![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / authpf
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.129 / (download) - annotate - [select for diffs], Fri Jan 28 06:33:26 2022 UTC (2 years, 4 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
HEAD
Changes since 1.128: +2 -2 lines
Diff to previous 1.128 (colored)
When it's the possessive of 'it', it's spelled "its", without the apostrophe.
Revision 1.128 / (download) - annotate - [select for diffs], Fri Jun 28 13:32:47 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.127: +10 -10 lines
Diff to previous 1.127 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.127 / (download) - annotate - [select for diffs], Thu Apr 26 12:42:51 2018 UTC (6 years, 1 month ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.126: +2 -2 lines
Diff to previous 1.126 (colored)
Use <fcntl.h> instead of <sys/file.h> for open() and friends. Delete a bunch of unnecessary #includes and sort to match style(9) while doing the above cleanup. ok deraadt@ krw@
Revision 1.126 / (download) - annotate - [select for diffs], Tue Jan 16 17:07:49 2018 UTC (6 years, 4 months ago) by cheloha
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.125: +5 -5 lines
Diff to previous 1.125 (colored)
Use the monotonic clock to compute the session duration. Ensures the correct duration is logged even if the system time is changed during the session. ok jca@
Revision 1.125 / (download) - annotate - [select for diffs], Tue Mar 29 14:53:27 2016 UTC (8 years, 2 months ago) by mestre
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.124: +2 -2 lines
Diff to previous 1.124 (colored)
- Add missing goto in order to avoid a dereference of a null object - While here remove lint comment OK millert@
Revision 1.124 / (download) - annotate - [select for diffs], Tue Dec 8 07:11:53 2015 UTC (8 years, 6 months ago) by mmcc
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.123: +3 -5 lines
Diff to previous 1.123 (colored)
Remove a NULL-check before free().
Revision 1.123 / (download) - annotate - [select for diffs], Wed Jan 21 21:50:32 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.122: +3 -2 lines
Diff to previous 1.122 (colored)
Include <netinet/in.h> before <net/pfvar.h>. In a future change when ports is ready, <net/pfvar.h> will stop including a pile of balony.
Revision 1.122 / (download) - annotate - [select for diffs], Thu Jan 15 23:59:28 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
Changes since 1.121: +8 -8 lines
Diff to previous 1.121 (colored)
switch to PATH_MAX
Revision 1.121 / (download) - annotate - [select for diffs], Wed Oct 8 02:11:54 2014 UTC (9 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.120: +2 -2 lines
Diff to previous 1.120 (colored)
remove stupid cast
Revision 1.120 / (download) - annotate - [select for diffs], Wed Apr 2 02:12:24 2014 UTC (10 years, 2 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.119: +2 -2 lines
Diff to previous 1.119 (colored)
use setresgid() ok guenther millert
Revision 1.119 / (download) - annotate - [select for diffs], Tue Apr 2 06:04:50 2013 UTC (11 years, 2 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.118: +3 -3 lines
Diff to previous 1.118 (colored)
Handle big time_t ok deraadt@
Revision 1.118 / (download) - annotate - [select for diffs], Sat Jan 19 16:58:16 2013 UTC (11 years, 4 months ago) by miod
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.117: +6 -6 lines
Diff to previous 1.117 (colored)
fix build with gcc 2
Revision 1.117 / (download) - annotate - [select for diffs], Tue Jan 15 23:03:37 2013 UTC (11 years, 4 months ago) by beck
Branch: MAIN
Changes since 1.116: +14 -2 lines
Diff to previous 1.116 (colored)
Per group support for authpf rules files in /etc/authpf/groups. largely by Frank Timmers <frankt@smurfnet.eu> with fixups by me and jmc@.
Revision 1.116 / (download) - annotate - [select for diffs], Sat Jul 7 12:55:29 2012 UTC (11 years, 11 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.115: +6 -2 lines
Diff to previous 1.115 (colored)
Fix file descriptor leak reported by someone on the mailing list long time ago. OK beck@
Revision 1.115 / (download) - annotate - [select for diffs], Thu Sep 2 14:01:04 2010 UTC (13 years, 9 months ago) by sobrado
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.114: +6 -6 lines
Diff to previous 1.114 (colored)
remove trailing spaces and tabs; no binary change. written with help from henning@, who suggested ensuring that there are no changes in the digests for object files, thanks! ok henning@
Revision 1.114 / (download) - annotate - [select for diffs], Wed Jan 27 15:36:17 2010 UTC (14 years, 4 months ago) by todd
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.113: +12 -2 lines
Diff to previous 1.113 (colored)
search for authpf.message in $USER dirs also from Rafal Bisingier ravbc at man dot pozman dot pl, ok beck@
Revision 1.113 / (download) - annotate - [select for diffs], Mon Nov 23 00:47:56 2009 UTC (14 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.112: +7 -11 lines
Diff to previous 1.112 (colored)
Make the tree compile again. Henning and I are both quite sure this is correct.
Revision 1.112 / (download) - annotate - [select for diffs], Sat Jan 10 19:08:53 2009 UTC (15 years, 5 months ago) by miod
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.111: +3 -1 lines
Diff to previous 1.111 (colored)
Uninitialized variable introduced in 1.110.
Revision 1.111 / (download) - annotate - [select for diffs], Sat Jan 10 17:17:32 2009 UTC (15 years, 5 months ago) by todd
Branch: MAIN
Changes since 1.110: +2 -2 lines
Diff to previous 1.110 (colored)
variable declaration before use, found by vax, no cookie
Revision 1.110 / (download) - annotate - [select for diffs], Tue Jan 6 03:11:50 2009 UTC (15 years, 5 months ago) by mcbride
Branch: MAIN
Changes since 1.109: +46 -7 lines
Diff to previous 1.109 (colored)
Support group and login class in authpf.allow (%<group>, @<class>) ok beck
Revision 1.109 / (download) - annotate - [select for diffs], Tue Oct 7 17:27:17 2008 UTC (15 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.108: +20 -15 lines
Diff to previous 1.108 (colored)
protect better against races from incoming signals; slightly changed from 5394 by tracking the fd instead of the fp. ok beck
Revision 1.108 / (download) - annotate - [select for diffs], Sun Oct 5 21:10:14 2008 UTC (15 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.107: +2 -2 lines
Diff to previous 1.107 (colored)
grammar; PR 5394
Revision 1.107 / (download) - annotate - [select for diffs], Thu Feb 14 01:49:17 2008 UTC (16 years, 3 months ago) by mcbride
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.106: +28 -14 lines
Diff to previous 1.106 (colored)
Add authpf-noip, which allows multiple users to connect from a single IP; forces users to write sane rulesets for this by not providing $user_ip or updating the authpf table. testing and prodding by mtu, manpage heavily worked over by jmc ok beck dhartmei henning
Revision 1.106 / (download) - annotate - [select for diffs], Fri Feb 1 07:08:03 2008 UTC (16 years, 4 months ago) by mcbride
Branch: MAIN
Changes since 1.105: +114 -75 lines
Diff to previous 1.105 (colored)
Clean anchors recursively and directly via ioctls rather than using pfctl with '-f /dev/null'. Properly clears the user's anchor even when anchors are nested inside it (And avoids having to fork() on exit to run pfctl) ok beck@, with testing by mtu@
Revision 1.105 / (download) - annotate - [select for diffs], Tue Sep 25 11:20:34 2007 UTC (16 years, 8 months ago) by chl
Branch: MAIN
Changes since 1.104: +3 -1 lines
Diff to previous 1.104 (colored)
handle empty strings returned by fgets ok ray@
Revision 1.104 / (download) - annotate - [select for diffs], Sat Feb 24 17:35:08 2007 UTC (17 years, 3 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.103: +7 -3 lines
Diff to previous 1.103 (colored)
exit right away if the config file isn't there, rather than doing a whole bunch of needless screwing around noticed by Stefan Krah <stefan-usenet@bytereef.org>
Revision 1.103 / (download) - annotate - [select for diffs], Sat Feb 24 17:21:04 2007 UTC (17 years, 3 months ago) by beck
Branch: MAIN
Changes since 1.102: +12 -21 lines
Diff to previous 1.102 (colored)
license + copyright
Revision 1.102 / (download) - annotate - [select for diffs], Sat Feb 24 17:14:26 2007 UTC (17 years, 3 months ago) by beck
Branch: MAIN
Changes since 1.101: +9 -15 lines
Diff to previous 1.101 (colored)
Pr 5395 from Stefan Krah <stefan-usenet@bytereef.org> cleanup: remove unused arg no need to clear locals return -1 to allow pid cleanup to happen if fork fails
Revision 1.101 / (download) - annotate - [select for diffs], Thu Feb 22 21:54:23 2007 UTC (17 years, 3 months ago) by beck
Branch: MAIN
Changes since 1.100: +1 -3 lines
Diff to previous 1.100 (colored)
this ftruncate is really not needed now, if we're just unlinking. ok millert@
Revision 1.100 / (download) - annotate - [select for diffs], Thu Feb 22 21:15:41 2007 UTC (17 years, 3 months ago) by beck
Branch: MAIN
Changes since 1.99: +6 -7 lines
Diff to previous 1.99 (colored)
close 5389 and 5390, unused variable and a chance to unlink the pidfile without lock if we couldn't kill a preexisting authpf process. spotted by Stefan Krah <sfk1@bigfoot.com>.
Revision 1.99 / (download) - annotate - [select for diffs], Wed Aug 9 16:21:39 2006 UTC (17 years, 10 months ago) by dhartmei
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.98: +2 -2 lines
Diff to previous 1.98 (colored)
handle SIGQUIT instead of SIGSTOP, from Stefan Krah
Revision 1.98 / (download) - annotate - [select for diffs], Fri Mar 17 22:00:27 2006 UTC (18 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.97: +3 -1 lines
Diff to previous 1.97 (colored)
FILE * leak
Revision 1.97 / (download) - annotate - [select for diffs], Tue Mar 14 21:45:14 2006 UTC (18 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.96: +3 -2 lines
Diff to previous 1.96 (colored)
fix incorrect sizeof(), spotted by ckuethe ok deraadt@
Revision 1.89.2.1 / (download) - annotate - [select for diffs], Sun Dec 18 04:18:25 2005 UTC (18 years, 5 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.89: +15 -2 lines
Diff to previous 1.89 (colored) next main 1.90 (colored)
MFC: Fix by beck@ make authpf give up group privs before exec'ing pfctl - makes it so the new taint enforcement for /dev/fd/X opens don't kill it ok deraadt@
Revision 1.91.2.1 / (download) - annotate - [select for diffs], Sun Dec 18 04:16:58 2005 UTC (18 years, 5 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.91: +15 -2 lines
Diff to previous 1.91 (colored) next main 1.92 (colored)
MFC: Fix by beck@ make authpf give up group privs before exec'ing pfctl - makes it so the new taint enforcement for /dev/fd/X opens don't kill it ok deraadt@
Revision 1.96 / (download) - annotate - [select for diffs], Mon Dec 12 16:06:01 2005 UTC (18 years, 6 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.95: +2 -3 lines
Diff to previous 1.95 (colored)
correct err() usage and remove the do_death which is unneeded in the child proceess, (as noticed by <evol@online.ptt.ru>)
Revision 1.95 / (download) - annotate - [select for diffs], Mon Dec 12 16:02:32 2005 UTC (18 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.94: +32 -27 lines
Diff to previous 1.94 (colored)
Backout previous change back to 1.92 - My fault, committed diff from unclean tree.
Revision 1.94 / (download) - annotate - [select for diffs], Fri Dec 9 23:51:21 2005 UTC (18 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.93: +12 -21 lines
Diff to previous 1.93 (colored)
Mine, so modernize license
Revision 1.93 / (download) - annotate - [select for diffs], Fri Dec 9 23:41:57 2005 UTC (18 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.92: +16 -12 lines
Diff to previous 1.92 (colored)
calling do_death() after err makes us exit is not smart, and is in fact unnecessary, my usage of err() here also repeated the formatted error message twice. - We don't need do_death() here, and fix err to print the message a bit more sanely. Noticed by Andrey Matveev <evol@online.ptt.ru> - Thanks
Revision 1.92 / (download) - annotate - [select for diffs], Thu Dec 8 23:03:11 2005 UTC (18 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.91: +16 -2 lines
Diff to previous 1.91 (colored)
make authpf give up group privs before exec'ing pfctl - makes it so the new taint enforcement for /dev/fd/X opens don't kill it
Revision 1.91 / (download) - annotate - [select for diffs], Mon May 23 22:50:23 2005 UTC (19 years ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_8
Changes since 1.90: +1 -2 lines
Diff to previous 1.90 (colored)
useless endpwent
Revision 1.90 / (download) - annotate - [select for diffs], Mon May 2 02:29:26 2005 UTC (19 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.89: +6 -3 lines
Diff to previous 1.89 (colored)
more setres[ug]id; ok deraadt@
Revision 1.89 / (download) - annotate - [select for diffs], Thu Feb 10 04:24:15 2005 UTC (19 years, 4 months ago) by joel
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_7
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)
Minor punctuation nit. ok henning@
Revision 1.88 / (download) - annotate - [select for diffs], Mon Jan 31 15:08:50 2005 UTC (19 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.87: +3 -2 lines
Diff to previous 1.87 (colored)
warn(3) + _exit(2) instead of err(3) in the forked child From: Andrey Matveev <andrushock@korovino.net>
Revision 1.87 / (download) - annotate - [select for diffs], Mon Jan 31 15:06:31 2005 UTC (19 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.86: +3 -3 lines
Diff to previous 1.86 (colored)
-Wsign-compare clean, Andrey Matveev <andrushock@korovino.net>
Revision 1.86 / (download) - annotate - [select for diffs], Thu Sep 16 18:34:05 2004 UTC (19 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.85: +2 -2 lines
Diff to previous 1.85 (colored)
ftruncate() with ftello() instead of ftell(); ok millert
Revision 1.85 / (download) - annotate - [select for diffs], Sun Aug 8 00:05:09 2004 UTC (19 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.84: +2 -2 lines
Diff to previous 1.84 (colored)
spacing
Revision 1.84 / (download) - annotate - [select for diffs], Mon Jun 14 20:38:19 2004 UTC (19 years, 11 months ago) by cedric
Branch: MAIN
Changes since 1.83: +18 -15 lines
Diff to previous 1.83 (colored)
Use new ioctls. ok beck@ henning@
Revision 1.83 / (download) - annotate - [select for diffs], Fri May 21 23:10:49 2004 UTC (20 years ago) by dhartmei
Branch: MAIN
Changes since 1.82: +4 -4 lines
Diff to previous 1.82 (colored)
Use '/' instead of ':' as separator for anchor path components. Note that the parser now needs quotes around paths containing separators. ok mcbride@
Revision 1.82 / (download) - annotate - [select for diffs], Wed May 19 17:50:52 2004 UTC (20 years ago) by dhartmei
Branch: MAIN
Changes since 1.81: +5 -5 lines
Diff to previous 1.81 (colored)
Allow recursive anchors (anchors within anchors, up to 64 levels deep). More work required, but this is already functional. authpf users will need to adjust their anchor calls, but this will change again soon. ok beck@, cedric@, henning@, mcbride@
Revision 1.81 / (download) - annotate - [select for diffs], Thu May 13 17:14:55 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.80: +20 -2 lines
Diff to previous 1.80 (colored)
as the authpf manpage describes, the connecting user's shell can be overloaded via login.conf. When verifying that the user's login shell is indeed authpf it is not sufficient to look at (struct passwd)->pw_shell, we also have to use login_getclass etc to check wether the shell gets overloaded. ok millert@ beck@
Revision 1.80 / (download) - annotate - [select for diffs], Wed Apr 28 05:06:13 2004 UTC (20 years, 1 month ago) by cedric
Branch: MAIN
Changes since 1.79: +53 -1 lines
Diff to previous 1.79 (colored)
Put authpf user's IP addresses in the <authpf_users> table. ok deraadt@ dhartmei@ markus@ mcbride@
Revision 1.79 / (download) - annotate - [select for diffs], Wed Apr 28 00:22:39 2004 UTC (20 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.78: +18 -9 lines
Diff to previous 1.78 (colored)
IPv6 support; ok beck@
Revision 1.78 / (download) - annotate - [select for diffs], Sun Apr 25 19:24:52 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.77: +14 -14 lines
Diff to previous 1.77 (colored)
clean; ok beck
Revision 1.77 / (download) - annotate - [select for diffs], Sun Apr 25 18:40:42 2004 UTC (20 years, 1 month ago) by beck
Branch: MAIN
Changes since 1.76: +66 -240 lines
Diff to previous 1.76 (colored)
Make authpf exec pfctl instead of sucking in code from pfctl ok cedric@
Revision 1.76 / (download) - annotate - [select for diffs], Fri Apr 9 12:42:06 2004 UTC (20 years, 2 months ago) by cedric
Branch: MAIN
Changes since 1.75: +7 -1 lines
Diff to previous 1.75 (colored)
Do not try to load directories. found+ok mpech@
Revision 1.75 / (download) - annotate - [select for diffs], Thu Jan 29 01:55:10 2004 UTC (20 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.74: +5 -1 lines
Diff to previous 1.74 (colored)
MORE BULLSHIT BECAUSE THIS PIECE OF SHIT IS INTERTWINED WITH PFCTL
Revision 1.74 / (download) - annotate - [select for diffs], Tue Jan 13 17:31:15 2004 UTC (20 years, 5 months ago) by dhartmei
Branch: MAIN
Changes since 1.73: +9 -4 lines
Diff to previous 1.73 (colored)
handle ruleset names containing usernames, fixes PR 3627, ok Bob
Revision 1.73 / (download) - annotate - [select for diffs], Mon Dec 15 07:11:31 2003 UTC (20 years, 5 months ago) by mcbride
Branch: MAIN
Changes since 1.72: +8 -1 lines
Diff to previous 1.72 (colored)
Add initial support for pf state synchronization over the network. Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@
Revision 1.72 / (download) - annotate - [select for diffs], Wed Dec 10 04:10:37 2003 UTC (20 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.71: +24 -12 lines
Diff to previous 1.71 (colored)
- fix a few exit cases that would exit with no log - add username to added ruleset names when possible - add much needed example to man page showing how to use NAT with tagging to track NATed authpfed connections. ok henning@ dhartmei@, man page cleanup by jmc@
Revision 1.71 / (download) - annotate - [select for diffs], Fri Nov 14 15:31:07 2003 UTC (20 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.70: +8 -1 lines
Diff to previous 1.70 (colored)
catch up with pfctl changes
Revision 1.70 / (download) - annotate - [select for diffs], Fri Sep 26 21:44:09 2003 UTC (20 years, 8 months ago) by cedric
Branch: MAIN
Changes since 1.69: +39 -33 lines
Diff to previous 1.69 (colored)
Rearchitecture of the userland/kernel IOCTL interface for transactions. This brings us close to 100% atomicity for a "pfctl -f pf.conf" command. (some splxxx work remain in the kernel). Basically, improvements are: - Anchors/Rulesets cannot disappear unexpectedly anymore. - No more leftover in the kernel if "pfctl -f" fail. - Commit is now done in a single atomic IOCTL. WARNING: The kernel code is fully backward compatible, but the new pfctl/authpf userland utilities will only run on a new kernel. The following ioctls are deprecated (i.e. will be deleted sooner or later, depending on how many 3rd party utilities use them and how soon they can be upgraded): - DIOCBEGINRULES - DIOCCOMMITRULES - DIOCBEGINALTQS - DIOCCOMMITALTQS - DIOCRINABEGIN - DIOCRINADEFINE They are replaced by the following ioctls (yes, PF(4) will follow) which operate on a vector of rulesets: - DIOCXBEGIN - DIOCXCOMMIT - DIOCXROLLBACK Ok dhartmei@ mcbride@
Revision 1.69 / (download) - annotate - [select for diffs], Fri Sep 26 07:24:10 2003 UTC (20 years, 8 months ago) by henning
Branch: MAIN
Changes since 1.68: +2 -3 lines
Diff to previous 1.68 (colored)
erm, committing to teh right repository helps sometimes. don't reject usernames > 15 chars; username is not used as ruleset name any more, thus, this restriction is gone. PR3491, fix from dhartmei
Revision 1.68 / (download) - annotate - [select for diffs], Thu Aug 21 19:13:23 2003 UTC (20 years, 9 months ago) by frantzen
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.67: +7 -1 lines
Diff to previous 1.67 (colored)
stuff needed for passive OS fingerprinting PF rules
Revision 1.67 / (download) - annotate - [select for diffs], Fri Aug 1 05:29:36 2003 UTC (20 years, 10 months ago) by millert
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)
tickets are now u_int32_t, not int, fixes tree breakage; from Andrey Smagin
Revision 1.66 / (download) - annotate - [select for diffs], Fri Jul 11 08:29:34 2003 UTC (20 years, 11 months ago) by cedric
Branch: MAIN
Changes since 1.65: +3 -4 lines
Diff to previous 1.65 (colored)
Better parsing and -v support for tables:
- remove the tableaddrs and tableaddr yacc production and reuse
host_list instead.
- produce better error messages.
- do not load addresses from external file when it is not
required (like with -R option).
- store initializers in a new node_tinit linked list before
putting them into the address buffer (see next point).
- add a new print_tabledef() function, which makes "pfctl -nvf"
print something useful for table definitions, which in turn
makes it possible to write better regress tests (see first chunk
of the diff) and bring table definition consistant with other
parsed rules.
ok dhartmei@
Revision 1.53.2.1 / (download) - annotate - [select for diffs], Tue Jul 8 22:19:56 2003 UTC (20 years, 11 months ago) by margarida
Branch: OPENBSD_3_3
Changes since 1.53: +3 -2 lines
Diff to previous 1.53 (colored) next main 1.54 (colored)
Pull patch from -current: Fixed by dhartmei@. Fix a bug that caused removal of previous users' rules when more then one user loggged in concurrently. And fix a smaller bug which prevented complete removal of a user's state entries on logout. Bug report and testing by Ed Powers. Ok deraadt@
Revision 1.65 / (download) - annotate - [select for diffs], Tue Jul 8 11:31:27 2003 UTC (20 years, 11 months ago) by dhartmei
Branch: MAIN
Changes since 1.64: +3 -2 lines
Diff to previous 1.64 (colored)
Fix a bug that caused removal of previous users' rules when more then one user loggged in concurrently. And fix a smaller bug which prevented complete removal of a user's state entries on logout. Bug report and testing by Ed Powers.
Revision 1.64 / (download) - annotate - [select for diffs], Thu Jul 3 21:09:13 2003 UTC (20 years, 11 months ago) by cedric
Branch: MAIN
Changes since 1.63: +3 -2 lines
Diff to previous 1.63 (colored)
Bye bye atexit(), bye bye globals... The pfctl.c part will probably need some further improvements. ok henning@
Revision 1.63 / (download) - annotate - [select for diffs], Thu Jul 3 09:13:05 2003 UTC (20 years, 11 months ago) by cedric
Branch: MAIN
Changes since 1.62: +4 -15 lines
Diff to previous 1.62 (colored)
This patch finally cleanup pfctl_table.c. No more global buffer, and a couple of parsing functions moved to parse.y or pfctl_parser where they belong. I also took the opportunity to replace "void" functions with exit(1) or err() inside by "int" functions, with the caller checking the return value for errors (much cleaner and an old request from Theo) ok dhartmei@ henning@
Revision 1.62 / (download) - annotate - [select for diffs], Sat Jun 28 20:37:29 2003 UTC (20 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.61: +4 -4 lines
Diff to previous 1.61 (colored)
() to (void)
Revision 1.61 / (download) - annotate - [select for diffs], Fri Jun 27 09:50:07 2003 UTC (20 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.60: +5 -5 lines
Diff to previous 1.60 (colored)
/etc/authpf.allow -> /etc/authpf/authpf.allow in comments spotted by Joel Knight again
Revision 1.60 / (download) - annotate - [select for diffs], Tue Jun 24 20:45:54 2003 UTC (20 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)
clean
Revision 1.59 / (download) - annotate - [select for diffs], Tue Jun 24 20:44:54 2003 UTC (20 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.58: +3 -3 lines
Diff to previous 1.58 (colored)
(long)getpid(); andrushock@korovino.net
Revision 1.58 / (download) - annotate - [select for diffs], Tue Jun 3 20:38:59 2003 UTC (21 years ago) by beck
Branch: MAIN
Changes since 1.57: +2 -5 lines
Diff to previous 1.57 (colored)
remove term 3, with permission from Chris Kuethe for pathnames.h
Revision 1.57 / (download) - annotate - [select for diffs], Sat May 10 06:14:29 2003 UTC (21 years, 1 month ago) by cloder
Branch: MAIN
Changes since 1.56: +4 -1 lines
Diff to previous 1.56 (colored)
Be polite about leaving invalid data around in globals, just in case someone comes along later, modifies the code, and runs into a problem. OK beck@
Revision 1.56 / (download) - annotate - [select for diffs], Sat May 10 00:51:53 2003 UTC (21 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.55: +10 -1 lines
Diff to previous 1.55 (colored)
catch up with pfctl changes
Revision 1.55 / (download) - annotate - [select for diffs], Wed Apr 30 12:30:27 2003 UTC (21 years, 1 month ago) by cedric
Branch: MAIN
Changes since 1.54: +3 -2 lines
Diff to previous 1.54 (colored)
Allow tables to be loaded into anchors. Most pfctl table commands (excluding 'show' and 'flush') support the "-a" modifier. ok dhartmei@
Revision 1.54 / (download) - annotate - [select for diffs], Sun Apr 20 02:37:00 2003 UTC (21 years, 1 month ago) by beck
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
authpf is supposed to die if the /etc/authpf/authpf.conf is not present. pr # 3217, patch from frisco@blackant.net
Revision 1.53 / (download) - annotate - [select for diffs], Wed Feb 19 00:03:22 2003 UTC (21 years, 3 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE
Branch point for: OPENBSD_3_3
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)
sync to pfctl; BAD HENNING BAD BAD BAD NO COOKIE
Revision 1.52 / (download) - annotate - [select for diffs], Tue Feb 11 20:15:59 2003 UTC (21 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.51: +4 -3 lines
Diff to previous 1.51 (colored)
adjust after pfctl changes
Revision 1.51 / (download) - annotate - [select for diffs], Mon Feb 3 09:59:19 2003 UTC (21 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.50: +4 -4 lines
Diff to previous 1.50 (colored)
typos and minor KNF; from andrushock, thanks!
Revision 1.50 / (download) - annotate - [select for diffs], Sun Feb 2 23:31:24 2003 UTC (21 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)
adjust after pfctl change; parse_rules doesn't take opts seperately any more
Revision 1.49 / (download) - annotate - [select for diffs], Wed Jan 29 10:13:10 2003 UTC (21 years, 4 months ago) by deraadt
Branch: MAIN
Changes since 1.48: +2 -1 lines
Diff to previous 1.48 (colored)
do setprocticle; ok camield
Revision 1.48 / (download) - annotate - [select for diffs], Mon Jan 27 00:59:20 2003 UTC (21 years, 4 months ago) by dhartmei
Branch: MAIN
Changes since 1.47: +1 -13 lines
Diff to previous 1.47 (colored)
remove some unused includes, from Andrey Matveev
Revision 1.47 / (download) - annotate - [select for diffs], Sun Jan 26 02:49:59 2003 UTC (21 years, 4 months ago) by dhartmei
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)
mop up, from krw
Revision 1.46 / (download) - annotate - [select for diffs], Sat Jan 25 16:33:19 2003 UTC (21 years, 4 months ago) by cedric
Branch: MAIN
Changes since 1.45: +11 -3 lines
Diff to previous 1.45 (colored)
Permit initialisation of a table content from a file in pf.conf. Cleaning up of the table options parsing, more flexible. idea+cleanup deraadt@, ok dhartmei@, pass all regress tests.
Revision 1.45 / (download) - annotate - [select for diffs], Thu Jan 9 10:40:44 2003 UTC (21 years, 5 months ago) by cedric
Branch: MAIN
Changes since 1.44: +11 -1 lines
Diff to previous 1.44 (colored)
Add support for active/inactive tablesets in the kernel. Add table definition/initialisation construct in pfctl parser. Add and fix documentation for pf.4 and pf.conf.5. Tested on i386 and sparc64 by myself, macppc by Daniel. ok dhartmei@
Revision 1.44 / (download) - annotate - [select for diffs], Tue Jan 7 03:32:15 2003 UTC (21 years, 5 months ago) by dhartmei
Branch: MAIN
Changes since 1.43: +61 -1 lines
Diff to previous 1.43 (colored)
Add function to search for and remove stale rulesets from other authpf processes which have terminated unexpectedly. ok beck@
Revision 1.43 / (download) - annotate - [select for diffs], Mon Jan 6 18:43:02 2003 UTC (21 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.42: +23 -23 lines
Diff to previous 1.42 (colored)
nicer syslog
Revision 1.42 / (download) - annotate - [select for diffs], Sun Jan 5 22:14:23 2003 UTC (21 years, 5 months ago) by dhartmei
Branch: MAIN
Changes since 1.41: +7 -5 lines
Diff to previous 1.41 (colored)
Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table name. ok henning@, mcbride@, cedric@
Revision 1.41 / (download) - annotate - [select for diffs], Wed Jan 1 02:28:26 2003 UTC (21 years, 5 months ago) by dhartmei
Branch: MAIN
Changes since 1.40: +12 -4 lines
Diff to previous 1.40 (colored)
Scrub and filter rules are separated now, adjust authpf accordingly.
Revision 1.40 / (download) - annotate - [select for diffs], Sun Dec 29 22:00:37 2002 UTC (21 years, 5 months ago) by dhartmei
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
Set a macro $user_id to the user name, just like $user_ip is already set to the IP address. From discussion with Michael Lucas. ok henning@
Revision 1.39 / (download) - annotate - [select for diffs], Sun Dec 22 16:19:32 2002 UTC (21 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.38: +5 -5 lines
Diff to previous 1.38 (colored)
KNF
Revision 1.38 / (download) - annotate - [select for diffs], Sun Dec 22 14:19:30 2002 UTC (21 years, 5 months ago) by dhartmei
Branch: MAIN
Changes since 1.37: +148 -340 lines
Diff to previous 1.37 (colored)
Instead of inserting and removing rules at the top/bottom of the main ruleset, make authpf manage its rules inside anchors.
Revision 1.37 / (download) - annotate - [select for diffs], Thu Dec 19 14:04:03 2002 UTC (21 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.36: +1 -2 lines
Diff to previous 1.36 (colored)
redundant memset
Revision 1.36 / (download) - annotate - [select for diffs], Thu Dec 19 14:03:06 2002 UTC (21 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.35: +66 -65 lines
Diff to previous 1.35 (colored)
KNF
Revision 1.35 / (download) - annotate - [select for diffs], Wed Dec 18 22:07:31 2002 UTC (21 years, 5 months ago) by mcbride
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
Fix tree breakage; match changes to struct pfctl (now contains an array of pointers to pfioc_rule). Fix from henning@ ok dhartmei@
Revision 1.34 / (download) - annotate - [select for diffs], Tue Dec 17 12:42:22 2002 UTC (21 years, 5 months ago) by mcbride
Branch: MAIN
Changes since 1.33: +159 -85 lines
Diff to previous 1.33 (colored)
Match merge of pf_nat/pf_binat/pf_rdr structs into pf_rule - Move pf_compare* functions here - fix ioctls.
Revision 1.33 / (download) - annotate - [select for diffs], Fri Dec 6 00:47:32 2002 UTC (21 years, 6 months ago) by dhartmei
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
Introduce anchors and named rule sets, allowing to load additional rule sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons. Idea and ok deraadt@
Revision 1.32 / (download) - annotate - [select for diffs], Wed Dec 4 08:06:58 2002 UTC (21 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)
catch up to -v -v change in pfctl(8)
Revision 1.31 / (download) - annotate - [select for diffs], Sun Dec 1 20:01:35 2002 UTC (21 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.30: +4 -5 lines
Diff to previous 1.30 (colored)
KNF
Revision 1.30 / (download) - annotate - [select for diffs], Sun Dec 1 19:59:45 2002 UTC (21 years, 6 months ago) by mcbride
Branch: MAIN
Changes since 1.29: +16 -1 lines
Diff to previous 1.29 (colored)
Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which uses old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one. ok dhartmei@ henning@
Revision 1.29 / (download) - annotate - [select for diffs], Sat Nov 23 07:54:45 2002 UTC (21 years, 6 months ago) by mcbride
Branch: MAIN
Changes since 1.28: +5 -3 lines
Diff to previous 1.28 (colored)
don't try to do ioctl with PF_OPT_NOACTION does not impact fuction of authpf, but make it consistent with the rest of the add_* family ok dhartmei@
Revision 1.28 / (download) - annotate - [select for diffs], Sat Nov 23 05:27:19 2002 UTC (21 years, 6 months ago) by mcbride
Branch: MAIN
Changes since 1.27: +29 -3 lines
Diff to previous 1.27 (colored)
add code to load lists of redirection addresses for nat/rdr/route-to/etc.
Revision 1.27 / (download) - annotate - [select for diffs], Fri Nov 22 18:06:48 2002 UTC (21 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.26: +6 -1 lines
Diff to previous 1.26 (colored)
Disallow non-interactive sessions, to avoid problem of users scp'ing to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
Revision 1.26 / (download) - annotate - [select for diffs], Tue Nov 19 02:18:50 2002 UTC (21 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
be more precise
Revision 1.25 / (download) - annotate - [select for diffs], Tue Nov 19 02:14:56 2002 UTC (21 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.24: +7 -1 lines
Diff to previous 1.24 (colored)
hacks to make the tree build; henning gets a carrot up the nose next time i meet him
Revision 1.24 / (download) - annotate - [select for diffs], Fri Oct 25 18:33:13 2002 UTC (21 years, 7 months ago) by camield
Branch: MAIN
Changes since 1.23: +34 -17 lines
Diff to previous 1.23 (colored)
- be even more careful with data supplied from outside - check explicitly for negative values from snprintf (-pedantic) - use MAXLOGNAME - use parentheses with all sizeof's for consistency
Revision 1.23 / (download) - annotate - [select for diffs], Tue Jun 25 08:14:38 2002 UTC (21 years, 11 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.22: +31 -2 lines
Diff to previous 1.22 (colored)
hooks for options. we don't support setting pf options via authpf, but need the hooks here, too. ok dhartmei@, kjell@
Revision 1.22 / (download) - annotate - [select for diffs], Wed Jun 12 20:09:43 2002 UTC (22 years ago) by vincent
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
fix a typo that could create a fd leak ok beck@
Revision 1.21 / (download) - annotate - [select for diffs], Tue Jun 11 17:13:55 2002 UTC (22 years ago) by beck
Branch: MAIN
Changes since 1.20: +4 -1 lines
Diff to previous 1.20 (colored)
fix breakage from the stupid way theo and I commited that last big pile of changes.
Revision 1.20 / (download) - annotate - [select for diffs], Tue Jun 11 04:45:32 2002 UTC (22 years ago) by kjell
Branch: MAIN
Changes since 1.19: +7 -99 lines
Diff to previous 1.19 (colored)
I broke this. Remove separate (optional) nat calls
Revision 1.19 / (download) - annotate - [select for diffs], Sat Jun 8 04:57:34 2002 UTC (22 years ago) by beck
Branch: MAIN
Changes since 1.18: +6 -6 lines
Diff to previous 1.18 (colored)
comment and error message cleanup, from Brian Poole <raj@cerias.purdue.edu>
Revision 1.18 / (download) - annotate - [select for diffs], Fri Jun 7 08:51:44 2002 UTC (22 years ago) by beck
Branch: MAIN
Changes since 1.17: +14 -35 lines
Diff to previous 1.17 (colored)
fix a few nits in theo's commit, make this install and run setgid authpf so that it can remove the files it creates in /var/authpf
Revision 1.17 / (download) - annotate - [select for diffs], Fri Jun 7 08:36:56 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.16: +141 -141 lines
Diff to previous 1.16 (colored)
twist time, space, and other aspects of reality so that we can revoke privs, and... as early as possible. (this does not work, beck has the next half of this coming in a few minutes)
Revision 1.16 / (download) - annotate - [select for diffs], Thu May 30 09:11:59 2002 UTC (22 years ago) by form
Branch: MAIN
Changes since 1.15: +7 -1 lines
Diff to previous 1.15 (colored)
Do not allow user to run authpf if user's shell is not /usr/sbin/authpf to prevent users from playing with $SSH_CLIENT.
Revision 1.15 / (download) - annotate - [select for diffs], Tue May 21 19:48:04 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.14: +46 -49 lines
Diff to previous 1.14 (colored)
KNF before more major hacking
Revision 1.14 / (download) - annotate - [select for diffs], Thu May 16 09:18:55 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.13: +8 -28 lines
Diff to previous 1.13 (colored)
KNF
Revision 1.13 / (download) - annotate - [select for diffs], Wed Apr 24 23:03:56 2002 UTC (22 years, 1 month ago) by dhartmei
Branch: MAIN
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)
Unbreak from pfvar.h change.
Revision 1.12 / (download) - annotate - [select for diffs], Tue Apr 9 23:19:01 2002 UTC (22 years, 2 months ago) by frantzen
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.11: +3 -2 lines
Diff to previous 1.11 (colored)
make sure we fflush() after a sending a message and fix a typo in a comment ok beck@ and deraadt@
Revision 1.11 / (download) - annotate - [select for diffs], Tue Apr 9 20:07:16 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.10: +15 -7 lines
Diff to previous 1.10 (colored)
don't trust USER from the environment - bad, allows users to see files they shouldn't
Revision 1.10 / (download) - annotate - [select for diffs], Tue Apr 9 17:40:40 2002 UTC (22 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.9: +5 -5 lines
Diff to previous 1.9 (colored)
minor KNF
Revision 1.9 / (download) - annotate - [select for diffs], Mon Apr 8 16:12:49 2002 UTC (22 years, 2 months ago) by mpech
Branch: MAIN
Changes since 1.8: +6 -3 lines
Diff to previous 1.8 (colored)
Free memory. Patch from millert@.
Revision 1.8 / (download) - annotate - [select for diffs], Sun Apr 7 16:31:27 2002 UTC (22 years, 2 months ago) by frantzen
Branch: MAIN
Changes since 1.7: +8 -8 lines
Diff to previous 1.7 (colored)
fix authpf_kill_states()
Revision 1.7 / (download) - annotate - [select for diffs], Fri Apr 5 20:35:52 2002 UTC (22 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.6: +7 -68 lines
Diff to previous 1.6 (colored)
move location of per-user config files; beck ok
Revision 1.6 / (download) - annotate - [select for diffs], Fri Apr 5 03:06:52 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.5: +77 -19 lines
Diff to previous 1.5 (colored)
ensure that rules files are owned and writable only by root, along their entire path, change docs accordingly. This ensures that people don't accidentally use the $HOME config files to override real settings unless root meant to do it.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Apr 1 18:57:35 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.4: +0 -1 lines
Diff to previous 1.4 (colored)
don't need this anymore
Revision 1.4 / (download) - annotate - [select for diffs], Mon Apr 1 18:56:01 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.3: +1 -1 lines
Diff to previous 1.3 (colored)
typo in comment
Revision 1.3 / (download) - annotate - [select for diffs], Mon Apr 1 18:54:33 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.2: +15 -21 lines
Diff to previous 1.2 (colored)
-Tattling is bad, users should be allowed to run anything on the system without it generating logs -exit with 0 and 1 instead of EX_FOO -make read_config (with the test and exit) the first thing that happens in main, no openlog or memset first.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Apr 1 18:26:04 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.1: +9 -2 lines
Diff to previous 1.1 (colored)
-Make the /etc/authpf/authpf.conf config file required. -Change authpf to install setuid by default, and exit with a tattling syslog message if a user runs it without a config file present. -Change man page to reflect this.
Revision 1.1 / (download) - annotate - [select for diffs], Mon Apr 1 17:43:42 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
authpf - authenticating gateway shell for use with ssh(1) to make authenticating gateway type firewalls. caveats - needs to be setuid to opertate (but does not install that way) consult the man page for configuration issues.