| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | rename PF_OPT_TABLE_PREFIX to PF_OPTIMIZER_TABLE_PFX and move it to pfvar.h |   henning | 2020-07-21 | 1 | -4/+4 |
| * | sbin/pfctl: replace TAILQ concatenation loop with TAILQ_CONCAT |   bket | 2020-01-28 | 1 | -15/+4 |
| * | Do the actual pfr_strerror() to pf_strerror() rename |   kn | 2020-01-15 | 1 | -3/+3 |
| * | Unify error message for nonexisting anchors | kn | 2020-01-15 | 1 | -3/+3 |
| * | Avoid optimizing empty rulesets | kn | 2019-12-12 | 1 | -2/+5 |
| * | When system calls indicate an error they return -1, not some arbitrary |   deraadt | 2019-06-28 | 1 | -3/+3 |
| * | Remove pfctl_*_pool() remnants | kn | 2019-03-07 | 1 | -6/+1 |
| * | Unbreak build under OPT_DEBUG | kn | 2019-01-03 | 1 | -4/+2 |
| * | Remove unused af argument from unmask() | kn | 2018-09-06 | 1 | -6/+6 |
| * | - patching use-after-free and innocent memory leak in pfctl_optimzie.c |   sashan | 2017-11-25 | 1 | -30/+38 |
| * | - pfctl rule optimizer: anchor name vs. anchor path mix up | sashan | 2017-11-25 | 1 | -2/+2 |
| * | A couple of "a->blah == a->blah" -> "a->blah == b->blah". |   krw | 2016-08-03 | 1 | -3/+3 |
| * | Include <netinet/in.h> before <net/pfvar.h>. In a future change when | deraadt | 2015-01-21 | 1 | -4/+3 |
| * | Replace all queue *_END macro calls except CIRCLEQ_END with NULL. |   doug | 2014-09-13 | 1 | -2/+2 |
| * | Whole bunch of (unsigned char) casts carefully added for ctype calls. | deraadt | 2013-11-22 | 1 | -2/+2 |
| * | rtableid must be BREAK instead of MERGE, otherwise the optimizer might | henning | 2012-10-19 | 1 | -2/+2 |
| * | unbreak rule optimizer; ok henning, looks |   mikeb | 2011-12-19 | 1 | -1/+2 |
| * | print ports as numbers by default; -P prints names instead | henning | 2011-11-23 | 1 | -2/+2 |
| * | Add support for weighted round-robin in load balancing pools and tables. |   mcbride | 2011-07-27 | 1 | -1/+2 |
| * | Fold pf_test_fragment() into pf_test_rule(), reduce code and fixes | mcbride | 2011-07-07 | 1 | -2/+2 |
| * | bring in least-states load balancing algorithm |   zinke | 2011-07-03 | 1 | -2/+2 |
| * | Userland bits to allow PF to filter on the rdomain a packet belongs to. |   claudio | 2011-04-06 | 1 | -1/+14 |
| * | remove -A, -O, -R and -T load | henning | 2010-03-23 | 1 | -6/+1 |
| * | First pass at removing the 'pf_pool' mechanism for translation and routing | mcbride | 2010-01-12 | 1 | -43/+8 |
| * | plug some memory leaks; found by parfait, ok henning | deraadt | 2009-12-10 | 1 | -1/+2 |
| * | since "nat/rdr pass" are history natpass can go | henning | 2009-11-23 | 1 | -3/+2 |
| * | cleanup after the NAT changes. we used to have multiple rulesets (scrub, | henning | 2009-11-22 | 1 | -13/+7 |
| * | Add a dedicated pf pool for route options as suggested by henning, |   jsg | 2009-10-28 | 1 | -1/+13 |
| * | the diff theo calls me insanae for: | henning | 2009-09-01 | 1 | -12/+24 |
| * | allow setting TOS with scrub; ok mcbride, claudio |   markus | 2008-05-07 | 1 | -1/+2 |
| * | Add a counter to record how many states have been created by a rule. |   mpf | 2008-05-06 | 1 | -2/+3 |
| * | Create the automatic tables at the base of the anchor stack rather than | mcbride | 2008-01-26 | 1 | -3/+4 |
| * | Get rid of warning when compiling with OPT_DEBUG. | mcbride | 2008-01-25 | 1 | -2/+2 |
| * | typos; ok jmc@ |   martynas | 2007-11-27 | 1 | -3/+3 |
| * | Allow pfctl ruleset optimizer to be controlled from the ruleset. | mcbride | 2006-10-31 | 1 | -3/+3 |
| * | Load all rules into memory before loading into the kernel, and add support | mcbride | 2006-10-28 | 1 | -32/+56 |
| * | teach the optimizer about logif, with & ok frantzen | henning | 2006-10-25 | 1 | -1/+2 |
| * | implement a Unicast Reverse Path Forwarding (uRPF) check for pf(4) |   djm | 2006-03-14 | 1 | -1/+3 |
| * | make the packet and byte counters on rules and src nodes per direction, | henning | 2005-06-13 | 1 | -3/+5 |
| * | switch the max_src_{states,conn,conn_rate} from superblock breaks to superblock |   frantzen | 2005-05-26 | 1 | -3/+4 |
| * | make the remaining pf_rule fields named superblock BREAKs instead just letting | frantzen | 2005-05-25 | 1 | -1/+13 |
| * | make the optimizer safe in the presence of interface groups. they must act as | frantzen | 2005-05-25 | 1 | -2/+42 |
| * | don't merge a rule's source address into a table if we're already trying to | frantzen | 2005-01-03 | 1 | -1/+3 |
| * | &&/|| inversion would try to merge IP addresses with non-addresses into a | frantzen | 2004-12-14 | 1 | -2/+2 |
| * | add two warn() calls to make sure a warning message gets printed if one of | frantzen | 2004-12-14 | 1 | -3/+7 |
| * | spacing | deraadt | 2004-08-08 | 1 | -9/+8 |
| * | 'pfctl -o' ruleset optimizer that doesnt change the meaning of the final ruleset | frantzen | 2004-07-16 | 1 | -0/+1558 |
