summaryrefslogtreecommitdiff
path: root/sys/net
AgeCommit message (Expand)Author
2003-01-01use a #define for the default state table sizeHenning Brauer
2003-01-01KNFHenning Brauer
2003-01-01KNFHenning Brauer
2003-01-01disable the CLSTATS flag for now, since it violates the O_RDONLY check.Cedric Berger
2003-01-01Behaves correctly when duplicate addresses are given in the same ioctl.Cedric Berger
2003-01-01Behaves properly when someone try to insert/delete the same table nameCedric Berger
2003-01-01Remove skip step for action (scrub vs. non-scrub), as scrub rules areDaniel Hartmeier
2003-01-01Fix breakage from PF_RULESET_MAX increase, regress tests match again.Daniel Hartmeier
2002-12-31Split scrub rules out from the filter rules in the kernel.Ryan Thomas McBride
2002-12-31don't overrun user-supplied buffer. from jinmei@kame, deraadt okJun-ichiro itojun Hagino
2002-12-31Use a default state table limit of 10000 entries. This is safe for allDaniel Hartmeier
2002-12-30Don't forget to copyout the time at which statistics got cleared.Cedric Berger
2002-12-30really count the number of deleted tables - obvious fix.Cedric Berger
2002-12-30KNFHenning Brauer
2002-12-30KNFHenning Brauer
2002-12-29Add support for radix tables for source and destination of PF rules.Cedric Berger
2002-12-27Bugfix and better error handling:Ryan Thomas McBride
2002-12-27Fixups for pf_route and pf_route6.Ryan Thomas McBride
2002-12-27Handle binat-anchor rules in pf_match_translation(), they don't have aDaniel Hartmeier
2002-12-27Initialize rt_ifp in newly allocated pf_state objects to NULL.Daniel Hartmeier
2002-12-26Prettier debug printing in pf_map_addr.Ryan Thomas McBride
2002-12-26Additional sanity checks for pf_route(). Please report when any of theseDaniel Hartmeier
2002-12-23no need to htons the port, it's already in net order, since we swapped it bac...Michael Shalayeff
2002-12-23Change from array to single pf_pabuf (no longer need multiple buffers asRyan Thomas McBride
2002-12-22pfioc_changealtq is not needed anymore; queues will eventually beRyan Thomas McBride
2002-12-22Handle rdr rules with unspecified proxy ports correctly. Also don'tRyan Thomas McBride
2002-12-22mv PF_RULESET_MAX into the enum, slightly less confusing.Ryan Thomas McBride
2002-12-20replace struct assignment w/ bcopy w/ help and testing of millert@; henning@ ...Michael Shalayeff
2002-12-19Clear pf_state.nat_rule pointers when non-main nat rules are removed.Daniel Hartmeier
2002-12-19Replace skip step calculation so it scales O(n) instead of O(n*n).Daniel Hartmeier
2002-12-19fix 'no nat/rdr/binat' evaluation. from mcbride@, slightly modified :)Daniel Hartmeier
2002-12-19Initialize pf_state.nat_rule to NULL if there's no translation used.Daniel Hartmeier
2002-12-18Store translation rule pointer in state entries, so pfctl -vsn can printDaniel Hartmeier
2002-12-18KNFHenning Brauer
2002-12-18little styleHenning Brauer
2002-12-18When logging packets matched by rules within anchors, use the anchor ruleDaniel Hartmeier
2002-12-18KNFHenning Brauer
2002-12-18big KNF roundHenning Brauer
2002-12-18Pass skip step values through ioctl interface, pfctl -vvsr shows them,Daniel Hartmeier
2002-12-18KNFHenning Brauer
2002-12-18Match the rule protocol against the actual protocol of the packet, not justRyan Thomas McBride
2002-12-17Merge pf_nat/pf_binat/pf_rdr structs into pf_rule. Simplifies code, allowsRyan Thomas McBride
2002-12-16add options for 2 more queueing disciplines, PRIQ and HFSC.Kenjiro Cho
2002-12-13add pqueue and pqid to pf_rule.Henning Brauer
2002-12-12Pastos in pf_compare_pool(); dhartmei@, mcbride@ ok.Aaron Campbell
2002-12-12minor KNFHenning Brauer
2002-12-11Use m_copym2 to copy the whole mbuf (cluster included) and notFederico G. Schwindt
2002-12-11unpeeMichael Shalayeff
2002-12-10renumber the get/set debug ioctls for they conflict w/ ppp, we do not keep th...Michael Shalayeff
2002-12-10check IFF_RUNNING early in bstp_transmit_tcn; from netbsd; ok jason@Markus Friedl