#
ae711728 |
| 15-Jan-2020 |
sashan <sashan@openbsd.org> |
Enable pfctl(8) to recursively flush rules and tables from PF driver. The recursive operation ("pfctl -a '*' ...") works for '-s' option already. This change enables the same thing for '-F' option,
Enable pfctl(8) to recursively flush rules and tables from PF driver. The recursive operation ("pfctl -a '*' ...") works for '-s' option already. This change enables the same thing for '-F' option, so "pfctl -a '*' -Fa" will flush everything from PF driver.
The idea was discussed with many on tech@ in spring 2019.
OK kn@
show more ...
|
#
df69c215 |
| 28-Jun-2019 |
deraadt <deraadt@openbsd.org> |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
show more ...
|
#
ebcede56 |
| 28-May-2017 |
akfaew <akfaew@openbsd.org> |
print_ioctl() is unused if not debugging. Found with clang, after marking the function "static". Use OSFP_DEBUG, in a similar fashion to OPT_DEBUG (pfctl_optimize.c).
OK bluhm@
|
#
62e33eb2 |
| 27-May-2017 |
akfaew <akfaew@openbsd.org> |
Move includes.
This reduces the diff with usr.sbin/tcpdump/pfctl_osfp.c. The change from tcpdump is newer, so change pfctl. No binary change.
OK deraadt@
|
#
5ce950de |
| 10-Dec-2015 |
mmcc <mmcc@openbsd.org> |
Remove NULL-checks before free(). ok tb@
|
#
68928c43 |
| 21-Jan-2015 |
deraadt <deraadt@openbsd.org> |
Include <netinet/in.h> before <net/pfvar.h>. In a future change when ports is ready, <net/pfvar.h> will stop including a pile of balony.
|
#
b9fc9a72 |
| 16-Jan-2015 |
deraadt <deraadt@openbsd.org> |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_N
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
show more ...
|
#
13a4c6fc |
| 25-Oct-2014 |
lteo <lteo@openbsd.org> |
Remove unnecessary netinet/in_systm.h include.
ok millert@
|
#
025f5691 |
| 22-Nov-2013 |
deraadt <deraadt@openbsd.org> |
Whole bunch of (unsigned char) casts carefully added for ctype calls. Careful second audit by millert
|
#
c735457b |
| 18-Oct-2010 |
deraadt <deraadt@openbsd.org> |
Revert non-compatible and undocumented bullshit commited by 3 developers who decided to just do it on their own. henning, mcbride, jsing -- shame on you -- if you had shown this diff to just 1 other
Revert non-compatible and undocumented bullshit commited by 3 developers who decided to just do it on their own. henning, mcbride, jsing -- shame on you -- if you had shown this diff to just 1 other network developer, the astounding mistake in it would have been noticed. Start practicing inclusionary development instead of going alone. ok claudio
show more ...
|
#
daab1a96 |
| 17-Oct-2010 |
jsing <jsing@openbsd.org> |
Add quirks support to operating system fingerprinting. tcpdump part by mcbride@.
ok mcbride@ henning@
|
#
855d4e83 |
| 24-Dec-2009 |
sobrado <sobrado@openbsd.org> |
spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.h as neither arrayified not arrayfied exist -- sanctioned dictionaries like Merriam-Webster ones suggest a few alternatives (e.g.,
spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.h as neither arrayified not arrayfied exist -- sanctioned dictionaries like Merriam-Webster ones suggest a few alternatives (e.g., arrayed), however these made up words are easy to understand and we are not certain that current ones are not ok.
ok jmc@
show more ...
|
#
02b3961b |
| 13-Dec-2006 |
itojun <itojun@openbsd.org> |
IPv6 passive OS fingerprinting. reuses IPv4 signature file (assuming that TCP code is shared among IPv4/v6). mcbride ok.
|
#
36188974 |
| 08-Apr-2006 |
ray <ray@openbsd.org> |
Plug simple memory leak. ``Don't forget to free tcpopts when you are done.''
From NetBSD from Coverity CID 2057.
OK henning@ and jaredy@
|
#
6fe0b8a6 |
| 12-Nov-2005 |
deraadt <deraadt@openbsd.org> |
return; at end of function is dorky
|
#
0f4593ea |
| 17-Feb-2005 |
aaron <aaron@openbsd.org> |
Fix indentation as to not mislead the code reader. No functional change.
|
#
7de74775 |
| 29-Dec-2004 |
mcbride <mcbride@openbsd.org> |
Make sure that fingerprint_count gets reset to 0 correctly when we flush our list of fingerprints.
ok dhartmei@ henning@ frantzen@
|
#
5f9ab238 |
| 19-Dec-2004 |
deraadt <deraadt@openbsd.org> |
use strchr instead of index
|
#
23acd4fd |
| 09-Apr-2004 |
cedric <cedric@openbsd.org> |
Do not try to load directories. found+ok mpech@
|
#
c4cbfd5d |
| 27-Feb-2004 |
henning <henning@openbsd.org> |
make pfctl -s all a bit more useful again by not printing a lllooooooottttt of OS fingerprints and a list of interface drivers... cedric deraadt ok
|
#
09062ecf |
| 10-Feb-2004 |
dhartmei <dhartmei@openbsd.org> |
KNF
|
#
ab642153 |
| 10-Feb-2004 |
henning <henning@openbsd.org> |
KNF
|
#
c5b6504f |
| 29-Jan-2004 |
mcbride <mcbride@openbsd.org> |
Clean up 'pfctl -s all' output.
ok deraadt@ henning@
|
#
71ae3b3a |
| 27-Aug-2003 |
frantzen <frantzen@openbsd.org> |
kill dangling 'else'. fixes modulus in W and M TCP options
|
#
c6ce930e |
| 22-Aug-2003 |
david <david@openbsd.org> |
pf spelling police ok dhartmei@ jmc@
|