| #
ae711728 |
| 15-Jan-2020 |
sashan <sashan@openbsd.org> |
Enable pfctl(8) to recursively flush rules and tables from PF driver. The
recursive operation ("pfctl -a '*' ...") works for '-s' option already. This
change enables the same thing for '-F' option,
Enable pfctl(8) to recursively flush rules and tables from PF driver. The
recursive operation ("pfctl -a '*' ...") works for '-s' option already. This
change enables the same thing for '-F' option, so "pfctl -a '*' -Fa" will flush
everything from PF driver.
The idea was discussed with many on tech@ in spring 2019.
OK kn@
show more ...
|
| #
df69c215 |
| 28-Jun-2019 |
deraadt <deraadt@openbsd.org> |
When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if
When system calls indicate an error they return -1, not some arbitrary
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
show more ...
|
| #
ebcede56 |
| 28-May-2017 |
akfaew <akfaew@openbsd.org> |
print_ioctl() is unused if not debugging. Found with clang, after
marking the function "static". Use OSFP_DEBUG, in a similar
fashion to OPT_DEBUG (pfctl_optimize.c).
OK bluhm@
|
| #
62e33eb2 |
| 27-May-2017 |
akfaew <akfaew@openbsd.org> |
Move includes.
This reduces the diff with usr.sbin/tcpdump/pfctl_osfp.c. The change
from tcpdump is newer, so change pfctl. No binary change.
OK deraadt@
|
| #
5ce950de |
| 10-Dec-2015 |
mmcc <mmcc@openbsd.org> |
Remove NULL-checks before free(). ok tb@
|
| #
68928c43 |
| 21-Jan-2015 |
deraadt <deraadt@openbsd.org> |
Include <netinet/in.h> before <net/pfvar.h>. In a future change when
ports is ready, <net/pfvar.h> will stop including a pile of balony.
|
| #
b9fc9a72 |
| 16-Jan-2015 |
deraadt <deraadt@openbsd.org> |
Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_N
Replace <sys/param.h> with <limits.h> and other less dirty headers where
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
show more ...
|
| #
13a4c6fc |
| 25-Oct-2014 |
lteo <lteo@openbsd.org> |
Remove unnecessary netinet/in_systm.h include.
ok millert@
|
| #
025f5691 |
| 22-Nov-2013 |
deraadt <deraadt@openbsd.org> |
Whole bunch of (unsigned char) casts carefully added for ctype calls.
Careful second audit by millert
|
| #
c735457b |
| 18-Oct-2010 |
deraadt <deraadt@openbsd.org> |
Revert non-compatible and undocumented bullshit commited by 3 developers
who decided to just do it on their own. henning, mcbride, jsing -- shame
on you -- if you had shown this diff to just 1 other
Revert non-compatible and undocumented bullshit commited by 3 developers
who decided to just do it on their own. henning, mcbride, jsing -- shame
on you -- if you had shown this diff to just 1 other network developer,
the astounding mistake in it would have been noticed. Start practicing
inclusionary development instead of going alone.
ok claudio
show more ...
|
| #
daab1a96 |
| 17-Oct-2010 |
jsing <jsing@openbsd.org> |
Add quirks support to operating system fingerprinting. tcpdump part
by mcbride@.
ok mcbride@ henning@
|
| #
855d4e83 |
| 24-Dec-2009 |
sobrado <sobrado@openbsd.org> |
spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.h
as neither arrayified not arrayfied exist -- sanctioned dictionaries
like Merriam-Webster ones suggest a few alternatives (e.g.,
spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.h
as neither arrayified not arrayfied exist -- sanctioned dictionaries
like Merriam-Webster ones suggest a few alternatives (e.g., arrayed),
however these made up words are easy to understand and we are not
certain that current ones are not ok.
ok jmc@
show more ...
|
| #
02b3961b |
| 13-Dec-2006 |
itojun <itojun@openbsd.org> |
IPv6 passive OS fingerprinting.
reuses IPv4 signature file (assuming that TCP code is shared among IPv4/v6).
mcbride ok.
|
| #
36188974 |
| 08-Apr-2006 |
ray <ray@openbsd.org> |
Plug simple memory leak. ``Don't forget to free tcpopts when you
are done.''
From NetBSD from Coverity CID 2057.
OK henning@ and jaredy@
|
| #
6fe0b8a6 |
| 12-Nov-2005 |
deraadt <deraadt@openbsd.org> |
return; at end of function is dorky
|
| #
0f4593ea |
| 17-Feb-2005 |
aaron <aaron@openbsd.org> |
Fix indentation as to not mislead the code reader. No functional change.
|
| #
7de74775 |
| 29-Dec-2004 |
mcbride <mcbride@openbsd.org> |
Make sure that fingerprint_count gets reset to 0 correctly when we flush
our list of fingerprints.
ok dhartmei@ henning@ frantzen@
|
| #
5f9ab238 |
| 19-Dec-2004 |
deraadt <deraadt@openbsd.org> |
use strchr instead of index
|
| #
23acd4fd |
| 09-Apr-2004 |
cedric <cedric@openbsd.org> |
Do not try to load directories. found+ok mpech@
|
| #
c4cbfd5d |
| 27-Feb-2004 |
henning <henning@openbsd.org> |
make pfctl -s all a bit more useful again by not printing a lllooooooottttt of
OS fingerprints and a list of interface drivers...
cedric deraadt ok
|
| #
09062ecf |
| 10-Feb-2004 |
dhartmei <dhartmei@openbsd.org> |
KNF
|
| #
ab642153 |
| 10-Feb-2004 |
henning <henning@openbsd.org> |
KNF
|
| #
c5b6504f |
| 29-Jan-2004 |
mcbride <mcbride@openbsd.org> |
Clean up 'pfctl -s all' output.
ok deraadt@ henning@
|
| #
71ae3b3a |
| 27-Aug-2003 |
frantzen <frantzen@openbsd.org> |
kill dangling 'else'. fixes modulus in W and M TCP options
|
| #
c6ce930e |
| 22-Aug-2003 |
david <david@openbsd.org> |
pf spelling police
ok dhartmei@ jmc@
|