Age | Commit message (Collapse) | Author | |
---|---|---|---|
2003-01-03 | Bring in userland code for accessing PF radix tables. | Cedric Berger | |
ok dhartmei@ mcbride@ | |||
2003-01-01 | Scrub and filter rules are separated now, adjust authpf accordingly. | Daniel Hartmeier | |
2002-12-29 | Mention $user_id, like $user_ip. | Daniel Hartmeier | |
2002-12-29 | Set a macro $user_id to the user name, just like $user_ip is already set | Daniel Hartmeier | |
to the IP address. From discussion with Michael Lucas. ok henning@ | |||
2002-12-22 | KNF | Henning Brauer | |
2002-12-22 | Instead of inserting and removing rules at the top/bottom of the main | Daniel Hartmeier | |
ruleset, make authpf manage its rules inside anchors. | |||
2002-12-19 | redundant memset | Henning Brauer | |
2002-12-19 | KNF | Henning Brauer | |
2002-12-18 | Fix tree breakage; match changes to struct pfctl (now contains an array | Ryan Thomas McBride | |
of pointers to pfioc_rule). Fix from henning@ ok dhartmei@ | |||
2002-12-17 | Match merge of pf_nat/pf_binat/pf_rdr structs into pf_rule | Ryan Thomas McBride | |
- Move pf_compare* functions here - fix ioctls. | |||
2002-12-06 | Introduce anchors and named rule sets, allowing to load additional rule | Daniel Hartmeier | |
sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons. Idea and ok deraadt@ | |||
2002-12-04 | catch up to -v -v change in pfctl(8) | Theo de Raadt | |
2002-12-01 | KNF | Henning Brauer | |
2002-12-01 | Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which uses | Ryan Thomas McBride | |
old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one. ok dhartmei@ henning@ | |||
2002-11-23 | don't try to do ioctl with PF_OPT_NOACTION | Ryan Thomas McBride | |
does not impact fuction of authpf, but make it consistent with the rest of the add_* family ok dhartmei@ | |||
2002-11-23 | add code to load lists of redirection addresses for nat/rdr/route-to/etc. | Ryan Thomas McBride | |
2002-11-22 | Disallow non-interactive sessions, to avoid problem of users scp'ing | Bob Beck | |
to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning | |||
2002-11-19 | be more precise | Theo de Raadt | |
2002-11-19 | hacks to make the tree build; henning gets a carrot up the nose next time i ↵ | Theo de Raadt | |
meet him | |||
2002-10-25 | Remove PATH_NATRULES, since nat is no longer in a seperate file. | Camiel Dobbelaar | |
2002-10-25 | - spelling/grammar | Camiel Dobbelaar | |
- nat rules are no longer in a seperate file, combine nat example - /32 on all addresses is clutter, since it's the default | |||
2002-10-25 | - be even more careful with data supplied from outside | Camiel Dobbelaar | |
- check explicitly for negative values from snprintf (-pedantic) - use MAXLOGNAME - use parentheses with all sizeof's for consistency | |||
2002-07-27 | Typo; spotted by cdjones@novusordo.net. | Thomas Nordin | |
2002-07-13 | make sure to clean all files. | Artur Grabowski | |
2002-06-25 | hooks for options. | Henning Brauer | |
we don't support setting pf options via authpf, but need the hooks here, too. ok dhartmei@, kjell@ | |||
2002-06-24 | Fix more example rules | Daniel Hartmeier | |
2002-06-24 | When the man page contains such obvious stupid TRIVIAL bugs as this | Theo de Raadt | |
which I am fixing, it makes me wonder why the hell is the shown example not something that someone has actually TRIED? Is it not possible people are yammering so much about it on the mailing lists about problems because the people who wrote this don't even check if the man page is CORRECT? But No! Instead of fixing it, the they get email replies on the damned mailing list, and 8 hours later, someone ELSE pipes up with another problem! Why don't you lame asses take responsibility for the problem at hand, CHECK IF THE MAN PAGE IS RIGHT, and instead of replying to the people who post, instead JUST FIX THE DOCUMENTATION PROBLEMS? Or should I remove authpf before you get the idea? | |||
2002-06-24 | "quick log" -> "log quick" in example rules, from Rudolfo Munguia | Daniel Hartmeier | |
2002-06-16 | Remove nat.conf(5) reference. | Miod Vallat | |
2002-06-12 | fix a typo that could create a fd leak | Vincent Labrecque | |
ok beck@ | |||
2002-06-11 | Update man page to reality, grammar, and style fixes. from ckuethe@ualberta.ca | Kjell Wooding | |
ok beck@ | |||
2002-06-11 | fix breakage from the stupid way theo and I commited that last big pile of | Bob Beck | |
changes. | |||
2002-06-11 | I broke this. Remove separate (optional) nat calls | Kjell Wooding | |
2002-06-08 | comment and error message cleanup, from Brian Poole <raj@cerias.purdue.edu> | Bob Beck | |
2002-06-07 | shit. need this. my bad, my pfctl wasn't up to date. | Bob Beck | |
2002-06-07 | fix a few nits in theo's commit, make this install and run setgid authpf | Bob Beck | |
so that it can remove the files it creates in /var/authpf | |||
2002-06-07 | twist time, space, and other aspects of reality so that we can revoke privs, | Theo de Raadt | |
and... as early as possible. (this does not work, beck has the next half of this coming in a few minutes) | |||
2002-06-06 | pfctl changes | Michael Shalayeff | |
2002-05-30 | Do not allow user to run authpf if user's shell is not /usr/sbin/authpf to | Oleg Safiullin | |
prevent users from playing with $SSH_CLIENT. | |||
2002-05-21 | KNF before more major hacking | Theo de Raadt | |
2002-05-21 | clean | Theo de Raadt | |
2002-05-16 | KNF | Theo de Raadt | |
2002-04-24 | Unbreak from pfvar.h change. | Daniel Hartmeier | |
2002-04-15 | fix a typo; from andrew@neep.com.au | Peter Valchev | |
2002-04-09 | make sure we fflush() after a sending a message and fix a typo in a comment | Mike Frantzen | |
ok beck@ and deraadt@ | |||
2002-04-09 | don't trust USER from the environment - bad, allows users to see files | Bob Beck | |
they shouldn't | |||
2002-04-09 | minor KNF | Theo de Raadt | |
2002-04-08 | Free memory. Patch from millert@. | Mike Pechkin | |
2002-04-07 | fix authpf_kill_states() | Mike Frantzen | |
2002-04-06 | root checks are removed now that we moved the per-user dir, | Bob Beck | |
docs need to reflect this |