Age | Commit message (Collapse) | Author | |
---|---|---|---|
1997-02-21 | Removed no longer necessary cautionary comment. | Angelos D. Keromytis | |
1997-02-21 | Couple of missing ifdefs. | Angelos D. Keromytis | |
1997-02-21 | -nostdinc and big endian cleanup | Niklas Hallqvist | |
1997-02-21 | Fixed error introduced with last patch. | Angelos D. Keromytis | |
1997-02-21 | Removed some of the ugliness in ipsp_kern(). | Angelos D. Keromytis | |
1997-02-20 | DES library for IPSEC; Eric Young (eay@mincom.oz.au) | Theo de Raadt | |
1997-02-20 | IPSEC package by John Ioannidis and Angelos D. Keromytis. Written in | Theo de Raadt | |
Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz | |||
1997-02-16 | udp packets less than min udp packet length are bad; davem@jenolan.rutgers.edu | Theo de Raadt | |
1997-02-13 | prevent free()ed object from being referenced | kstailey | |
1997-02-13 | off-by-one-slot for IP timestamp option data inserts, PR#103, ↵ | Theo de Raadt | |
andreas.gunnarsson@emw.ericsson.se | |||
1997-02-13 | back out prev. change | kstailey | |
1997-02-13 | make SPLNET() do splsoftnet() | kstailey | |
1997-02-12 | protect ip_natexpire | kstailey | |
1997-02-11 | IPF 1.3.7 | kstailey | |
1997-02-11 | ensure ipt->ipt_ptr is right; pr#96, andreas.gunnarsson@emw.ericsson.se | Theo de Raadt | |
1997-02-05 | use arc4random() | Theo de Raadt | |
1997-02-05 | #define ICMP_UNREACH_FILTER -> ICMP_UNREACH_FILTER_PROHIB to match ↵ | kstailey | |
tcpdump/print_icmp.c which had it first | |||
1997-02-04 | changed comment to reflect RFC-1812 | kstailey | |
1997-02-04 | Changed ICMP "unreachable" code #defines to match the ones in | kstailey | |
tcpdump/print-icmp.c since they were in BSD first. | |||
1997-01-30 | for IP_HDRINCL option, use ip_len/ip_off in network order; lidl@va.pubnix.com | Theo de Raadt | |
1997-01-30 | Added ICMP Destination Unreachable codes from RFC-1812: | kstailey | |
14 = Host Precedence Violation. Sent by the first hop router to a host to indicate that a requested precedence is not permitted for the particular combination of source/destination host or 15 = Precedence cutoff in effect. The network operators have imposed a minimum level of precedence required for operation, the datagram was sent with a precedence below this level; | |||
1997-01-30 | added #define for Communication Administratively Prohibited | kstailey | |
as in RFC-1812 Section 5.2.7.1 Destination Unreachable | |||
1997-01-26 | Make ip_len and ip_off unsigned values; don't transmit or accept packets | Thorsten Lockert | |
larger than the maximum IP packet size. From NetBSD. | |||
1997-01-18 | syslog.h -> sys/syslog.h | Jason Downs | |
THIS IS THE KERNEL, DAMNIT. | |||
1997-01-15 | prevent warning: | kstailey | |
in_pcb.c:182: warning: `old' might be used uninitialized in this function | |||
1996-10-27 | record route is not a problem; thanks bitblt | Theo de Raadt | |
1996-10-24 | <sys/dir.h> is for use as a compatibility interface only. Warn if | Thorsten Lockert | |
included by kernel modules, and also remove use from any modules that currently attempt to use it. | |||
1996-10-18 | Do not run IP defragmentation routines unneccecarily; NetBSD PR# 2772 | Thorsten Lockert | |
1996-10-08 | Prototype & Stylistic fixes for high -W gcc levels | Niklas Hallqvist | |
1996-09-30 | handle openbsd cases | Theo de Raadt | |
1996-09-25 | Drop unused variable | Niklas Hallqvist | |
1996-09-23 | fix tuba after synbomb fixes | Theo de Raadt | |
1996-09-20 | `solve' the syn bomb problem as well as currently known; add sysctl's for | Theo de Raadt | |
SOMAXCONN (kern.somaxconn), SOMINCONN (kern.sominconn), and TCPTV_KEEP_INIT (net.inet.tcp.keepinittime). when this is not enough (ie. overfull), start doing tail drop, but slightly prefer the same port. | |||
1996-09-12 | Close TCP receive window when we cannot receive data; suggested by Darren | Thorsten Lockert | |
Reed. Also make a conditional easier to read. | |||
1996-09-12 | TCP Persist handling; from 4.4BSD Lite2 (via NetBSD PR 2335) | Thorsten Lockert | |
1996-09-12 | Don't assume other subnets than our own are local to us; from Luigi Rizzo | Thorsten Lockert | |
by way of Jason Downs & Theo de Raadt. Can be overridden in the kernel configuration file by using "option SUBNETSARELOCAL=1" | |||
1996-09-02 | Don't drain the protocol queues at interrupt level. | dm | |
1996-08-24 | change to so_uid, also fix a missing credential found by dm | Theo de Raadt | |
1996-08-14 | restrict some raw ip packets that may crash ip_output(); from freebsd | Theo de Raadt | |
1996-08-14 | ipaddrs are int; like many other things found after spotting a similar ↵ | Theo de Raadt | |
netbsd commit... | |||
1996-08-07 | Partial protection from TCP SYN attacks | Thorsten Lockert | |
1996-08-05 | stupid typo, going to bed in penance | Theo de Raadt | |
1996-08-05 | only check for takeover permission if non-root | Theo de Raadt | |
1996-08-05 | struct socket gets so_ucred; permit only same uid or root to do port takeover. | Theo de Raadt | |
1996-08-02 | ICMP Router Discovery definitions; from FreeBSD | Thorsten Lockert | |
1996-08-02 | Allow viewing of net.inet.ip.sourceroute in secure mode | Thorsten Lockert | |
1996-07-29 | Remove random() prototype, as it's not needed. Besides it was wrong for the ↵ | Niklas Hallqvist | |
alpha :-) | |||
1996-07-29 | Fix stupid logic error in bind(). | Jason Downs | |
1996-07-29 | Make TCP ISS increment by random amounts | Thorsten Lockert | |
1996-07-29 | Make 600, instead of 512, the lower limit for reserved ports. | Jason Downs | |