| Commit message (Expand) | Author | Age | Files | Lines |
* | Allow the network addresses and interface names for the "client" and | John Baldwin | 2008-08-15 | 1 | -6/+15 |
* | For the "client" and "simple" network types, collapse the separate "net" | John Baldwin | 2008-08-15 | 1 | -14/+11 |
* | Use 'me' rather than explicit IP addresses for the "simple" and "client" | John Baldwin | 2008-08-15 | 1 | -12/+9 |
* | - back out my last commit as it seems to be wrong. | Daniel Gerzo | 2008-08-03 | 1 | -2/+0 |
* | - dns queries might go also over TCP, so allow it. | Daniel Gerzo | 2008-07-17 | 1 | -0/+2 |
* | Tweak rc.firewall to allow incoming limited broadcast traffic, | Giorgos Keramidas | 2008-06-06 | 1 | -0/+3 |
* | Improve kernel NAT support in rc.firewall | Rong-En Fan | 2008-01-21 | 1 | -1/+7 |
* | o Correct an info about "Firewalls and Internet Security" book: name, | Maxim Konovalov | 2008-01-12 | 1 | -7/+6 |
* | s/IPFW(4)/ipfw(4) to match the actual man page name. | Robert Watson | 2007-04-05 | 1 | -1/+1 |
* | In rc.firewall, make it clear that this is the setup for IPFW(4), and not | Robert Watson | 2007-04-02 | 1 | -1/+1 |
* | Summer of Code 2005: improve libalias - part 2 of 2 | Paolo Pisati | 2006-12-29 | 1 | -0/+8 |
* | Give rc.firewall a polish and a new method. | Poul-Henning Kamp | 2006-10-28 | 1 | -16/+107 |
* | don't match packets other than IPv4 against divert rule. | Hajimu UMEMOTO | 2005-11-18 | 1 | -1/+1 |
* | DNS should not necessarily be named(8), tweak the comment a bit. | Ruslan Ermilov | 2003-11-02 | 1 | -1/+1 |
* | Add a header: #!/bin/sh. | Tom Rhodes | 2003-02-06 | 1 | -0/+1 |
* | Bring rc.firewall{,6} more in line with the word and spirit of | Crist J. Clark | 2002-02-21 | 1 | -7/+17 |
* | Remove a stale entry related to passing ARP with bridging and ipfw. | Luigi Rizzo | 2001-12-27 | 1 | -2/+0 |
* | Sync the code that sucks in rc.conf and friends with what's in | Dima Dorfman | 2001-08-14 | 1 | -5/+7 |
* | style nit | David E. O'Brien | 2001-03-06 | 1 | -1/+1 |
* | Also deny 127.0.0.0/8 going out. | David E. O'Brien | 2001-03-05 | 1 | -1/+2 |
* | Fix references to Chapman & Zwicky and Cheswick & Bellowin. | Dag-Erling Smørgrav | 2001-02-25 | 1 | -3/+5 |
* | Fix some glaring insecurities in the prototype firewall configurations. | Nick Sayer | 2001-02-20 | 1 | -8/+4 |
* | Add copyright notices. Other systems have been barrowing our /etc files | David E. O'Brien | 2000-10-08 | 1 | -2/+29 |
* | Only install `divert natd' rule for predefined firewall types, | Ruslan Ermilov | 2000-08-30 | 1 | -3/+1 |
* | Make natd(8) "compatible" with firewall_type="simple". | Ruslan Ermilov | 2000-08-04 | 1 | -17/+46 |
* | Update rev 1.29 -- 'draft-manning-dsua' is now in its 3rd version. | David E. O'Brien | 2000-07-30 | 1 | -1/+3 |
* | Add an explicit rule number to natd so you do not end up with two | Paul Saab | 2000-05-08 | 1 | -1/+1 |
* | Add to defaults/rc.conf a new function source_rc_confs which rc | Sheldon Hearn | 2000-04-27 | 1 | -0/+1 |
* | Back out the hook to execute the file ${firewall_type}. The intended | Brian S. Dean | 2000-04-27 | 1 | -3/+1 |
* | Allow the firewall rules to be established by a shell script instead | Brian S. Dean | 2000-04-16 | 1 | -1/+3 |
* | Add a firewall_flags option that is used when ipfw processes a file. It allows | Paul Richards | 2000-02-06 | 1 | -1/+1 |
* | Update this with the additional nets recomended by reading | Rodney W. Grimes | 2000-01-28 | 1 | -14/+26 |
* | Minor whitespace fix. | David E. O'Brien | 1999-12-04 | 1 | -2/+1 |
* | Pass IP fragments with non-zero offset. The semantics of matching | Ruslan Ermilov | 1999-11-04 | 1 | -0/+6 |
* | Add commented entry to the lo0 section inviting bridge users to | Nick Sayer | 1999-10-24 | 1 | -0/+2 |
* | Allow for incoming DNS UDP queries. | Ruslan Ermilov | 1999-10-20 | 1 | -0/+2 |
* | Fix a typo in a comment. | Mike Pritchard | 1999-09-30 | 1 | -1/+1 |
* | Apply a consistent style to most of the etc scripts. Particularly, use | Sheldon Hearn | 1999-09-13 | 1 | -115/+138 |
* | $Id$ -> $FreeBSD$ | Peter Wemm | 1999-08-27 | 1 | -1/+1 |
* | Style clean-up: | Sheldon Hearn | 1999-08-25 | 1 | -39/+39 |
* | Use /etc/defaults/rc.conf everywhere, falling back to /etc/rc.conf | Jordan K. Hubbard | 1999-02-10 | 1 | -2/+5 |
* | Strengthen the rules governing the 127.0.0.0/8 subnet. The previous rules | Alexander Langer | 1998-04-25 | 1 | -3/+3 |
* | Add natd support. | Brian Somers | 1998-04-18 | 1 | -1/+10 |
* | Better RFC1918 network protection | Poul-Henning Kamp | 1998-04-15 | 1 | -1/+4 |
* | get default firewall type from rc.conf | Adam David | 1998-02-10 | 1 | -1/+5 |
* | MF22 - make firewall_type a little more robust | Daniel O'Callaghan | 1997-10-21 | 1 | -9/+6 |
* | Fix some problems in the rules file loading and need for modload detection. | Daniel O'Callaghan | 1997-09-18 | 1 | -2/+2 |
* | Reviewed by: msmith, alex | Daniel O'Callaghan | 1997-09-11 | 1 | -44/+60 |
* | Add inetd_flags and way of passing ipfw a configuration file | Jordan K. Hubbard | 1997-05-05 | 1 | -4/+9 |
* | Update the etc world from RELENG_2_2 which is now more up-to-date | Jordan K. Hubbard | 1997-05-03 | 1 | -5/+3 |