aboutsummaryrefslogtreecommitdiff
path: root/sys/netpfil
Commit message (Expand)AuthorAgeFilesLines
...
* Reduce the time it takes the kernel to install a new PF config containing a l...Patrick Kelsey2019-02-112-124/+296
* Return PFIL_CONSUMED if packet was consumed. While here gather allGleb Smirnoff2019-02-021-20/+24
* Fix build without INET6.Gleb Smirnoff2019-02-011-2/+4
* New pfil(9) KPI together with newborn pfil API and control utility.Gleb Smirnoff2019-01-313-140/+193
* Revert r316461: Remove "IPFW static rules" rmlock, and use pfil's global lock.Gleb Smirnoff2019-01-318-14/+13
* Fix the bug introduced in r342908, that causes problems with dynamicAndrey V. Elsukov2019-01-291-1/+1
* Don't re-evaluate ALTQ kernel configuration due to events on non-ALTQ interfacesPatrick Kelsey2019-01-281-0/+8
* pf: Fix use-after-free of countersKristof Provost2019-01-251-14/+14
* pf: Validate psn_len in DIOCGETSRCNODESKristof Provost2019-01-221-7/+11
* pf: fix pfsync breaking carpKristof Provost2019-01-181-0/+1
* pf: silence a runtime warningKristof Provost2019-01-151-1/+4
* Relax requirement to packet size of CARP protocol and remove version check.Andrey V. Elsukov2019-01-111-6/+4
* Fix the build with INVARIANTS.Andrey V. Elsukov2019-01-101-5/+5
* Reduce the size of struct ip_fw_args from 240 to 128 bytes on amd64.Andrey V. Elsukov2019-01-104-138/+174
* Mechanical cleanup of epoch(9) usage in network stack.Gleb Smirnoff2019-01-091-12/+21
* pf: Fix endless loop on NAT exhaustion with sticky-addressKristof Provost2018-12-122-0/+10
* pf: Prevent integer overflow in PF when calculating the adaptive timeout.Kristof Provost2018-12-111-3/+5
* pfsync: Performance improvementKristof Provost2018-12-061-236/+330
* pf: add a comment describing why do we call pf_map_addr again if portKristof Provost2018-12-061-0/+4
* Add ability to request listing and deleting only for dynamic states.Andrey V. Elsukov2018-12-042-6/+27
* Reimplement how net.inet.ip.fw.dyn_keep_states works.Andrey V. Elsukov2018-12-047-162/+401
* Add assertion to check that named object has correct type.Andrey V. Elsukov2018-12-041-0/+2
* pf: Fix panic on overlapping interface namesKristof Provost2018-12-011-1/+2
* Do not limit the mbuf queue length for keepalive packets.Andrey V. Elsukov2018-11-271-3/+2
* Add ability to use dynamic external prefix in ipfw_nptv6 module.Andrey V. Elsukov2018-11-122-15/+169
* pf: Prevent tables referenced by rules in anchors from getting disabled.Kristof Provost2018-11-081-0/+1
* pf: Fix build if INVARIANTS is not setKristof Provost2018-11-021-0/+2
* pf: Keep a reference to struct ifnets we're usingKristof Provost2018-11-021-1/+7
* pfsync: Add missing unlockKristof Provost2018-11-021-0/+1
* pfsync: Allow module to be unloadedKristof Provost2018-11-021-6/+0
* pfsync: Handle syncdev going awayKristof Provost2018-11-023-0/+32
* pfsync: Ensure uninit is done before pfKristof Provost2018-11-021-5/+2
* pfsync: Make pfsync callbacks per-vnetKristof Provost2018-11-023-48/+50
* pf: Limit the fragment entry queue length to 64 per bucket.Kristof Provost2018-11-021-5/+29
* pf: Split the fragment reassembly queue into smaller partsKristof Provost2018-11-021-19/+162
* pf: Count holes rather than fragments for reassemblyKristof Provost2018-11-021-38/+45
* Revert "pf: Limit the maximum number of fragments per packet"Kristof Provost2018-11-021-8/+0
* pf: Make ':0' ignore link-local v6 addresses tooKristof Provost2018-10-281-1/+2
* ipfw: implement ngtee/netgraph actions for layer-2 frames.Eugene Grosbein2018-10-271-5/+19
* pf: Fix copy/paste error in IPv6 address rewritingKristof Provost2018-10-241-1/+1
* pf: ifp can never be NULL in pfi_ifaddr_event()Kristof Provost2018-10-231-1/+4
* Do not decrement RST life time if keep_alive is not turned on.Andrey V. Elsukov2018-10-211-1/+2
* Call inet_ntop() only when its result is needed.Andrey V. Elsukov2018-10-211-8/+11
* Retire IPFIREWALL_NAT64_DIRECT_OUTPUT kernel option. And add abilityAndrey V. Elsukov2018-10-213-36/+92
* pf synproxy will do the 3WHS on behalf of the target machine, and onceKristof Provost2018-10-201-1/+1
* Add extra parentheses to fix "versrcreach" opcode, (oif != NULL) shouldAndrey V. Elsukov2018-10-151-2/+2
* Significantly improve pf purge cpu usage by only taking locksJohn-Mark Gurney2018-09-161-15/+19
* Extended pf(4) ioctl interface and pfctl(8) to allow bandwidths ofPatrick Kelsey2018-08-222-33/+415
* pf: Limit the maximum number of fragments per packetKristof Provost2018-08-171-0/+8
* Fix a typo in comment.Luiz Otavio O Souza2018-08-151-1/+1
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-24 21:13:37 +0000