| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | spelling |   jsg | 2021-03-10 | 1 | -2/+2 |
| * | Refactor ip_fragment() and ip6_fragment(). Use a mbuf list to |   bluhm | 2021-03-01 | 1 | -17/+13 |
| * | Use NULL instead of 0 in `m_nextpkt' assignment. |   mvs | 2021-02-23 | 1 | -2/+2 |
| * | use rtalloc_mpath in pf_route and pf_route6. |   dlg | 2021-02-16 | 1 | -3/+4 |
| * | pf_remove_divert_state() is an entry point into pf, modifying the pf state |   patrick | 2021-02-12 | 1 | -1/+7 |
| * | Fix null pointer dereference in pf_route6(). Embedding scope into | bluhm | 2021-02-12 | 1 | -3/+1 |
| * | make if_pfsync.c a better friend with PF_LOCK |   sashan | 2021-02-04 | 1 | -4/+4 |
| * | change pf_route so pf only runs when packets enter and leave the stack. | dlg | 2021-02-03 | 1 | -3/+3 |
| * | change route-to so it sends packets to IPs instead of interfaces. | dlg | 2021-02-01 | 1 | -108/+72 |
| * | handle "once" rules before letting pfsync defer tx of a packet. | dlg | 2021-01-28 | 1 | -15/+15 |
| * | if the route resolved in pf_route is invalid, generate an icmp error. | dlg | 2021-01-27 | 1 | -1/+10 |
| * | have pf_route{,6} clear the pf_pdesc mbuf ref early for route-to/reply-to. | dlg | 2021-01-27 | 1 | -5/+3 |
| * | don't run copies of packets made by dup-to through pf_test. | dlg | 2021-01-27 | 1 | -3/+3 |
| * | pflog(4) tried to log the translated packet with rdr-to, nat-to, | bluhm | 2021-01-19 | 1 | -10/+3 |
| * | The sysctl variable net.inet.ip.forwarding is checked before | bluhm | 2021-01-16 | 1 | -7/+19 |
| * | Remove a check that bypasses pf state tests. It dates back to 2003 | bluhm | 2021-01-15 | 1 | -7/+1 |
| * | Fix build without carp: ifp0 is only used within #if NCARP > 0. |   tb | 2021-01-14 | 1 | -2/+7 |
| * | Minor refactoring in pf(4). Note that struct pfsync_state is no | bluhm | 2021-01-04 | 1 | -18/+4 |
| * | when setting a flowid, set the M_FLOWID csum_flags bit too. | dlg | 2020-12-10 | 1 | -2/+4 |
| * | synproxy should be processing incoming SYN packets only. | sashan | 2020-12-07 | 1 | -2/+2 |
| * | Use interface index instead of pointer to `ifnet' in carp(4). | mvs | 2020-07-24 | 1 | -9/+15 |
| * | kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9) |   cheloha | 2020-06-24 | 1 | -20/+20 |
| * | make ph_flowid in mbufs 16bits by storing whether it's set in csum_flags. | dlg | 2020-06-17 | 1 | -5/+3 |
| * | "set delay" never worked as committed: the delay field was not copied |   otto | 2019-11-17 | 1 | -3/+3 |
| * | Use -1 to indicate an invalid uid/gid, not UID_MAX and GID_MAX. |   millert | 2019-10-17 | 1 | -7/+7 |
| * | pf_state_insert() must grab state lock exclusively | sashan | 2019-08-29 | 1 | -2/+9 |
| * | pf.conf "set timeout interval 1" causes kernel crash | sashan | 2019-08-26 | 1 | -2/+5 |
| * | follow up to 'once rule' expiration | sashan | 2019-07-18 | 1 | -3/+4 |
| * | This commit fixes two bugs involving PF once rules: |   lteo | 2019-07-18 | 1 | -4/+20 |
| * | fix NULL pointer dereference, reported and fix tested by sthen | sashan | 2019-07-11 | 1 | -3/+5 |
| * | Fix previous commit which made src-node have a reference for the kif. |   yasuoka | 2019-07-09 | 1 | -1/+3 |
| * | When source address tracking record is used for "route-to", the next | yasuoka | 2019-07-02 | 1 | -3/+4 |
| * | Link the state and the source track to keep the source track while | yasuoka | 2019-07-01 | 1 | -10/+9 |
| * | States in pf(4) let ICMP and ICMP6 packets pass if they have a | bluhm | 2019-03-20 | 1 | -4/+24 |
| * | Use timeout_add_sec() instead of timeout_add() with a multiplication with hz |   claudio | 2018-12-17 | 1 | -2/+2 |
| * | Remove useless macros |   kn | 2018-12-10 | 1 | -32/+34 |
| * | in the "pf: key search" debug message, add the direction. interface *and* |   henning | 2018-11-15 | 1 | -2/+3 |
| * | - pf: honor quick on anchor rules | sashan | 2018-10-16 | 1 | -4/+5 |
| * | Honor quick on anchor rules | kn | 2018-10-04 | 1 | -1/+7 |
| * | Add reference counting for inet pcb, this will be needed when we | bluhm | 2018-09-13 | 1 | -7/+27 |
| * | - moving state look up outside of PF_LOCK() | sashan | 2018-09-11 | 1 | -33/+117 |
| * | Fix arguments of pf_purge_expired_{src_nodes,rules}() |   sf | 2018-07-22 | 1 | -2/+2 |
| * | trade few 'goto unlock: for 'break' in pf_test() | sashan | 2018-07-12 | 1 | -6/+5 |
| * | the STATE_LOOKUP macro made sense ages ago. It stopped making sense | henning | 2018-07-11 | 1 | -56/+69 |
| * | in pf_set_protostate(), only decrement the half-open states counter when | henning | 2018-07-10 | 1 | -2/+2 |
| * | provide a generic packet delay functionality. packets to be delayed are marked | henning | 2018-07-10 | 1 | -3/+43 |
| * | Refactor the six ways to find TCP options into one new function. As a result: |   procter | 2018-06-18 | 1 | -106/+91 |
| * | The function pf_create_state() calls pf_set_protostate() before | bluhm | 2018-06-04 | 1 | -2/+3 |
| * | While sending the pf syncookie, we are holding the pf lock. So | bluhm | 2018-06-01 | 1 | -2/+2 |
| * | pf route-to should not send packets from 127.0.0.1 or ::1 address | bluhm | 2018-05-10 | 1 | -3/+5 |
