src - OpenBSD base system

Age	Commit message (Collapse)	Author
2003-01-07	Add function to search for and remove stale rulesets from other authpf	Daniel Hartmeier
	processes which have terminated unexpectedly. ok beck@
2003-01-06	nicer syslog	Theo de Raadt

2003-01-05	Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table	Daniel Hartmeier
	name. ok henning@, mcbride@, cedric@
2003-01-03	Bring in userland code for accessing PF radix tables.	Cedric Berger
	ok dhartmei@ mcbride@
2003-01-01	Scrub and filter rules are separated now, adjust authpf accordingly.	Daniel Hartmeier

2002-12-29	Mention $user_id, like $user_ip.	Daniel Hartmeier

2002-12-29	Set a macro $user_id to the user name, just like $user_ip is already set	Daniel Hartmeier
	to the IP address. From discussion with Michael Lucas. ok henning@
2002-12-22	KNF	Henning Brauer

2002-12-22	Instead of inserting and removing rules at the top/bottom of the main	Daniel Hartmeier
	ruleset, make authpf manage its rules inside anchors.
2002-12-19	redundant memset	Henning Brauer

2002-12-19	KNF	Henning Brauer

2002-12-18	Fix tree breakage; match changes to struct pfctl (now contains an array	Ryan Thomas McBride
	of pointers to pfioc_rule). Fix from henning@ ok dhartmei@
2002-12-17	Match merge of pf_nat/pf_binat/pf_rdr structs into pf_rule	Ryan Thomas McBride
	- Move pf_compare* functions here - fix ioctls.
2002-12-06	Introduce anchors and named rule sets, allowing to load additional rule	Daniel Hartmeier
	sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons. Idea and ok deraadt@
2002-12-04	catch up to -v -v change in pfctl(8)	Theo de Raadt

2002-12-01	KNF	Henning Brauer

2002-12-01	Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which uses	Ryan Thomas McBride
	old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one. ok dhartmei@ henning@
2002-11-23	don't try to do ioctl with PF_OPT_NOACTION	Ryan Thomas McBride
	does not impact fuction of authpf, but make it consistent with the rest of the add_* family ok dhartmei@
2002-11-23	add code to load lists of redirection addresses for nat/rdr/route-to/etc.	Ryan Thomas McBride

2002-11-22	Disallow non-interactive sessions, to avoid problem of users scp'ing	Bob Beck
	to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
2002-11-19	be more precise	Theo de Raadt

2002-11-19	hacks to make the tree build; henning gets a carrot up the nose next time i ↵	Theo de Raadt
	meet him
2002-10-25	Remove PATH_NATRULES, since nat is no longer in a seperate file.	Camiel Dobbelaar

2002-10-25	- spelling/grammar	Camiel Dobbelaar
	- nat rules are no longer in a seperate file, combine nat example - /32 on all addresses is clutter, since it's the default
2002-10-25	- be even more careful with data supplied from outside	Camiel Dobbelaar
	- check explicitly for negative values from snprintf (-pedantic) - use MAXLOGNAME - use parentheses with all sizeof's for consistency
2002-07-27	Typo; spotted by cdjones@novusordo.net.	Thomas Nordin

2002-07-13	make sure to clean all files.	Artur Grabowski

2002-06-25	hooks for options.	Henning Brauer
	we don't support setting pf options via authpf, but need the hooks here, too. ok dhartmei@, kjell@
2002-06-24	Fix more example rules	Daniel Hartmeier

2002-06-24	When the man page contains such obvious stupid TRIVIAL bugs as this	Theo de Raadt
	which I am fixing, it makes me wonder why the hell is the shown example not something that someone has actually TRIED? Is it not possible people are yammering so much about it on the mailing lists about problems because the people who wrote this don't even check if the man page is CORRECT? But No! Instead of fixing it, the they get email replies on the damned mailing list, and 8 hours later, someone ELSE pipes up with another problem! Why don't you lame asses take responsibility for the problem at hand, CHECK IF THE MAN PAGE IS RIGHT, and instead of replying to the people who post, instead JUST FIX THE DOCUMENTATION PROBLEMS? Or should I remove authpf before you get the idea?
2002-06-24	"quick log" -> "log quick" in example rules, from Rudolfo Munguia	Daniel Hartmeier

2002-06-16	Remove nat.conf(5) reference.	Miod Vallat

2002-06-12	fix a typo that could create a fd leak	Vincent Labrecque
	ok beck@
2002-06-11	Update man page to reality, grammar, and style fixes. from ckuethe@ualberta.ca	Kjell Wooding
	ok beck@
2002-06-11	fix breakage from the stupid way theo and I commited that last big pile of	Bob Beck
	changes.
2002-06-11	I broke this. Remove separate (optional) nat calls	Kjell Wooding

2002-06-08	comment and error message cleanup, from Brian Poole <raj@cerias.purdue.edu>	Bob Beck

2002-06-07	shit. need this. my bad, my pfctl wasn't up to date.	Bob Beck

2002-06-07	fix a few nits in theo's commit, make this install and run setgid authpf	Bob Beck
	so that it can remove the files it creates in /var/authpf
2002-06-07	twist time, space, and other aspects of reality so that we can revoke privs,	Theo de Raadt
	and... as early as possible. (this does not work, beck has the next half of this coming in a few minutes)
2002-06-06	pfctl changes	Michael Shalayeff

2002-05-30	Do not allow user to run authpf if user's shell is not /usr/sbin/authpf to	Oleg Safiullin
	prevent users from playing with $SSH_CLIENT.
2002-05-21	KNF before more major hacking	Theo de Raadt

2002-05-21	clean	Theo de Raadt

2002-05-16	KNF	Theo de Raadt

2002-04-24	Unbreak from pfvar.h change.	Daniel Hartmeier

2002-04-15	fix a typo; from andrew@neep.com.au	Peter Valchev

2002-04-09	make sure we fflush() after a sending a message and fix a typo in a comment	Mike Frantzen
	ok beck@ and deraadt@
2002-04-09	don't trust USER from the environment - bad, allows users to see files	Bob Beck
	they shouldn't
2002-04-09	minor KNF	Theo de Raadt