summaryrefslogtreecommitdiffstats
path: root/sys/netinet/ip_fw2.c
Commit message (Expand)AuthorAgeFilesLines
* When unloading ipfw module use callout_drain() to make absolutely sure thatandre2004-08-191-1/+1
* Do not unconditionally ignore IPDIVERT and IPFIREWALL_FORWARD when buildingandre2004-08-191-2/+0
* Bring back the sysctl 'net.inet.ip.fw.enable' to unbreak the startup scriptsandre2004-08-191-0/+3
* Convert ipfw to use PFIL_HOOKS. This is change is transparent to userlandandre2004-08-171-51/+14
* Add the ability to associate ipfw rules with a specific prison ID.csjp2004-08-121-1/+9
* Only invoke verify_path() for verrevpath and versrcreach when we have an IP p...andre2004-08-111-4/+4
* New ipfw option "antispoof":andre2004-08-091-0/+11
* Extend versrcreach by checking against the rt_flags for RTF_REJECT andandre2004-07-211-0/+6
* Make M_SKIP_FIREWALL a global (and semantic) flag, preventing anything fromjmallett2004-07-171-12/+0
* Do a pass over all modules in the kernel and make them return EOPNOTSUPPphk2004-07-151-0/+1
* When asserting non-Giant locks in the network stack, also assertrwatson2004-06-241-1/+4
* Modify ip fw so that whenever UID or GID constraints exist in acsjp2004-06-111-30/+77
* init_tables() must be run after sys/net/route.c:route_init().ru2004-06-101-1/+4
* Introduce a new feature to IPFW2: lookup tables. These are usefulru2004-06-091-1/+324
* Add some missing <sys/module.h> includes which are masked by thephk2004-05-301-0/+1
* Add a super-user check to ipfw_ctl() to make sure that the callingcsjp2004-05-251-0/+4
* Add the option versrcreach to verify that a valid route to theandre2004-04-231-7/+31
* Re-remove MT_TAGs. The problems with dummynet have been fixed now.mlaier2004-02-251-5/+25
* Backout MT_TAG removal (i.e. bring back MT_TAGs) for now, as dummynet ismlaier2004-02-181-25/+5
* This set of changes eliminates the use of MT_TAG "pseudo mbufs", replacingmlaier2004-02-131-5/+25
* NULL is not 0.ume2003-12-241-1/+1
* o IN_MULTICAST wants an address in host byte order.maxim2003-12-161-1/+1
* Include opt_ipsec.h so IPSEC/FAST_IPSEC is defined and the appropriatesam2003-12-021-0/+1
* Fix verify_rev_path() function. The author of this function tried toandre2003-11-271-13/+7
* Correct a problem where ipfw-generated packets were being returnedsam2003-11-241-5/+9
* Use MPSAFE callouts only when debug.mpsafenet is 1. Both timer routinessam2003-11-231-1/+1
* Introduce tcp_hostcache and remove the tcp specific metrics fromandre2003-11-201-3/+6
* Remove RTF_PRCLONING from routing table and adjust users of itandre2003-11-201-1/+1
* Fix an arguments order in check_uidgid() call.maxim2003-11-201-2/+2
* Remove the global one-level rtcache variable and associatedandre2003-11-141-6/+1
* Move uid/gid checking logic out of line and lock inpcb usage. Thissam2003-11-071-40/+60
* use ipsec_getnhist() instead of obsoleted ipsec_gethist().ume2003-11-071-1/+1
* Replace the if_name and if_unit members of struct ifnet with new membersbrooks2003-10-311-8/+9
* Malloc buckets of size 128 have been having their 64-byte offsetmckusick2003-10-161-4/+7
* Bandaid locking change: mark static rule mutex recursive so re-entry whensam2003-09-171-1/+2
* Add locking.sam2003-09-171-164/+309
* Allow set 31 to be used for rules other than 65535.luigi2003-07-151-23/+27
* Implement comments embedded into ipfw2 instructions.luigi2003-07-121-1/+1
* Merge the handlers of O_IP_SRC_MASK and O_IP_DST_MASK opcodes, andluigi2003-07-081-17/+13
* Implement the 'ipsec' option to match packets coming out of an ipsec tunnel.luigi2003-07-041-0/+16
* whitespace fixluigi2003-06-281-1/+1
* Remove whitespace at end of line.luigi2003-06-231-4/+4
* Add support for multiple values and ranges for the "iplen", "ipttl",luigi2003-06-221-12/+29
* Change handling to support strong alignment architectures such as alpha andticso2003-06-041-6/+15
* Account for packets processed at layer-2 (i.e. net.link.ether.ipfw=1).kbyanc2003-06-021-3/+6
* Add a 'verrevpath' option that verifies the interface that a packetcjc2003-03-151-0/+50
* Back out M_* changes, per decision of the TRB.imp2003-02-191-2/+2
* o Fix ipfw uid rules: socheckuid() returns 0 when uid matches a socketmaxim2003-02-171-2/+2
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.alfred2003-01-211-2/+2
* If the first action is O_LOG adjust a pointer to the real one, unbreaksmaxim2003-01-201-0/+2
OpenPOWER on IntegriCloud