src - OpenBSD base system

Age	Commit message (Collapse)	Author
2003-06-03	remove term 3, with permission from Chris Kuethe for pathnames.h	Bob Beck

2003-05-10	Be polite about leaving invalid data around in globals, just in case	Chad Loder
	someone comes along later, modifies the code, and runs into a problem. OK beck@
2003-05-10	catch up with pfctl changes	Henning Brauer

2003-04-30	Allow tables to be loaded into anchors.	Cedric Berger
	Most pfctl table commands (excluding 'show' and 'flush') support the "-a" modifier. ok dhartmei@
2003-04-20	authpf is supposed to die if the /etc/authpf/authpf.conf is not present.	Bob Beck
	pr # 3217, patch from frisco@blackant.net
2003-02-19	sync to pfctl; BAD HENNING BAD BAD BAD NO COOKIE	Theo de Raadt

2003-02-11	adjust after pfctl changes	Henning Brauer

2003-02-03	typos and minor KNF; from andrushock, thanks!	Henning Brauer

2003-02-02	adjust after pfctl change; parse_rules doesn't take opts seperately any more	Henning Brauer

2003-01-29	do setprocticle; ok camield	Theo de Raadt

2003-01-27	remove some unused includes, from Andrey Matveev	Daniel Hartmeier

2003-01-26	mop up, from krw	Daniel Hartmeier

2003-01-25	Permit initialisation of a table content from a file in pf.conf.	Cedric Berger
	Cleaning up of the table options parsing, more flexible. idea+cleanup deraadt@, ok dhartmei@, pass all regress tests.
2003-01-09	Add support for active/inactive tablesets in the kernel.	Cedric Berger
	Add table definition/initialisation construct in pfctl parser. Add and fix documentation for pf.4 and pf.conf.5. Tested on i386 and sparc64 by myself, macppc by Daniel. ok dhartmei@
2003-01-07	Add function to search for and remove stale rulesets from other authpf	Daniel Hartmeier
	processes which have terminated unexpectedly. ok beck@
2003-01-06	nicer syslog	Theo de Raadt

2003-01-05	Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table	Daniel Hartmeier
	name. ok henning@, mcbride@, cedric@
2003-01-01	Scrub and filter rules are separated now, adjust authpf accordingly.	Daniel Hartmeier

2002-12-29	Set a macro $user_id to the user name, just like $user_ip is already set	Daniel Hartmeier
	to the IP address. From discussion with Michael Lucas. ok henning@
2002-12-22	KNF	Henning Brauer

2002-12-22	Instead of inserting and removing rules at the top/bottom of the main	Daniel Hartmeier
	ruleset, make authpf manage its rules inside anchors.
2002-12-19	redundant memset	Henning Brauer

2002-12-19	KNF	Henning Brauer

2002-12-18	Fix tree breakage; match changes to struct pfctl (now contains an array	Ryan Thomas McBride
	of pointers to pfioc_rule). Fix from henning@ ok dhartmei@
2002-12-17	Match merge of pf_nat/pf_binat/pf_rdr structs into pf_rule	Ryan Thomas McBride
	- Move pf_compare* functions here - fix ioctls.
2002-12-06	Introduce anchors and named rule sets, allowing to load additional rule	Daniel Hartmeier
	sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons. Idea and ok deraadt@
2002-12-04	catch up to -v -v change in pfctl(8)	Theo de Raadt

2002-12-01	KNF	Henning Brauer

2002-12-01	Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which uses	Ryan Thomas McBride
	old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one. ok dhartmei@ henning@
2002-11-23	don't try to do ioctl with PF_OPT_NOACTION	Ryan Thomas McBride
	does not impact fuction of authpf, but make it consistent with the rest of the add_* family ok dhartmei@
2002-11-23	add code to load lists of redirection addresses for nat/rdr/route-to/etc.	Ryan Thomas McBride

2002-11-22	Disallow non-interactive sessions, to avoid problem of users scp'ing	Bob Beck
	to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
2002-11-19	be more precise	Theo de Raadt

2002-11-19	hacks to make the tree build; henning gets a carrot up the nose next time i ↵	Theo de Raadt
	meet him
2002-10-25	- be even more careful with data supplied from outside	Camiel Dobbelaar
	- check explicitly for negative values from snprintf (-pedantic) - use MAXLOGNAME - use parentheses with all sizeof's for consistency
2002-06-25	hooks for options.	Henning Brauer
	we don't support setting pf options via authpf, but need the hooks here, too. ok dhartmei@, kjell@
2002-06-12	fix a typo that could create a fd leak	Vincent Labrecque
	ok beck@
2002-06-11	fix breakage from the stupid way theo and I commited that last big pile of	Bob Beck
	changes.
2002-06-11	I broke this. Remove separate (optional) nat calls	Kjell Wooding

2002-06-08	comment and error message cleanup, from Brian Poole <raj@cerias.purdue.edu>	Bob Beck

2002-06-07	fix a few nits in theo's commit, make this install and run setgid authpf	Bob Beck
	so that it can remove the files it creates in /var/authpf
2002-06-07	twist time, space, and other aspects of reality so that we can revoke privs,	Theo de Raadt
	and... as early as possible. (this does not work, beck has the next half of this coming in a few minutes)
2002-05-30	Do not allow user to run authpf if user's shell is not /usr/sbin/authpf to	Oleg Safiullin
	prevent users from playing with $SSH_CLIENT.
2002-05-21	KNF before more major hacking	Theo de Raadt

2002-05-16	KNF	Theo de Raadt

2002-04-24	Unbreak from pfvar.h change.	Daniel Hartmeier

2002-04-09	make sure we fflush() after a sending a message and fix a typo in a comment	Mike Frantzen
	ok beck@ and deraadt@
2002-04-09	don't trust USER from the environment - bad, allows users to see files	Bob Beck
	they shouldn't
2002-04-09	minor KNF	Theo de Raadt

2002-04-08	Free memory. Patch from millert@.	Mike Pechkin