| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
options are not required.
Suggested by: Vaclav Petricek
MFC after: 2 weeks
|
|
|
|
| |
Reviewed by: ru
|
|
|
|
| |
especially in troff files.
|
|
|
|
|
|
|
|
|
|
|
|
| |
not return ENOBUFS for unreliable protocols like divert.
This should fix an issue when natd(8) keeps spamming already
full dummynet(4) queues with the same packet forever.
Spotted by: chkno@dork.com
Explained by: luigi
Reviewed by: Ari Suutari <ari.suutari@syncrontech.com>
MFC after: 2 weeks
|
|
|
|
| |
Discussed with: phk
|
| |
|
|
|
|
|
|
|
|
|
| |
Set 'log_ipfw_denied' option if you want the old behaviour.
PR: 30255
Submitted by: Flemming "F3" Jacobsen <fj@batmule.dk>
Reviewed by: phk
MFC after: 4 weeks
|
|
|
|
|
|
| |
missed that natd has a -v option that will give similar functionality.
Requested by: ru
|
|
|
|
|
|
|
| |
of a restrictive firewall rule, also report detail on the packet
that caused the failure.
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
| |
in the ipfirewall(4) for incoming FTP/IRC DCC connections.
Submitted by: Rene de Vries <rene@canyon.demon.nl>
Rewritten by: ru
|
| |
|
| |
|
|
|
|
|
|
| |
not associated with any pre-existing link.
Submitted by: brian
|
| |
|
|
|
|
|
| |
Submitted by: Mike Heffner <spock@techfour.net>
Submitted on: audit@freebsd.org
|
| |
|
|
|
|
|
|
| |
PR: 16900
Reviewed by: "Crist J. Clark" <cjclark@home.com>, jkh
Approved by: jkh
|
|
|
|
|
|
|
| |
the interface MTU change (src/sys/net/if_sl.c,v 1.83), track
interface MTU with -dynamic option as well.
PR: 15494
|
|
|
|
|
| |
PR: 14169
Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
| |
interface name if not operating in dynamic mode.
Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
|
| |
- Trailing spaces and empty lines are ignored.
- A `#' sign will mark the remaining of the line as a comment.
Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
|
|
| |
Remove redundant signal() call.
PR: 6676
Submitted by: luoqi
Reviewed by: Ari Suutari <ari@suutari.iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
| |
sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len.
Otherwise the increment will be wrong in certain cases.
Obtained from: Whistle source tree
For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests
SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
|
| |
|
|
|
|
|
|
|
| |
Submitted by: Ruslan Ermilov <ru@ucb.crimea.ua>
PR: 11690
3.2 candidate ?
|
|
|
|
|
|
|
|
|
|
|
| |
o main returns int not void
o use braces to avoid potentially ambiguous else
Note: The fix to natd is potentially functional in nature since I used
the indentation as the right thing rather than the struct semantics.
Someone more familiar with the code should double check me on this one.
Reviewed by: obrien and chuckr
|
|
|
|
| |
PR: 9253
|
| |
|
|
|
|
|
| |
Submitted by: Wes Santee <wes@bogon.net>
PR: 9696
|
|
|
|
| |
Submitted by: Martin Machacek <mm@i.cz>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Transparent proxy support.
- PERMANENT_LINK IS NOW OBSOLETE, use redirect_port instead.
- Drop support for early FreeBSD 2.2 versions
- If separate input & output sockets are being used
use them to find out packet direction instead of
normal mechanism. This can be handy in complex environments
with multiple interfaces.
- PPTP redirect support by Dru Nelson <dnelson@redwoodsoft.com> added.
- Logging enhancements from Martin Machacek <mm@i.cz> added.
Obtained from: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
| |
not providing the backwards-compatability routines in libalias anymore
(which I think may have been a mistake).
|
| |
|
|
|
|
|
|
| |
Cosmetic style changes
Use u_short for port values.
Submitted by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
instead of htonl() !
This results in the int a,b,c,d changing to b,a,c,d,
but as it's subsequently coerced to a u_short, the
ultimate answer is correct.
If this isn't fixed properly soon (by the author) I'll
have a look at it again.
Noted by: eivind & ari@suutari.iki.fi
|
| |
|
|
|
|
| |
/etc/rc.conf.
|
|
|
|
|
| |
deny_incoming option is set to yes.
Submitted by: Ari Suutari <ari@suutari.iki.fi>
|
|
|
|
|
|
|
|
| |
fixed. Natd now waits with select(2) for buffer space
to become available if write fails.
- Packet aliasing library upgraded to 2.2.
Submitted by: Ari Suutari <suutari@iki.fi>
|
|
pppd/natd combination works ok.
Submitted by: Ari Suutari <ari.suutari@ps.carel.fi>
|