Age | Commit message (Expand) | Author |
2003-04-07 | Catch and refuse rules with invalid ICMP types (> 40), ok cedric@ | Daniel Hartmeier |
2003-04-05 | Stick pf_default_rule everytime a packet pass because of the | Cedric Berger |
2003-04-05 | Replace the timeout variables by the content of the timeout | Cedric Berger |
2003-04-05 | Cleanup by replacing a bunch of "(*rm)" by just "r" | Cedric Berger |
2003-04-04 | KNF | Theo de Raadt |
2003-04-03 | Back out my last change, which was incorrect or incomplete. | Cedric Berger |
2003-04-03 | Remove (state->rule.ptr != NULL) tests: this is always true now. | Cedric Berger |
2003-04-01 | When using bpf(4) in immediate mode, and using kevent(2) to receive | Artur Grabowski |
2003-03-31 | Protect tdb access w/ spltdb; Patrick Latifi | Todd C. Miller |
2003-03-31 | Only delete rule structure when no state refer to it. | Cedric Berger |
2003-03-25 | Missing splx(); Patrick Latifi | Todd C. Miller |
2003-03-24 | Tree patches from c.pascoe at itee dot uq dot edu dot au: | Jason Wright |
2003-03-21 | - Add missing "\n" to some pf_table.c printf() | Cedric Berger |
2003-03-14 | Correctly flag out radix_node entries with RNF_ROOT flag set: this is not | Cedric Berger |
2003-03-13 | Plug slow memory leak (radix_mask structure). | Cedric Berger |
2003-03-11 | forward 8021Q packets with vlan header if the destination interface has | Markus Friedl |
2003-03-11 | Missing break, unintentional fall-through. Found by Kimmo Mösö. | Daniel Hartmeier |
2003-03-09 | tighten the TCP state code in relation to a FIN before any server responses | Mike Frantzen |
2003-03-09 | use MGETHDR instead of MGET for the first mbuf. | Kenjiro Cho |
2003-03-05 | Small fixes after code review, mostly on error path. | Cedric Berger |
2003-03-04 | (really) support user/group rules with 'inet6' | Philipp Buehler |
2003-03-03 | Make "pfctl -ss" output easier to parse. NO TRAFFIC -> NO_TRAFFIC. | Cedric Berger |
2003-03-02 | Use priority queue for TCP ACKs that have no payload. Very useful on | Daniel Hartmeier |
2003-02-28 | splsoftnet() around rn_lookup() which is not thread-safe. | Cedric Berger |
2003-02-27 | make packet classification for altq work in the IPv6 case | Henning Brauer |
2003-02-27 | Repair IPv6 support for tables. | Cedric Berger |
2003-02-25 | - Handle src and dst comparisons correctly for binat so that it works | Ryan Thomas McBride |
2003-02-24 | SADB_X_CALG_MAX is supposed to be the highest numbered supported algorithm | Jason Wright |
2003-02-23 | typo in export_auth; ok ho@ | Markus Friedl |
2003-02-21 | Plug two mbuf leak on error bugs, one from dhartmei one from me. | Jason Wright |
2003-02-18 | Enforce min-ttl and random-id on inbound scrub as well as outbound. | Camiel Dobbelaar |
2003-02-17 | enqueue the copy that was just made, not the original (probably fixes kernel/... | Jason Wright |
2003-02-16 | KNF | Theo de Raadt |
2003-02-16 | KNF | Jason Wright |
2003-02-15 | skeleton support for LZS compression | Jason Wright |
2003-02-15 | s/LSZ/LZS (consistent with linux and isakmpd *.cst) | Jason Wright |
2003-02-12 | Address the NFS problems recently discussed in various threads. | Daniel Hartmeier |
2003-02-12 | Labels should be followed by statements (fix gcc3 warning). | Henric Jungheim |
2003-02-12 | Remove commons; inspired by netbsd. | Jason Wright |
2003-02-12 | Make r.rpool.proxy_port[] a consistent byte order to match cleanup in | Ryan Thomas McBride |
2003-02-12 | Fix a bunch of pf_route() bugs: | Ryan Thomas McBride |
2003-02-09 | Slightly less noisy debug printf from pf_map_addr(), ok mcbride@ | Daniel Hartmeier |
2003-02-08 | Add scrub option 'random-id', which replaces IP IDs with random values | Daniel Hartmeier |
2003-02-05 | Remove the confusing and more-or-less unnecessary temporary | Ryan Thomas McBride |
2003-02-01 | Make it build without INET6 again. | Daniel Hartmeier |
2003-02-01 | from Chris Pascoe <c.pascoe@itee.uq.edu.au>: | Chris Cappuccio |
2003-01-31 | The fix introduced with 1.294 to solve issues with route-to in | Daniel Hartmeier |
2003-01-31 | Check protocol (TCP/UDP/ICMP/ICMP6) checksums of all incoming packets, | Daniel Hartmeier |
2003-01-31 | Send a RST when an invalid packet matches a TCP state during the | Daniel Hartmeier |
2003-01-25 | Fix the behaviour of rdr rules which redirect to a range of ports; | Ryan Thomas McBride |