Age | Commit message (Collapse) | Author |
|
minimum required to ensure that resolv.conf is
written out on startup/HUP.
Noticed by and fix tested by jmc@
|
|
|
|
The FQ-CoDel related configuration (flows, quantum) becomes available
for the regular bandwidth queue. Internally the kernel will pick the
FQ-CoDel for use as a queue manager for the specified class instead of
the FIFO.
Discussed with and OK henning@ at d2k17 as a part of a larger diff.
|
|
The selection mechanism introduced in pf_ioctl.c -r1.316 suffers
from being too ambiguous and lacks robustness. Instead of relying
on composition of multiple flags in the queue specification, it's
easier to identify the root class (if it exists) and derive all
further checks from it.
|
|
okay millert@
|
|
in the wrong direction.
|
|
This deference can occur because sa_find() is called from a timer and
iterates over all existing `sa'. At that time the corresponding
`finalize_exchange' might not have been called, in which case it is
unsafe to dereference `src_net', `dst_net' & co.
Issue reported by MichaÅ Koc. ok hshoexer@, markus@
|
|
|
|
RTM_DELADDR and RTM_NEWADDR are no longer of interest.
Pointed out by jca@
|
|
dhclient taking control of the interface.
In particular do not exit when addresses are manually added to or
deleted from the interface dhclient(8) is concerned about. Note that
such changes will still be removed whenever dhclient(8) is re-started
or gets a different lease during renewal.
|
|
- make sure to not send solicitations at a very high rate indefinitely
if pltime is 0
(we still need some sort of rate limiting here)
- implement RFC 4862 5.5.3 two hours rule wrt vltime
- allow pltime of 0 so that a router can withdraw a prefix
|
|
this was part of a demo showing how to implement the kernel side of
sysctl(3) for setting Semantically Opaque Interface Identifier key
material, but it seems to be the most straightforward path toward
integrating soiikey handling and rc.
ok florian@ sthen@ naddy@ tb@
|
|
Changes:
voided:
- pfctl_clear_tables
- pfctl_show_tables
- pfctl_show_ifaces
Those functions now exit(3) in case of error instead
of passing it up to the callers (where it was ignored).
OK mikeb@, sashan@
|
|
intended.
|
|
"<var> == 0", "!(<var> & FLAG)" with
"(<var> & FLAG) == 0", "!<func()>"
with "<func()> == 0" and "!<define>" with
"<define> == 0". And the positive cases
as well.
A few stray == NULL and != NULL as well.
|
|
"<pointer> == NULL". And of course "<pointer>"
expressions with "<pointer> != NULL".
|
|
renewal lease into canonical forms and compare those rather than the
leases themselves. Eliminates spurious interface and route
manipulation when irrelevant aspects of the leases are changed by the
DHCP server.
Problem found by Paul de Weerd when his DHCP server returned
renewed leases differing only by a decremented dhcp-lease-time option.
ok mpi@
|
|
the bpf socket signals that it has data, call packethandler() in a
loop until no more bpf packets are available.
|
|
for RFC 7217 support
|
|
okay millert@
|
|
add a comment explaining why keywords.h is in the source tree even though
it's exactly what keywords.sh generates, so that people don't try adding
the generating rule again.
okay millert@
|
|
renaming "if_register_bpf()" to "get_bpf_sock()",
"if_register_send()" to "get_udp_sock()" and
"if_register_receive()" to "configure_bpf_sock()".
Pull back interface_info knowledge and just pass
the interface name, rdomain and bpf socket fd as
required.
|
|
for resolving 'egress' and adding a route. Move creation
of main()'s ioctlfd up so it can be used for the
'egress' resolution.
|
|
declarations.
|
|
|
|
the default.
okay millert@
|
|
|
|
chars to parse_decimal() instead of less obvious *fmt; refactor
to eliminate need for the 'alloc:' and 'bad_flag:' labels and the
invidious backwards goto's to them.
|
|
files. This fixes up parallel builds in the default case.
FreeBSD does something similar.
okay millert@
|
|
|
|
(512 in our case) for privacy addresses as per RFC 4941.
|
|
ND6_PRIV_MAX_DESYNC_FACTOR like RFC 4941 tells us to.
Toss in a arc4random_uniform for good measure like the kernel always
did.
|
|
table (dhcp_options) involved. Provide functions
code_to_name(), name_to_code(), code_to_format() and
replace direct access to dhcp_options with them. Eliminate
unneeded 'struct option'.
Unhook tables.c from Makefile.
|
|
if (option & F_FOO && option & F_BAR).
Prompted by a reverse diff from Klemens Nanni. Both forms are
equivalent due to operator precedence, I consider the later to be
easier on the eyes.
|
|
|
|
names, not just 2 out of 3.
|
|
and sometimes uintNN_t.
|
|
DHO_COUNT.
|
|
No more struct interface_info knowledge in privsep.[ch]
|
|
No more struct interface_info knowledge in packet.c
|
|
unpack_options(). Store the unpacked options in a static
variable. Move remaining raw packet processing from unpack_options()
to packethandler().
No more struct interface_info knowledge in options.c
|
|
pack options into. Not all the gory details of interface_info.
Move some of the raw packet processing out of options.c's
do_packet() and into the more obvious dispatch.c's
packethandler().
Mention that RFC791 is why we use 576-byte UDP packets.
|
|
installer.
This removes the control socket handling which is useless because we
won't have slaacctl in the installer.
Also deraadt@ pointed out that this would be the first use of log.c in
the installer where we don't have syslogd running so it's rather
pointless. So this completely neuters logging.
The log.h change doesn't interfere with benno@'s efforts of unifying
log.c
The installer version of slaacd won't even compile control.c and log.c
|
|
related imsg types
|
|
|
|
4862 Section 5.5.3.
This very likely solves the problem of slaacd generating privacy
addresses at a very high rate as reported by Matthias Schmidt on
bugs@; thanks!
The problem is that we constantly generate new privacy addresses if we
receive a router advertisement with a pltime of 0 since that address
will immediately be deprecated.
This needs revisiting since we will run into the same problem with
other low pltimes.
|
|
pass the interface name and the TAILQ to put static leases into.
Add a TAILQ for static leases to struct client_config to hold the
static leases until it's time to add them to ifi.
Add add_lease() to add leases to a TAILQ while checking for
leases that are superseded by the new lease.
|
|
by me.
|
|
least not as is
Reported by tim@, OK deraadt@ to backout the pledge for now
|
|
|