freebsd-dev

History

Darren Reed 7b807523f4 Update ipfilter from 3.4.31 -> 3.4.35. Some important changes: * block packets that fail to create state table entries * only allow non-fragmented packets to influence whether or not a logged packet is the same as the one logged before. * correct the ICMP packet checksum fixing up when processing ICMP errors for NAT * implement a maximum for the number of entries in the NAT table (NAT_TABLE_MAX and ipf_nattable_max) * frsynclist() wasn't paying attention to all the places where interface names are, like it should. * fix comparing ICMP packets with established TCP state where only 8 bytes of header are returned in the ICMP error. MFC after: 1 week	2004-06-21 22:46:36 +00:00
..
netinet	Update ipfilter from 3.4.31 -> 3.4.35. Some important changes:	2004-06-21 22:46:36 +00:00

Darren Reed 7b807523f4 Update ipfilter from 3.4.31 -> 3.4.35. Some important changes:

* block packets that fail to create state table entries
* only allow non-fragmented packets to influence whether or not a logged
  packet is the same as the one logged before.
* correct the ICMP packet checksum fixing up when processing ICMP errors for NAT
* implement a maximum for the number of entries in the NAT table (NAT_TABLE_MAX
  and ipf_nattable_max)
* frsynclist() wasn't paying attention to all the places where interface
  names are, like it should.
* fix comparing ICMP packets with established TCP state where only 8 bytes
  of header are returned in the ICMP error.

MFC after:	1 week

2004-06-21 22:46:36 +00:00

netinet

Update ipfilter from 3.4.31 -> 3.4.35. Some important changes:

2004-06-21 22:46:36 +00:00