FreeBSD-src - Raptor Engineering's fork of pfsense FreeBSD src with pfSense changes

	Commit message (Collapse)	Author	Age	Files	Lines
*	MFC r259916:	bz	2014-08-16	4	-4/+35
\| \| \| \| \| \| \| \| \| \|	Use feature_present(3) to determine whether to open an INET or an INET6 socket when needed to allow pfctl to work on noinet and noinet6 kernels (and try to provide a fallback using AF_LINK as best effort). Adjust the Makefile to also respect relevant src.conf(5) options for compile time decisions on INET and INET6 support. Reviewed by: glebius (no objections)
*	Merge r261882, r261898, r261937, r262760, r262799:	glebius	2014-03-11	1	-6/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Once pf became not covered by a single mutex, many counters in it became race prone. Some just gather statistics, but some are later used in different calculations. A real problem was the race provoked underflow of the states_cur counter on a rule. Once it goes below zero, it wraps to UINT32_MAX. Later this value is used in pf_state_expires() and any state created by this rule is immediately expired. Thus, make fields states_cur, states_tot and src_nodes of struct pf_rule be counter(9)s.
*	- Get rid of #ifdef __FreeBSD__.	glebius	2012-09-29	1	-21/+8
\| \| \| \|	- Use correct format when printing uint64_t.
*	Minor mdoc fix.	joel	2012-09-14	1	-2/+2
\|
*	o Create directory sys/netpfil, where all packet filters should	glebius	2012-09-14	25	-2261/+17366
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	reside, and move there ipfw(4) and pf(4). o Move most modified parts of pf out of contrib. Actual movements: sys/contrib/pf/net/.c -> sys/netpfil/pf/ sys/contrib/pf/net/.h -> sys/net/ contrib/pf/pfctl/.c -> sbin/pfctl contrib/pf/pfctl/.h -> sbin/pfctl contrib/pf/pfctl/pfctl.8 -> sbin/pfctl contrib/pf/pfctl/.4 -> share/man/man4 contrib/pf/pfctl/.5 -> share/man/man5 sys/netinet/ipfw -> sys/netpfil/ipfw The arguable movement is pf/net/*.h -> sys/net. There are future plans to refactor pf includes, so I decided not to break things twice. Not modified bits of pf left in contrib: authpf, ftp-proxy, tftp-proxy, pflogd. The ipfw(4) movement is planned to be merged to stable/9, to make head and stable match. Discussed with: bz, luigi
*	Switch the default WARNS level for sbin/ to 6.	ru	2009-10-19	1	-0/+1
\| \| \| \|	Submitted by: Ulrich Spörlein
*	Link pf 4.1 to the build:	mlaier	2007-07-03	1	-0/+2
\| \| \| \| \| \| \| \|	- move ftp-proxy from libexec to usr.sbin - add tftp-proxy - new altq mtag link Approved by: re (kensmith)
*	Add missing library dependencies.	ru	2006-04-13	1	-1/+1
\|
*	Adapt Makefiles for pfctl(8) and authpf(8) to 3.7 sources.	mlaier	2005-05-03	1	-0/+1
\|
*	Remove -I from CFLAGS. This splipped in with the 3.5 import (as I was	mlaier	2004-10-03	1	-1/+0
\| \| \| \| \| \|	building on a box with older pfvar.h installed). Didn't intend to commit it. Requested by: ru (on a C&P to ipfw's Makefile)
*	Removed redundant and unsafe BINDIR redefinition.	ru	2004-07-07	1	-1/+0
\|
*	Commit userland part of pf version 3.5 from OpenBSD (OPENBSD_3_5_BASE).	mlaier	2004-06-16	1	-2/+3
\|
*	Remove advertising clause from University of California Regent's license,	markm	2004-04-09	2	-8/+0
\| \| \| \| \| \|	per letter dated July 22, 1999. Approved by: core, imp
*	Add skeleton build dirs for pf userland:	mlaier	2004-02-28	12	-0/+2285
	libexec/ftp-proxy - ftp proxy for pf sbin/pfctl - equivalent to sbin/ipf sbin/pflogd - deamon logging packets via if_pflog in pcap format usr.sbin/authpf - authentification shell to modify pf rulesets Bring along some altq headers used to satisfy pfctl/authpf compile. This helps to keep the diff down and will make it easy to have a altq-patchset use the full powers of pf. Also make sure that the pf headers are installed. This does not link anything to the build. There will be a NO_PF switch for make.conf once pf userland is linked. Approved by: bms(mentor)