Add AES-GCM software version implementation for IPSec
Modify patch manually to build properly on architectures where this is needed
Bring openssl from 8.4 to include CVE
Update openssl from HEAD
Actually ip_off is locally scoped on a branch so do the math here. This needs to be rivisited with fragmentation support
Use proper var for ipv6
Ticket #3654 add patch to prevent route-to to local subnet of matching interface!
Add patch to fix issue with icmp redirect messages to be sent after a packet has NAT applied.
This should fix Ticket #3666
Make 6rd properly generate and parse packets
Just a display fix to not have people get surprised seeing a /0 netmask
First try at correcting 6rd
Properly report statistics to the GUI
Oops forogt to push this in
Properly update value for v6 and v4
Another shot at fixing the entrystats and entryzero stats
Add info to allow having information gathering properly
Properly list table entry stats
Oops forgotten mac address filling.
Make properly work ipfw command on tables. Also import bin/189471 to print properly ipv4 from tables
Put the new fields before the union to avoid changin macros defining various things.
Oops pass the proper intention
Take in account M_PROTO2 which is used for M_IP6_NEXTHOP which gets cleared as well
Add patch that binds the state to the interface they are created to show properly on states. This is needed since with if-bound states some assumptions done need to be fixed
Initialize variable to avoid having false assignments.
Try to fix it now!
Revert "Back out recent changes to this patch which seem to have broken building on i386 and caused amd64 snaps to not work with pf enabled."
This reverts commit eab013fe08576f0e614fdb56af34715d27a6f489.
Back out recent changes to this patch which seem to have broken building on i386 and caused amd64 snaps to not work with pf enabled.
Make this build adding needed members
Another syntax error
Another missed declaration updating
Correct this argument passing !
Another place missed
Get in speed with IPv6 things.
Fixup forgotten function adaption
Correct handling of tables with mac addresses to be more similar to 2.1 until a proper way to mask addr+mac is found on mix tables.
Make CP work for now by fixing ipfw userland tools. Though due to changes in IPFW handling only ip+mac will really work, so allowed hosts is broken for now. Will fix it soon.
Correct issues with stf panics reported
Ooops fix some typos
Make stf match function work as it should
Try to fix Ticket #3639 for prevent panic.
I hope this is a typo on FreeBSD but this breaks even tcpdump let alone our filterlog.
I hope this is a typo on FreeBSD but this breaks even tcpdump let alone our filterlog. Redid the same mistake as in the morning
Revert "I hope this is a typo on FreeBSD but this breaks even tcpdump let alone our filterlog."
This reverts commit 5a5c7beb8eabbedcb45fcac8590aebf151b29b3b.
Put only this fix rather than compromising the patches files. Spotted-by: Renato
Revert "OOps no more kernel work early morning. Correct pointer to interface"
This reverts commit 404152f31f54bac8c2e4e991021e1ed8a5036707.
OOps no more kernel work early morning. Correct pointer to interface
Make patch apply with latest stable
Merge r264915 which should help with Ticket #3223
The current API for adding rules with pool addresses is the following:
- DIOCADDADDR adds addresses and puts them into V_pf_pabuf- DIOCADDRULE takes all addresses from V_pf_pabuf and links them into rule....
Unbreak kernel build
Get rid of this warning
Correct IPSEC sysctl patch to not have problems. Also add NO_BUILDTOOLCHAIN knob and fix modules list
Revert "Remove redundant redeclarations of this var"
This reverts commit 89edce45e04ee83eefdb757e0ea1cd8cf896725d.
Remove redundant redeclarations of this var
GCC complains about this
Fix pbi rtld patch
Add rtld patch necessary to run modern PBIs
Cleanup all unrelevant files and let them leave in history
Unbreak rulest parsing for dnpipe/dnqueue keywords for dummynet. Sorting is mandatory on the keywords
Fix problems form copy/pasto
Not needed anymore.
Revert "Add a patch for the netstat usitility to compile without oqdrops up to now"
This reverts commit 19746f5a05913098124ae261c909f32ae7e7e0c4.
Add a patch for the netstat usitility to compile without oqdrops up to now
Update the openssl from HEAD with CVE fixes
Correct stf patch for stable/10 from today
Add folders to move patches to since CVS tags are long gone
Drop support for pfSense 2.0 / FreeBSD 8.1
Understand tracker syntax even for antispoof rules
Move the declaration of the tree on top so its defined when needed
Export net.link.pfil to undertand what is happening with the link pfuil hooks to allow CP to work correctly and diagnose it correctly
Restore lost flags during transit
Remove slipped in curly from copy/pasto
Remove space after \ it breaks the macro
Correct moved header in patch
properly save statistics rather than overwriting the active rule ones
spare1 is gone long live spare2
Add missing ;
Correct syslogd patch
Correct schedule lable patch
Correct route.diff
Correct route-to without gw patch
Correct reply-to patch
Correct the pfvar_addr_compare
Correct pfil patch
Correct pf_tags_alloc patch
Correct pf stickies fix patch
correct pf_static_tracker patch
Correct pf_route_daemon_friendly patch
Correct pf_match patch
Correct 802.1p patch
Correct netstat ifname size patch
Correct the menu.4th patch
Correct makefile.inc1 patch
Correct killifstates patch. Probably should be revised to see if it does the right thing in 2.2
correct ip_dstchng patch
Correct if_pfsync patch
Correct if_ethersubr patch
Correct get_altq_tags patch
Correct FAIRQ patch
Correct dummynet patch
Correct diver patch
Correct binat
Correct ALTQ codel