Age | Commit message (Collapse) | Author |
|
remove some redundant info regarding netstat -r from ipcomp/ipsec
feedback claudio sthen
ok claudio kn sthen
|
|
Pointed out by tb.
|
|
For example, an unknown option with length 0 would result in an
infinite loop.
bluhm points out that the network stack in the kernel would not let
such packets through to userland.
tweak & OK miod
OK bluhm
|
|
a reply we've received, and print out the source address and sequence number
as that might help the user understand what's going on.
ok florian@ dlg@
|
|
fails to report the path that the failure occured on. Suggested by
deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
|
|
|
network devices that shows one character per echo request (! for normal
response, . for timed out, D for duplicate, T for truncated) making
it easier to identify patterns of loss over periods of time.
ok remi@ kn@, feedback from deraadt@ chris@
!!!!!...!!!!!!!!!!!!!!!!!!!!!!!!!!!...!!!!!!!!!!!!!!!!!!!!!!!!!!!.........!!!!!!!!!!!!!!!!!!!!!...!!!!!!!!!!!!!!!!!!!!!!!!!!!....!!!!!!!!!!!!!!!!!!!!!!!!!!.........!!!!!!!!!!!!!!!!!!!!!...!!!!!!!!!!!!!!!!!!!!!!!!!!!....!!!!!!!!!!!!!!!!!!!!!!!!!!.........!!!!!!!!!!!!!!!!!!!!!...!!!!!!!!!!!!!!!!!!!!!!!!!!!....!!!!!!!!!!!!!!!!!!!!!!!!!!..........!!!!!!!!!!!!!!!!!!!!....!!!!!!!!!!!!!!!!!!!!!!!!!!....!!!!!!!!!!!!!!!!!!!!!!!!!!..........!!!!!!!!!!!!!!!!!!!!....!!!!!!!!!!!!!!!!!!!!!!!!!!....!!!!!!!!!!!!!!!!!!!!!!!!!!..........!!!!!!!!!!!!!!!!!!!!....!!!!!!!!!!!!!!!!!!!!!!!!!!.....!!!!!!!!!!!!!!
|
|
answers we would exit after receiving the first answer and claiming a
(huge) packet loss.
OK benno
|
|
by socket(2). They also receive all ICMP packets on the system, for
example from parallel running ping(8)s.
After creating the raw socket ping(8) sets various socket options with
setsockopt(2) and assumes that they apply to all packets it later
processes.
For example ping6(8) uses setsockopt(IPV6_RECVHOPLIMIT) to print the
IPv6 hop count. Packets received between the socket(2) and
setsockopt(2) call however do not have the hoplimit information and
ping6(8) prints a wrong and missleading warning.
To avoid this we have to drain our socket of packets we received
before we were fully setup.
Problem reported and testing by martijn
Input deraadt
OK benno
|
|
From <piotr (at) durlej (dot) net>. Thanks!
|
|
This is somewhat related to the "-b bind_addr" option some programs have,
which should get some cleanup also...
input florian claudio jmc
|
|
- Never accept negative values.
- Cap the interval at UINT_MAX seconds to avoid strange rounding
behavior at the end of the input range.
- Use error messages that resemble other parts of the tree where we
are able to use strtonum(3).
- Leverage modf(3) for cleaner code.
- Call it "-i interval" to avoid accidental visual similarity to
"-w maxwait".
With input from cjeker@, kettenis@, kn@.
ok kn@
|
|
implausible bug existed in the socket setup (mostly dns-related and
setsockopt) it would be largely neutered. of course, a very restrictive
pledge is installed soon after that...
ok mestre brynet florian
|
|
ping(8) doesn't know the value of HZ and shouldn't round the user's
packet wait up to whatever it thinks HZ is. If the period is too small
the interrupt will simply fire less often than instructed. The kernel
will do the right thing regardless.
Given the rarity of this usage we don't really need to print a warning,
either.
ok millert@
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
traceroute bits from benno.
ok benno claudio
|
|
ok dlg@
|
|
do not cast the arguments unnecessarily, and always err() on failure.
an earlier diff just tweaking the v6 calls was oked by bluhm@ kn@ deraadt@
|
|
the manpage was discussed with many
|
|
it reuses the toskeyword handling that ipv4 uses for setting the
tos field, which is equiavlent to traffic class.
ok florian@ denis@
|
|
Left behind in revision 1.225.
OK benno
|
|
With hints set appropiately and switching on address family, the actual
size of the socket address returned by getaddrinfo(3) and it's specified
length is guaranteed to match.
This is probably a leftover "from ping6 which was much more paranoid"
before merging it ping.
OK florian
|
|
they are like that by default.
OK florian@
|
|
makes the code shorter and easier to read.
suggested by & OK claudio
|
|
sending all packets otherwise ping will wait forever to see all
answers - which might not arrive on lossy links.
Problem pointed out by, input & OK claudio
|
|
1. Stop telling our PID to the world: the ident values could overlap
anyway since PID space is larger than 16 bits for some time already.
2. No need for htons/ntohs dance with ident in IPv6 case.
okay benno@ deraadt@ florian@
|
|
termination issue that can arise when parsing IP options.
The bug was found by Hrvoje Popovski with ping -R.
Fix tested by Hrvoje, OK millert@
|
|
if (option & F_FOO && option & F_BAR).
Prompted by a reverse diff from Klemens Nanni. Both forms are
equivalent due to operator precedence, I consider the later to be
easier on the eyes.
|
|
|
|
by me.
|
|
|
|
|
|
$ ping6 -L ff02::1%em1
ping6: setsockopt IP6_MULTICAST_LOOP: Invalid argument
Unfortunately we have this inconsistency in the sockets API where we need
to pass an unsigned char for IP_MULTICAST_LOOP but we need an unsigned
int for IPV6_MULTICAST_LOOP.
While here, fix a typo in the error message.
OK millert@ florian@
|
|
"twenty four", arguing, i think, that the internet is wrong; well
seemingly i'm wrong, and you should hyphenate numbers when spelled out
- who'd have thought it. apologies to florian and the diff submitter
(and the internet);
still, what i should have advised, and what i've done here, is use "24",
which is much simpler, fits the surrounding text, and agrees with oed
style advice;
|
|
addition of a MAC we need at least 24 bytes packet size these days to
show timing information.
Pointed out by Tamas Horvath, thanks!
OK jmc
|
|
unprivileged user just shed the setuid privs as previously.
sthen@ pointed out that you cannot kill(2) your own ping.
With this we rely on pledge(2) for unprivileged users.
OK sthen@, deraadt@ is happy with the middle ground
|
|
unprivileged user is not present instead of erroring out. This lets
ping and traceroute work in restricted enviornments like the bgplg
chroot.
Problem reported by sthen@
input & prodding deraadt@
|
|
It does not buy us much when called as a unpriv user. But if run as
root we can now lose privileges.
OK natano@, deraadt@ is happy
|
|
|
|
|
|
We can get rid of inet_aton(3) and use the AF independent getaddrinfo(3).
OK natano@, krw@, millert@, claudio@
|
|
|
|
ok florian
|
|
|
|
with -I find the kernel selected address and print it even for v4
addresses.
OK phessler@, natano@, mpi@, claudio@, benno@, sthen@, millert@
|
|
OK tom@, natano@, claudio@, sthen@, millert@
|
|
|
|
|
|
Tweak & OK jmc@
|
|
The instbin stuff looks good to deraadt@
|