Age | Commit message (Expand) | Author |
2001-10-17 | make sure we use same key for removal (AF_INET was missing), ok deraadt@, dha... | Markus Friedl |
2001-10-15 | Add 'allow-opts' to rules. Packets with IP options will be blocked by | Daniel Hartmeier |
2001-10-13 | Patch from Ryan McBride, fixes IPv6 return-rst problem, found by | Daniel Hartmeier |
2001-10-07 | fixes pr/2105 | Niels Provos |
2001-10-05 | Fix bug in if_vlan which could cause crashes in timeouts and 'ifconfig -a' | Dale Rahn |
2001-10-03 | M_WAIT in ether_output is wrong. Fix APPLETALK stuff. | Artur Grabowski |
2001-10-02 | change timeval to bpf_timeval; 32 bit in size, permitting much greater portab... | Theo de Raadt |
2001-10-02 | Convert ip_off of the inner IP header to host order in pf_test_state_icmp(). | Daniel Hartmeier |
2001-10-01 | Make number of vlan interfaces configurable from UKC. | Niklas Hallqvist |
2001-09-30 | Tune TCP fsm (99.7% - 99.9% accuracy over 1e6 connections) | Mike Frantzen |
2001-09-27 | The skip steps array was one element short (since adding steps for af). | Daniel Hartmeier |
2001-09-27 | switch without break. This caused the 'ICMP too short' messages, since | Daniel Hartmeier |
2001-09-27 | Fix th_ack calculation in pf_send_reset(). return-rst didn't work since | Daniel Hartmeier |
2001-09-23 | ipxintr was missing | Michael Shalayeff |
2001-09-23 | Bump up the tcp half closed timeout (single FIN) to an hour | Mike Frantzen |
2001-09-21 | Fix natlook (broke ftp-proxy) and a memory leak. | Daniel Hartmeier |
2001-09-20 | document why we use random() | Theo de Raadt |
2001-09-20 | occured->occurred | Mike Pechkin |
2001-09-20 | the use of arc4random() in ether_ifattach() is wrong as randomattach() | Peter Galbavy |
2001-09-19 | Patch from Ryan McBride. Compile without INET6, remove unnecessary | Daniel Hartmeier |
2001-09-17 | icmpv6 nat fix, from Ryan McBride | Daniel Hartmeier |
2001-09-16 | Add some missing lengths checks when passing data from userland to | Todd C. Miller |
2001-09-15 | The inner protocol of IPv4 ICMP error messages was ignored, leading to | Daniel Hartmeier |
2001-09-15 | Revert the sleep priority to something more sane | Mike Frantzen |
2001-09-15 | Don't use m_pkthdr.rcvif in pflog_packet(), it doesn't work for outgoing | Daniel Hartmeier |
2001-09-15 | IPv6 support from Ryan McBride (mcbride@countersiege.com) | Mike Frantzen |
2001-09-14 | binat non icmp/udp/tcp protocols as well; ok dhartmei@ | jasoni |
2001-09-11 | Undo BINAT translation when blocking with return-rst/-icmp. | Daniel Hartmeier |
2001-09-08 | initialize variable and more careful bounts checking; okay frantzen@ | Niels Provos |
2001-09-06 | Reflect skip step changes. Spotted by Ryan McBride. | Daniel Hartmeier |
2001-09-06 | 1:1 bidrectional NAT (binat); ok dhartmei@ and frantzen@ | jasoni |
2001-09-05 | Handle uh_sum == 0x0000 correctly. Before, UDP packet checksums were | Daniel Hartmeier |
2001-09-05 | s/pf_natlook/pfioc_natlook (ioctl parameter struct) | Daniel Hartmeier |
2001-09-04 | Add skip steps for interface (ifp). | Daniel Hartmeier |
2001-09-04 | #define empty PFLOG_PACKET correctly (no side effects). Closes PR2044. | Daniel Hartmeier |
2001-09-01 | Inherit baudrate from parent. Now MRTG will show vlan interfaces ;) | Chris Cappuccio |
2001-08-31 | Forgot to commit frag expire tuning before | Mike Frantzen |
2001-08-28 | Add new ioctls to securelevel check, from Can Erkin Acar | Daniel Hartmeier |
2001-08-28 | Bump state timeouts and allow tweaking them from pfctl. | Mike Frantzen |
2001-08-26 | 2nd uninitialized variable that bit me today | Niklas Hallqvist |
2001-08-25 | PF ISN randomization. Or in trekkie techno-babble, ISN phase modulation. | Mike Frantzen |
2001-08-22 | Correct the setup of the intial TCP state window and pre-validate th_ack | Mike Frantzen |
2001-08-22 | Fix panic in pf (was my fault) caused by a bad key compare optimization | Mike Frantzen |
2001-08-21 | KNF | Theo de Raadt |
2001-08-21 | cut/pasto in rule flushing code (using wrong list); base on patch from Henk v... | Jason Wright |
2001-08-21 | Add support for SIOCADDMULTI & SIOCDELMULTI; NetBSD | brian |
2001-08-21 | Pass closing TCP connections through looser state machine (handle Solaris' | Mike Frantzen |
2001-08-19 | Add new ioctls for adding/removing RDR and NAT rules to/from the active | Daniel Hartmeier |
2001-08-19 | Quick optimization of pf_tree_key_compare (should half the instruction count) | Mike Frantzen |
2001-08-19 | Make more money for mickey (count entire IP packets for statistics, not just | Daniel Hartmeier |