d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
224,093 Commits 4 Branches 49 Tags 2 GiB
Commit Graph

32 Commits

Author SHA1 Message Date
cy
956164118e Remove dead code. 
Approved by:	re@ (hrs@)
MFC after:	1 week
 2016-06-30 14:53:46 +00:00
ngie
e1dd16d965 Revert r288682 
I meant to do this on ^/user/ngie/more-tests

Pointyhat to: ngie (use svn info next time...)
 2015-10-05 03:26:51 +00:00
ngie
115d008392 Remove some paths preparing for a re-copy from head 2015-10-05 03:25:30 +00:00
emaste
036bc0d6fa ipf(1): Use strchr(3) instead of deprecated index(3) 
Reviewed by:	cy
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D2607
 2015-05-22 18:31:26 +00:00
glebius
78d51c7b15 Stop including if_var.h from userland. 
Sponsored by:	Nginx, Inc.
 2015-04-06 09:42:23 +00:00
glebius
7c22152af0 o Use new function ip_fillid() in all places throughout the kernel, 
where we want to create a new IP datagram.
o Add support for RFC6864, which allows to set IP ID for atomic IP
  datagrams to any value, to improve performance. The behaviour is
  controlled by net.inet.ip.rfc6864 sysctl knob, which is enabled by
  default.
o In case if we generate IP ID, use counter(9) to improve performance.
o Gather all code related to IP ID into ip_id.c.

Differential Revision:		https://reviews.freebsd.org/D2177
Reviewed by:			adrian, cy, rpaulo
Tested by:			Emeric POUPON <emeric.poupon stormshield.eu>
Sponsored by:			Netflix
Sponsored by:			Nginx, Inc.
Relnotes:			yes
 2015-04-01 22:26:39 +00:00
cy
bc2167fa66 #552 destination port not zero after parsing nat rule 
Approved by:	glebius (mentor)
Obtained from:	netbsd CVS repo (r1.4), ipfilter CVS repo (r1.38)
 2014-09-22 16:35:48 +00:00
cy
8937a6a4b7 3561691 gethost never returns an ipv6 address 
Approved by:	glebius (mentor)
Obtained from:	ipfilter CVS repo (r1.34), netbsd CVS repo (r1.4)
 2014-09-22 16:21:25 +00:00
cy
7a5d515231 #551 ipf.conf address structure not properly zero filled 
Approved by:	glebius (mentor)
Obtained from:	ipfilter CVS repo (r1.37), netbsd CVS repo (r1.3)
 2014-09-22 16:13:38 +00:00
cy
c1298c7a07 Update ipfilter 4.1.28 --> 5.1.2. 
Approved by:		glebius (mentor)
BSD Licensed by:	Darren Reed <darrenr@reed.wattle.id.au> (author)
 2013-09-06 23:11:19 +00:00
cy
672af8808c As per the developers handbook (5.3.1 step 1), prepare the vendor trees for 
import of new ipfilter vendor sources by flattening them.

To keep the tags consistent with dist, the tags are also flattened.

Approved by:	glebius (Mentor)
 2013-07-19 05:41:57 +00:00
rpaulo
bd0a652fbe Use pcap's bpf header, not our own copy of it. 2010-10-29 21:23:34 +00:00
rdivacky
9d18ee7303 Fix a typo that causes the for loop to exit immediately. There's 
identical loop a few lines above.

Reviewed by: sam
Approved by: ed (mentor)
Silence from: darrenr (maintainer)
 2009-06-16 13:31:01 +00:00
darrenr
49ad2adb91 2020447 IPFilter's NAT can undo name server random port selection 
Approved by:	darrenr
MFC after:	1 week
Security:	CERT VU#521769
 2008-07-24 12:35:05 +00:00
darrenr
fd172ed327 Pullup IPFilter 4.1.28 from the vendor branch into HEAD. 
MFC after:	7 days
 2007-10-18 21:52:14 +00:00
darrenr
71e82d94e8 Import IPFilter 4.1.28 2007-10-18 21:42:51 +00:00
darrenr
e784ce0e33 ipfstat should parse "any" when used with -D/-S command line options 
PR:	bin/113879
Submitted by:	kabe@sra-tohoku.co.jp
Reviewed by:	darrenr
Approved by:	re
 2007-06-24 16:39:12 +00:00
darrenr
a33069b532 Merge IPFilter 4.1.23 back to HEAD 
See src/contrib/ipfilter/HISTORY for details of changes since 4.1.13
 2007-06-04 02:54:36 +00:00
darrenr
e2e28d4361 Import IPFilter 4.1.23 to vendor branch. 
See src/contrib/ipfilter/HISTORY for details of changes since 4.1.13
 2007-06-04 02:50:28 +00:00
darrenr
1dd4fa592d This commit was generated by cvs2svn to compensate for changes in r170263, 
which included commits to RCS files with non-trunk default branches.
 2007-06-04 02:50:28 +00:00
guido
e49049679f Resolve conflicts 
MFC after:	1 weeks
 2006-08-16 12:23:02 +00:00
guido
092f5d1218 Import IP Filter 4.1.13 2006-08-16 11:51:32 +00:00
darrenr
a3ec5442cc fix "ipf -Z" reporting rubbish and possibly panic'ing box 
MFC after:	4 days
 2006-04-18 13:24:14 +00:00
guido
7ee0924750 Resolve conflicts (and believe me...you don't want to know). 2005-12-30 11:52:26 +00:00
guido
9749beb9e3 Import IP Filter 4.1.10 2005-12-30 11:34:54 +00:00
cognet
8f10c3fc8a arm defaults to unsigned char as well. 2005-05-24 21:25:32 +00:00
darrenr
7b001e5d5e Enable building /sbin/ipf (but not the rescue version) with the ability to 
parse bpf strings for filter rules in ipf.conf
 2005-05-16 16:22:55 +00:00
grehan
e9af45b288 Fix tinderbox build on ppc. 
Requested by:  mlaier
 2005-05-08 00:29:15 +00:00
darrenr
f739412edd Patches from Ruslam Ermilov to remove NetBSD bits from Makefiles and cleanup 
build problems with rescue.
 2005-04-28 16:26:35 +00:00
darrenr
c7e59108a8 Fix include directives that were missing the netinet include directory, where 
the ipl.h file is found.  Also add back in ip_fil.c, which somehow went missing
in action.
 2005-04-26 15:18:45 +00:00
darrenr
d643bc9db0 * Someone imported a lot of files with the wrong CVS tag, so lots of files need 
that fixed in them....
* Keep unnecessary files out of the non-vendor part of this CVS repository.
 2005-04-25 18:20:15 +00:00
darrenr
d438802dcb import ipfilter 4.1.8 into the vendor branch 2005-04-25 17:31:50 +00:00