| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 1999-05-03 | Plug mbuf leak | Niklas Hallqvist | |
| 1999-04-22 | we don't need to include buf.h | Artur Grabowski | |
| 1999-04-11 | Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default. | Niklas Hallqvist | |
| If you are going to use either of AH or ESP or both, enable these in /etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now named net.inet.ip.encdebug. Some corrected function signatures too. | |||
| 1999-04-09 | when the REPLACE flag was used, but no former flows was there, we did not | Niklas Hallqvist | |
| increment the IPSEC use counter, potentially missing IPSEC processing on output. | |||
| 1999-03-31 | Implement SADB_SAFLAGS_X_REPLACEFLOW | Niklas Hallqvist | |
| 1999-03-27 | add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing | Niels Provos | |
| SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company. | |||
| 1999-03-24 | Implement lifetime expiration notifications. Fix some typos. Remove statics. | Niklas Hallqvist | |
| 1999-03-19 | Add flag to allow some interfaces to not see packets with unknown destination. | Jason Wright | |
| 1999-03-19 | Add the ability to mark an interface as "non-learning" | Jason Wright | |
| 1999-03-13 | make ifa_refcnt a u_int; andrewb@demon.net | Theo de Raadt | |
| 1999-03-12 | big overhaul: | Jason Wright | |
| o SNAP encapsulated IP filtering o static address cache entries o address deletion from cache o dynamic & full cache flush o filter packets based on each interface, not on the bridge as a whole o KNF nits o allow addition of ~IFF_UP interfaces o man page & user level fixes to match the above | |||
| 1999-03-05 | bump cache timeout up a bit | Jason Wright | |
| 1999-03-05 | Make address cache expiration actually work and provide a knob | Jason Wright | |
| for adjusting the timeout. | |||
| 1999-03-05 | restrict replay window size to 32 | Theo de Raadt | |
| 1999-03-05 | update allocation statistics | Theo de Raadt | |
| 1999-03-04 | remove unnecessary malloc checks when using WAITOK | Theo de Raadt | |
| 1999-03-04 | clear key headers earlier | Theo de Raadt | |
| 1999-03-04 | more paranoid maintenance | Theo de Raadt | |
| 1999-03-02 | keep track of SATYPE registrations per PFKEY socket | Theo de Raadt | |
| 1999-03-02 | ESRCH, not EEXIST; markus.friedl@informatik.uni-erlangen.de | Theo de Raadt | |
| 1999-03-01 | completely (almost) revamped ioctl's: | Jason Wright | |
| o new ioctls for getting/setting cache size (default == 100) o changed SIOCBRDGRT -> SIOCBRDGRTS o changed SIOCBRDGIDX -> SIOCBRDGIFS | |||
| 1999-02-27 | rearrange strcutures to avoid bad padding; deraadt. | Jason Wright | |
| 1999-02-26 | Ethernet bridge/IP firewall driver. | Jason Wright | |
| 1999-02-25 | Allow PF_KEY kernel message replies for X_ADDFLOW, X_DELFLOW, and X_GRPSPIS | Angelos D. Keromytis | |
| 1999-02-25 | Unnecessary ifdef | Angelos D. Keromytis | |
| 1999-02-25 | missing ifdef IPSEC | Angelos D. Keromytis | |
| 1999-02-25 | Possible cause of responses not going back to userland. | Angelos D. Keromytis | |
| 1999-02-25 | Removed osdep.h dependencies. | Angelos D. Keromytis | |
| 1999-02-24 | Not used anymore. | Angelos D. Keromytis | |
| 1999-02-24 | PF_KEY_V2, with local extensions for SPD management. | Angelos D. Keromytis | |
| 1999-02-24 | Work with pfkey instead of pfencap | Angelos D. Keromytis | |
| 1999-02-11 | fix tabs to spaces between #define and NAME, to match the rest of the file | Michael Shalayeff | |
| 1999-02-11 | oops, PPP_XNS protocol type for NS from freebsd | Michael Shalayeff | |
| 1999-02-05 | Don't count IPsec-related "route misses", as we're not really finding | Angelos D. Keromytis | |
| unreachable hosts/networks. | |||
| 1999-02-04 | deal with rts_* members being u_int32_ now; cmetz | Theo de Raadt | |
| 1999-02-04 | u_int32_t for routing statistics variables | Theo de Raadt | |
| 1999-02-04 | ipv6 support for atm | Theo de Raadt | |
| 1999-01-11 | Remove unnecessary panic(). | Angelos D. Keromytis | |
| 1999-01-08 | inet6 support; NRL/cmetz | Theo de Raadt | |
| 1999-01-08 | INET6 support; NRL/cmetz | Theo de Raadt | |
| 1999-01-07 | global decl for *intr() routines, plus add INET6 | Theo de Raadt | |
| 1999-01-07 | in ifa_ifwithroute(), ensure we have a route to our gateway, for tunnels; cmetz | Theo de Raadt | |
| 1999-01-07 | update for ipv6 | Theo de Raadt | |
| 1999-01-07 | in_pcblookup() now takes ptr to both ip address arguments | Theo de Raadt | |
| 1999-01-07 | fix IFAFREE() to be safe for if/else nesting | Theo de Raadt | |
| 1998-11-12 | crank BPF_BUFSIZE so that fddi frames fit | Theo de Raadt | |
| 1998-09-17 | avoid panic; garath@code.ridgefield.org | Theo de Raadt | |
| 1998-09-03 | o OpenBSD gets if_media support (from NetBSD) | Jason Wright | |
| o rework/simplify if_xl to use it | |||
| 1998-08-24 | Don't deref NULL. | Jason Downs | |
| 1998-08-19 | use correct upper bound | Niels Provos | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |