talexander
/
freebsd_amp_hwpstate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
13,194 Commits 2 Branches 0 Tags 1.5 GiB
Commit Graph

17 Commits

Author SHA1 Message Date
Poul-Henning Kamp 09bb5f7589 Make getsockopt() capable of handling more than one mbuf worth of data. 
Use this to read rules out of ipfw.
Add the lkm code to ipfw.c
 1996-02-24 13:38:28 +00:00
Poul-Henning Kamp b83e431483 The new firewall functionality: 
Filter on the direction (in/out).
	Filter on fragment/not fragment.
 1996-02-24 00:17:35 +00:00
Poul-Henning Kamp e7319bab6b Big sweep over the IPFIREWALL and IPACCT code. 
Close the ip-fragment hole.
Waste less memory.
Rewrite to contemporary more readable style.
Kill separate IPACCT facility, use "accept" rules in IPFIREWALL.
Filter incoming >and< outgoing packets.
Replace "policy" by sticky "deny all" rule.
Rules have numbers used for ordering and deletion.
Remove "rerorder" code entirely.
Count packet & bytecount matches for rules.

Code in -current & -stable is now the same.
 1996-02-23 15:47:58 +00:00
Ugen J.S. Antsilevich 37afa1e829 Well..finally..this is the first part..it should take care of 
matching IP options..Check and test this - i made only a couple
of rough tests and this could be buggy.. Ipaccounting can't use
IP Options (and i don't see any need to cound packets with specific
options either..)
More to come...
 1995-10-01 21:52:50 +00:00
David Greenman f70b105004 Added $Id$. 1995-07-23 05:36:31 +00:00
David Greenman c6e8c3576e Fixed panic that occurs on certain firewall rejected packets that was 
caused by dtom() being used on an mbuf cluster. The fix involves passing
around the mbuf pointer.

Submitted by:	Bill Fenner
 1995-07-09 14:29:46 +00:00
Rodney W. Grimes 9b2e535452 Remove trailing whitespace. 1995-05-30 08:16:23 +00:00
Ugen J.S. Antsilevich 29fe22b93f Allow "via" to be specified ever as IP adress or 
as interface name/unit...
 1995-02-24 14:33:54 +00:00
Ugen J.S. Antsilevich 4dd1662b4c Actual firewall change. 
1) Firewall is not subdivided on forwarding / blocking chains
   anymore.Actually only one chain left-it was the blocking one.
2) LKM support.ip_fwdef.c is function pointers definition and
goes into kernel along with all INET stuff.
 1995-01-12 13:06:32 +00:00
Ugen J.S. Antsilevich 3107b31b8d Add clear one accounting entry control. 
Structure fields changed to seem more standart.
 1994-12-13 15:57:34 +00:00
Ugen J.S. Antsilevich 10a642bb05 Add match by interface from which packet arrived (via) 
Handle right fragmented packets. Remove checking option
from kernel..
 1994-12-12 17:20:55 +00:00
Ugen J.S. Antsilevich c334f8666a Added: ICMP reply,TCP SYN check,logging.. 1994-11-28 12:35:14 +00:00
Jordan K. Hubbard 63f8d699ac Ugen J.S.Antsilevich's latest, happiest, IP firewall code. 
Poul:  Please take this into BETA.  It's non-intrusive, and a rather
substantial improvement over what was there before.
 1994-11-16 10:17:11 +00:00
Jordan K. Hubbard dbdc296687 Ugen makes it in with 10 seconds to spare with a one-char diff. Some 
people are born lucky..
Submitted by:	ugen
 1994-11-08 14:25:17 +00:00
Jordan K. Hubbard 72e8fea57e Almost 12th hour (the 11th hour was almost an hour ago :-) patches 
from Ugen.
 1994-11-08 12:47:29 +00:00
Jordan K. Hubbard 0a87b23329 Latest changes from Uben. 
Submitted by:	uben
 1994-10-31 23:58:04 +00:00
Jordan K. Hubbard 100ba1a617 IP Firewall code from Daniel Boulet and J.S.Antsilevich 
Submitted by:	danny ugen
 1994-10-28 15:09:49 +00:00