| #
c43829a7 |
|
27-Dec-2023 |
Jose Luis Duran <jlduran@gmail.com> |
netpfil: Fix typo (triple S)
While here, align the comment box.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/955
|
| #
29363fb4 |
|
23-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
sys: Remove ancient SCCS tags.
Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.
Sponsored by: Netflix
|
| #
eba230af |
|
25-Sep-2023 |
John Baldwin <jhb@FreeBSD.org> |
Purge more stray embedded $FreeBSD$ strings
These do not use __FBSDID but instead use bare char arrays.
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D41957
|
| #
71625ec9 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
sys: Remove $FreeBSD$: one-line .c comment pattern
Remove /^/[*/]\s*\$FreeBSD\$.*\n/
|
| #
c47db49b |
|
17-Mar-2022 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter: Support only jails in VNET
Jails without VNET have complete access to the ipfilter rules, NAT,
pools and logs. This is insecure. Only allow jails to manipulate
ipfilter rules, NAT tables and ippools if the jail has its own VNET.
Otherwise a jail can affect the global system.
This patch brings ipfilter in line with ipfw's support of VNET jails and
non-support of non-VNET jails.
MFC after: 1 week
|
| #
445ecc48 |
|
01-Feb-2022 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter: Correct a typo in a comment
MFC after: 3 days
|
| #
896a0153 |
|
12-Jan-2022 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter: Fixup comment
Fix comment documenting checksum block in ip_nat.c. Fastforward doesn't
perform checksum.
MFC after: 1 week
|
| #
6af38b34 |
|
11-Jan-2022 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter: Fix whitespace errors
MFC after: 3 days
|
| #
4b5c0c9b |
|
11-Jan-2022 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter: Correct function description
Correct the parameters descriptions for ipf_fix_outcksum and
ipf_fix_incksum.
MFC after: 3 days
|
| #
70130151 |
|
03-Jan-2022 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter module: Style(9) requires a space after return
Reported by: jrtc27
Fixes: 8c82b37461fa4e60276639df214100fbf559ea6e
MFC after: 1 month
|
| #
b6f072f7 |
|
28-Dec-2021 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter: Unconditionally expose SDT probe frb_natv4in
SDT probe frb_natv4in is only available when an error is encountered.
Make it also available when no error is encountered, i.e. NATed and
not translated.
MFC after: 1 week
|
| #
8c82b374 |
|
21-Dec-2021 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter: Adjust kernel module returns to conform to style(9)
Adjust ipfilter's kernel module return statements to conform to style(9).
MFC after: 1 month
|
| #
064a5a95 |
|
20-Dec-2021 |
Cy Schubert <cy@FreeBSD.org> |
ipflter: ANSIfy kernel function declarations
Convert ipfilter kernel function declarations from K&R to ANSI. This
syncs our function declarations with NetBSD hg commit 75edcd7552a0
(apply our changes). Though not copied from NetBSD, this change was
partially inspired by NetBSD's work and inspired by style(9).
Reviewed by: glebius (for #network)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D33595
|
| #
3b9b51fe |
|
15-Dec-2021 |
Cy Schubert <cy@FreeBSD.org> |
ipfilter: Move kernel bits to netpfil
Through fixes and improvements our ipfilter sources have diverged
enough to warrant move from contrib into sys/netpil. Now that I'm
planning on implementing MSS clamping as in iptables it makes more
sense to move ipfilter to netpfil.
This is the first of three commits the ipfilter move.
Suggested by glebius on two occaions.
Suggested by and discussed with: glebius
Reviewed by: glebius, kp (for #network)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D33510
|