| Age | Commit message (Expand) | Author |
|---|
| 2003-05-30 | o the timeout is int, not u_int32_t | Henning Brauer |
| 2003-05-24 | Unused variable. | Cedric Berger |
| 2003-05-18 | speed hack: delay fetching the mbuf tag until we really need it (hit a | Henning Brauer |
| 2003-05-18 | Merge pf_send_ack() and _send_syn() into a generic _send_tcp(). | Daniel Hartmeier |
| 2003-05-17 | Correct two comment typos. | Daniel Hartmeier |
| 2003-05-17 | With rdr we want the source IP from the packet, not the source IP from | Ryan Thomas McBride |
| 2003-05-17 | allow inverse matching on tags | Henning Brauer |
| 2003-05-17 | Add an 'action' code that allows the SYN proxy to swallow/drop a packet | Daniel Hartmeier |
| 2003-05-16 | TCP SYN proxy. Instead of 'keep state' or 'modulate state', one can use | Daniel Hartmeier |
| 2003-05-14 | - modulate TCP Timestamps so they can't be used to detect NAT and to preclude | Mike Frantzen |
| 2003-05-14 | tag on each matching rule, not just the last one. | Henning Brauer |
| 2003-05-14 | unifdef __FreeBSD__ and stuff. markus ok | Jun-ichiro itojun Hagino |
| 2003-05-14 | Use official (from pcap people) link type for pflog. | Can Erkin Acar |
| 2003-05-14 | 2 lines of code bring us tags on nat rules | Henning Brauer |
| 2003-05-14 | move ETHERTYPE_xx declarations to <net/ethertypes.h>. meets netbsd practice. | Jun-ichiro itojun Hagino |
| 2003-05-14 | fix use after free race when purging the new PF tags | Mike Frantzen |
| 2003-05-13 | add support for tagging packets with arbitary tags and filtering based on | Henning Brauer |
| 2003-05-13 | back out. these changes were not tested. it might come as a surprise | Theo de Raadt |
| 2003-05-13 | move ethernet protocol type defs into sys/net/, as it is not just for ethernet | Jun-ichiro itojun Hagino |
| 2003-05-13 | Kill a bunch more commons (very few left =) | Jason Wright |
| 2003-05-13 | nuke common: ifnet_addrs | Jason Wright |
| 2003-05-12 | - TCP window scaling is not applied to the SYNs' window so we must retract the | Mike Frantzen |
| 2003-05-12 | Add comment about special (non-index) PFTM_* values. | Daniel Hartmeier |
| 2003-05-12 | Reorder IPv6 address comparisons to check the least significant parts | Ryan Thomas McBride |
| 2003-05-12 | Correctness nit. Initialise state search trees properly. | Ryan Thomas McBride |
| 2003-05-12 | Adaptive timeout value scaling. Allows to reduce timeout values as the | Daniel Hartmeier |
| 2003-05-12 | Nuke a whole bunch of commons; ok tedu (still more to come *sigh*) | Jason Wright |
| 2003-05-12 | missing include | Henning Brauer |
| 2003-05-11 | the start of stateful TCP scrubbing. dynamically determine the highest TTL of | Mike Frantzen |
| 2003-05-11 | Use sizeof(struct icmp6_hdr) instead of ICMP_MINLEN for IPv6, both are | Daniel Hartmeier |
| 2003-05-10 | Pass ICMP error messages referring to non-TCP/UDP/ICMP packets statefully, | Daniel Hartmeier |
| 2003-05-10 | Support return-icmp for 'other' protocols (non-TCP/UDP/ICMP), for instance | Daniel Hartmeier |
| 2003-05-10 | Prepare pf_change_icmp() for parameter ip == NULL use. | Daniel Hartmeier |
| 2003-05-06 | Fix a bug that prevents rdr/binat (but not nat) from working for protocols | Daniel Hartmeier |
| 2003-05-06 | string cleaning; tedu ok | Theo de Raadt |
| 2003-05-03 | string fixes; tedu ok | Theo de Raadt |
| 2003-05-03 | just as a safety measure, set m_flags to 0 for mbufs allocated on stack. | Jun-ichiro itojun Hagino |
| 2003-05-01 | use "tokenbroadcastaddr" throughout the code for consistency. deraadt ok | Jun-ichiro itojun Hagino |
| 2003-04-30 | Allow tables to be loaded into anchors. | Cedric Berger |
| 2003-04-27 | Update the pfioc_table IOCTL structure. | Cedric Berger |
| 2003-04-25 | Fix nat proxy port allocation. In case a range was manually specified, | Daniel Hartmeier |
| 2003-04-23 | Move m_copyback() to uipc_mbuf where it makes some kinda sense; ok dhartmei | Jason Wright |
| 2003-04-18 | Add code to set the TUN_* flags for INET6 addresses too. This allows a | Jason Wright |
| 2003-04-11 | set/update the queue IDs on filter rules (qid and pqid) on | Henning Brauer |
| 2003-04-09 | KNF | Henning Brauer |
| 2003-04-09 | Change pf_state structure to point to both a rule and the anchor, | Cedric Berger |
| 2003-04-07 | Catch and refuse rules with invalid ICMP types (> 40), ok cedric@ | Daniel Hartmeier |
| 2003-04-05 | Stick pf_default_rule everytime a packet pass because of the | Cedric Berger |
| 2003-04-05 | Replace the timeout variables by the content of the timeout | Cedric Berger |
| 2003-04-05 | Cleanup by replacing a bunch of "(*rm)" by just "r" | Cedric Berger |
