Age | Commit message (Expand) | Author |
2009-08-09 | once again ipsec tries to be clever and plays fast, this time by | Henning Brauer |
2008-10-22 | #if INET => #ifdef INET | Marco Pfatschbacher |
2008-10-22 | filter ipv6 ipsec packets on enc0 (in and out), similar to ipv4; | Markus Friedl |
2008-08-26 | call pf_pkt_addr_changed instead of manually clearing the pf state key ptr | Henning Brauer |
2008-07-24 | ipsec is glued into the stack in a very weird way, violating all kinds | Henning Brauer |
2008-06-14 | make easier to read, found during a bug hunt earlier | Todd T. Fries |
2008-06-11 | fix an old typo that prevented outer ipv6 headers from being corrected, | Can Erkin Acar |
2007-12-14 | add sysctl entry points into various network layers, in particular to | Theo de Raadt |
2007-05-28 | double pf performance. | Henning Brauer |
2007-02-08 | - AH: when computing crypto checksum for output, massage source-routing | Jun-ichiro itojun Hagino |
2006-12-15 | make enc(4) count; ok markus@ henning@ deraadt@ | Otto Moerbeek |
2006-12-05 | do not install pmtu routes for transport mode SAs, as they do not | Markus Friedl |
2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter |
2006-03-25 | allow bpf(4) to ignore packets based on their direction (inbound or | Damien Miller |
2006-03-04 | With the exception of two other small uncommited diffs this moves | Brad Smith |
2006-01-13 | Path MTU discovery for NAT-T. | Marco Pfatschbacher |
2005-07-31 | Introduce bpf_mtap_af and bpf_mtap_hdr to be used when passing a mbuf chain | Christopher Pascoe |
2004-11-25 | resolve conflict between M_TUNNEL and M_ANYCAST6, remove M_COMP (it's | Markus Friedl |
2004-06-21 | First step towards more sane time handling in the kernel -- this changes | Thorsten Lockert |
2004-06-21 | make it possble to use IPsec over link-local address (policy table uses | Jun-ichiro itojun Hagino |
2004-04-18 | pass esp/ah/ipcmp to rawip if processing is disabled with sysctl; | Markus Friedl |
2004-02-17 | switch to sysctl_int_arr(); ok henning, deraadt | Markus Friedl |
2003-12-02 | UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt) | Markus Friedl |
2003-07-28 | allow gif(4) over ipsec: mark mbuf for transport mode SA, | Markus Friedl |
2003-07-24 | update ip_len to reflect tunnel header removal (lost duing ip_len | Markus Friedl |
2003-07-09 | do not flip ip_len/ip_off in netinet stack. deraadt ok. | Jun-ichiro itojun Hagino |
2003-07-08 | make sure the packets contains a complete inner header | Markus Friedl |
2003-07-04 | knf typo | Markus Friedl |
2003-05-03 | just as a safety measure, set m_flags to 0 for mbufs allocated on stack. | Jun-ichiro itojun Hagino |
2003-02-20 | knf | Theo de Raadt |
2003-02-20 | If there's no tag to be reset, don't reset it (avoids a NULL deref in the IPC... | Jason Wright |
2002-06-28 | Fix usage counter for IPCOMP --- sam@errno.com | Angelos D. Keromytis |
2002-06-25 | Forgot variable. | Angelos D. Keromytis |
2002-06-25 | Handle correctly return values from xf_input methods --- since the | Angelos D. Keromytis |
2002-06-13 | Remove whitespace from the end of the file. | Angelos D. Keromytis |
2002-06-09 | whitespace | Jun-ichiro itojun Hagino |
2002-06-09 | Set/clear M_AUTH_AH. | Angelos D. Keromytis |
2002-01-23 | disable pmtu for ipsec when the sysctl says so; bug report cjkim2000@yahoo.com | Niels Provos |
2001-12-06 | Use hzto() to handle overflow of (hz * timeout) cases --- when using | Angelos D. Keromytis |
2001-08-09 | Don't check the source address on the packet vs. the one on the SA, as | Angelos D. Keromytis |
2001-08-08 | Remove IPCOMP option, it's now part of IPSEC option. You still need to | Jean-Jacques Bernard-Gundol |
2001-08-07 | enable ah & esp by default, now that we trust the code more | Theo de Raadt |
2001-07-06 | Don't use enc0 interface for IPComp. angelos@ ok. | Jean-Jacques Bernard-Gundol |
2001-07-05 | IPComp support. angelos@ ok. | Jean-Jacques Bernard-Gundol |
2001-06-26 | KNF | Angelos D. Keromytis |
2001-06-25 | Copyright. | Angelos D. Keromytis |
2001-06-24 | path mtu discovery for ipsec. on receiving a need fragment icmp match | Niels Provos |
2001-06-23 | Remove unneeded ip_id convertions. | Federico G. Schwindt |
2001-06-19 | mop up after angelos | Theo de Raadt |
2001-06-08 | Trim include files. | Angelos D. Keromytis |