| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 1998-12-28 | ensure the ip packet embedded inside an icmp packet has correct ip_len, | Theo de Raadt | |
| ip_off, ip_id. for udp, also correct uh_sum. ip_sum is still set to 0; (all this debugged using nmap) | |||
| 1998-12-26 | make ip_id random but ensure that ids dont repeat for some period. | Niels Provos | |
| 1998-11-13 | Recompute ip header length after packet has been reassembled, and also | Niels Provos | |
| use the actual header length for m_pullup, pointed out by jdb@es2.net and guido@freebsd.org. | |||
| 1998-05-18 | first step to the setsockopt/getsockopt interface as described in | Niels Provos | |
| draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal userland key management applications when security services are requested. this is only for outgoing connections at the moment, incoming packets are not yet checked against the selected socket policy. | |||
| 1998-02-14 | wildcard ifaces; finally, after HE said it's ok | Michael Shalayeff | |
| 1998-02-03 | bail out for sourcerouted packets earlier, also do not forward | Theo de Raadt | |
| sourcerouted packets ever if ipforwarding is off; tqbf@secnet.com | |||
| 1998-02-01 | undo wildcard loopback stuff; it was not checked by other developers | Theo de Raadt | |
| 1998-02-01 | support wildcard loopbacks. that is, setting up lo1 like: | Michael Shalayeff | |
| ifconfig lo1 inet 192.168.1.1 netmask 255.255.255.0 link1 would force it to act like all the addresses from net 192.168.1 were added to the interface. todo: man lo | |||
| 1997-08-09 | The list of tcp/udp ports not to allocate dynamically is now | Todd C. Miller | |
| a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc. | |||
| 1997-02-28 | IPsec socket API hooks are in. | Angelos D. Keromytis | |
| 1997-02-22 | Fixed problem in ip_weadvertise(). | Angelos D. Keromytis | |
| 1997-02-22 | ICMP redirects will not be sent if we do proxy arp pointing to ourselves. | Angelos D. Keromytis | |
| 1997-02-13 | off-by-one-slot for IP timestamp option data inserts, PR#103, ↵ | Theo de Raadt | |
| andreas.gunnarsson@emw.ericsson.se | |||
| 1997-02-11 | ensure ipt->ipt_ptr is right; pr#96, andreas.gunnarsson@emw.ericsson.se | Theo de Raadt | |
| 1997-01-26 | Make ip_len and ip_off unsigned values; don't transmit or accept packets | Thorsten Lockert | |
| larger than the maximum IP packet size. From NetBSD. | |||
| 1996-10-27 | record route is not a problem; thanks bitblt | Theo de Raadt | |
| 1996-10-18 | Do not run IP defragmentation routines unneccecarily; NetBSD PR# 2772 | Thorsten Lockert | |
| 1996-09-02 | Don't drain the protocol queues at interrupt level. | dm | |
| 1996-08-14 | ipaddrs are int; like many other things found after spotting a similar ↵ | Theo de Raadt | |
| netbsd commit... | |||
| 1996-08-02 | Allow viewing of net.inet.ip.sourceroute in secure mode | Thorsten Lockert | |
| 1996-07-29 | From FreeBSD (with slightly different sysctl names): | Jason Downs | |
| "... Allow the user to nominate one of three ranges of port numbers as candidates for selecting a local address to replace a zero port number. The ranges are selected via a setsockopt(s, IPPROTO_IP, IP_PORTRANGE, &arg) call. The three ranges are: default, high (to bypass firewalls) and low (to get a port below 1024). The default and high port ranges are sysctl settable under sysctl net.inet.ip.portrange.* [net.inet.ip.portfirst, net.inet.ip.portlast, net.inet.ip.porthifirst, and net.inet.ip.porthilast currently in OpenBSD.] This code also fixes a potential deadlock if the system accidently ran out of local port addresses. It'd drop into an infinite while loop. The secure port selection (for root) should reduce overheads and increase reliability of rlogin/rlogind/rsh/rshd if they are modified to take advantage of it." | |||
| 1996-07-18 | ipfilter 3.1.0 | dm | |
| 1996-05-07 | from NetBSD PR#2296: | Michael Shalayeff | |
| Laine Stump: some icmp destination unreachable packets contain garbage. | |||
| 1996-04-21 | partial sync with netbsd 960418, more to come | Theo de Raadt | |
| 1996-03-09 | restored IP filtering | dm | |
| 1996-03-03 | From NetBSD: 960217 merge | Niklas Hallqvist | |
| 1996-01-25 | IP filter 3.0.1 | dm | |
| 1996-01-07 | from beurton@fnet.fr: Darren Reed's IP filter | dm | |
| 1995-12-14 | re-add my source routing stuff (geeezzz) | Theo de Raadt | |
| 1995-12-14 | from netbsd: | Theo de Raadt | |
| make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers. | |||
| 1995-11-28 | add inet_ntoa() to the kernel. use it to log nicer messages. idea from freebsd | Theo de Raadt | |
| 1995-11-28 | log source route attempts when source routing is disabled | Theo de Raadt | |
| 1995-11-26 | add sysctl net.inet.ip.sourceroute option; default to 0. copied from freebsd | Theo de Raadt | |
| 1995-10-18 | initial import of NetBSD tree | Theo de Raadt | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |