| Age | Commit message (Expand) | Author |
|---|
| 2014-01-09 | bzero/bcmp -> memset/memcmp. ok matthew | Ted Unangst |
| 2013-11-11 | Replace most of our formating functions to convert IPv4/6 addresses from | Martin Pieuchot |
| 2013-10-23 | Remove the number of in_var.h inclusions by moving some functions and | Martin Pieuchot |
| 2013-10-17 | The header file netinet/in_var.h included netinet6/in6_var.h. This | Alexander Bluhm |
| 2013-06-01 | Fix typo backswards -> backwards. | Alexander Bluhm |
| 2013-04-24 | Instead of having various extern declarations for protocol variables, | Martin Pieuchot |
| 2013-04-11 | Remove the extern keyword from function declarations, document | Martin Pieuchot |
| 2013-04-10 | Remove various external variable declaration from sources files and | Martin Pieuchot |
| 2013-03-31 | Do not transfer diverted packets into IPsec processing. They should | Alexander Bluhm |
| 2013-03-28 | code that calls timeout functions should include timeout.h | Ted Unangst |
| 2013-03-28 | no need for a lot of code to include proc.h | Ted Unangst |
| 2012-09-26 | add M_ZEROIZE as an mbuf flag, so copied PFKEY messages (with embedded keys) | Markus Friedl |
| 2012-09-20 | spltdb() was really just #define'd to be splsoftnet(); replace the former | Bret Lambert |
| 2011-12-22 | Fix RFC reference section | sperreault |
| 2011-12-21 | Compute mandatory UDP checksum for IPv6 packets | sperreault |
| 2011-12-19 | Fix checksum of UDP/TCP packets following RFC 3948. This is required for | YASUOKA Masahiko |
| 2011-04-26 | In ipsec_common_input() the packet can be either IPv4 or IPv6. So | Alexander Bluhm |
| 2011-04-06 | uncompress a packet with an IPcomp header only once; this prevents | Markus Friedl |
| 2011-04-03 | don't rely on implict net/route.h inclusion via pf, claudio ok | Henning Brauer |
| 2011-03-05 | The function pf_tag_packet() never fails. Remove a redundant check | Alexander Bluhm |
| 2010-12-21 | don't leak short packets; ok mikeb@ | Markus Friedl |
| 2010-07-09 | Add support for using IPsec in multiple rdomains. | Reyk Floeter |
| 2010-07-01 | Allow to specify an alternative enc(4) interface for an SA. All | Reyk Floeter |
| 2010-06-29 | Replace enc(4) with a new implementation as a cloner device. We still | Reyk Floeter |
| 2010-04-20 | remove proc.h include from uvm_map.h. This has far reaching effects, as | Ted Unangst |
| 2010-01-02 | uninitalized protocol version for ipv6; from mickey; ok claudio | Markus Friedl |
| 2009-11-13 | Extend the protosw pr_ctlinput function to include the rdomain. This is | Claudio Jeker |
| 2009-08-09 | once again ipsec tries to be clever and plays fast, this time by | Henning Brauer |
| 2008-10-22 | #if INET => #ifdef INET | Marco Pfatschbacher |
| 2008-10-22 | filter ipv6 ipsec packets on enc0 (in and out), similar to ipv4; | Markus Friedl |
| 2008-08-26 | call pf_pkt_addr_changed instead of manually clearing the pf state key ptr | Henning Brauer |
| 2008-07-24 | ipsec is glued into the stack in a very weird way, violating all kinds | Henning Brauer |
| 2008-06-14 | make easier to read, found during a bug hunt earlier | Todd T. Fries |
| 2008-06-11 | fix an old typo that prevented outer ipv6 headers from being corrected, | Can Erkin Acar |
| 2007-12-14 | add sysctl entry points into various network layers, in particular to | Theo de Raadt |
| 2007-05-28 | double pf performance. | Henning Brauer |
| 2007-02-08 | - AH: when computing crypto checksum for output, massage source-routing | Jun-ichiro itojun Hagino |
| 2006-12-15 | make enc(4) count; ok markus@ henning@ deraadt@ | Otto Moerbeek |
| 2006-12-05 | do not install pmtu routes for transport mode SAs, as they do not | Markus Friedl |
| 2006-11-24 | add support to tag ipsec traffic belonging to specific IKE-initiated | Reyk Floeter |
| 2006-03-25 | allow bpf(4) to ignore packets based on their direction (inbound or | Damien Miller |
| 2006-03-04 | With the exception of two other small uncommited diffs this moves | Brad Smith |
| 2006-01-13 | Path MTU discovery for NAT-T. | Marco Pfatschbacher |
| 2005-07-31 | Introduce bpf_mtap_af and bpf_mtap_hdr to be used when passing a mbuf chain | Christopher Pascoe |
| 2004-11-25 | resolve conflict between M_TUNNEL and M_ANYCAST6, remove M_COMP (it's | Markus Friedl |
| 2004-06-21 | First step towards more sane time handling in the kernel -- this changes | Thorsten Lockert |
| 2004-06-21 | make it possble to use IPsec over link-local address (policy table uses | Jun-ichiro itojun Hagino |
| 2004-04-18 | pass esp/ah/ipcmp to rawip if processing is disabled with sysctl; | Markus Friedl |
| 2004-02-17 | switch to sysctl_int_arr(); ok henning, deraadt | Markus Friedl |
| 2003-12-02 | UDP encapsulation for ESP in transport mode (draft-ietf-ipsec-udp-encaps-XX.txt) | Markus Friedl |
