Jun-ichiro itojun Hagino | |
| 2001-12-26 | misplaced (), causing tcp header be examined in non-tcp packets | Michael Shalayeff | |
| 2001-12-26 | cosmetic | Jun-ichiro itojun Hagino | |
| 2001-12-18 | NRL license cleaning | Theo de Raadt | |
| 2001-12-18 | Update rt_ifp in DIOCCHANGERULE. | jasoni | |
| - noticed by DJ Gregor <gregor.7@osu.edu> | |||
| 2001-12-15 | add support for creating span ports so that one can snoop a bridge | Jason Wright | |
| from another interface/machine/network. | |||
| 2001-12-13 | remove redundant #if NPF. ok jason@ | jasoni | |
| 2001-12-12 | Remember to add the current time...problem noticed by ho@ | Angelos D. Keromytis | |
| 2001-12-11 | Use queue.h macros. | Jason Wright | |
| 2001-12-11 | - Log packet while mbuf is still valid. | jasoni | |
| - If logging and r == NULL, use r0 leaving r untouched. - Note that pf_route/pf_route6 can free the mbuf. Thanks and ok frantzen@ | |||
| 2001-12-10 | Add an ioctl to add state entries (DIOCADDSTATE) for proxies. | Daniel Hartmeier | |
| 2001-12-10 | Add stateful filtering for other (non-TCP/UDP/ICMP) protocol, based on | Daniel Hartmeier | |
| source/destination addresses/ports only. Add RDR for ICMP. Add NAT/RDR/BINAT for other protocols. Destination and redirection port(s) are now optional for RDR rules. Not specifying destination port(s) means 'redirect all ports', not specifying redirection port(s) means 'redirect to the original port'. | |||
| 2001-12-10 | use queue.h macros for TAILQ operations | Jason Wright | |
| 2001-12-10 | update ip stats when dropping an ip packet | jasoni | |
| ok jason@ | |||
| 2001-12-09 | Use queue.h TAILQ macros instead of accessing members directly. | Jason Wright | |
| (And convert a few loops to TAILQ_FOREACH). | |||
| 2001-12-09 | Don't access the tq members directly, use the queue.h macros. Also, | Jason Wright | |
| convert several of the loops to TAILQ_FOREACH. | |||
| 2001-12-08 | mflags and len were uninitialized in bridge_broadcast (source of some | Jason Wright | |
| accounting errors me thinks). | |||
| 2001-12-06 | Use hzto() to handle overflow of (hz * timeout) cases --- when using | Angelos D. Keromytis | |
| extremely long SA expirations. | |||
| 2001-12-03 | reason int -> u_short. From Mike Pechkin. | Daniel Hartmeier | |
| 2001-12-03 | Don't reset pf_status.debug and .since on DIOCCLRSTATUS. | Daniel Hartmeier | |
| From Dries Schellekens. Closes PR 2227. | |||
| 2001-12-01 | 217 lines of diff for KNF, dhartmei, you are evil | Theo de Raadt | |
| 2001-11-30 | only make a copy of the mbuf if the route rule is dup-to | jasoni | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |