| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2002-12-09 | NPF, not NFP (prevented outgoing bridge_ipsec() packets from being ↵ | Jason Wright | |
| filtered); Darren Reed <avalon@coombs.anu.edu.au> | |||
| 2002-12-09 | allow setting of ifcost with brconfig. enables selection of preferred | Markus Friedl | |
| port/path to root bridge among several LANs. unlike ifpriority, which allows you to select designated port if serveral interfaces belong to the same LAN; ok jason@ | |||
| 2002-12-04 | spanning tree: flush dynamic mac cache if interface goes to the | Markus Friedl | |
| blocking or disabled state. send packets only if interface is the forwarding state; comment from netbsd; with and ok jason@ | |||
| 2002-10-10 | Missing m_pullup() and mbuf corruption. This potentially caused | Daniel Hartmeier | |
| panic: m_copym0: m == 0 and not COPYALL and/or panic: m_copydata: null muf on bridges running pf with scrubbing enabled. Bug report, test vector and confirmation by Jon Morby. ok jason@, jasoni@ | |||
| 2002-08-07 | consistently check byte order of ether_type; pointed out by dhartmei | Jason Wright | |
| 2002-07-02 | make it compile w/ ipsec and no pf ; smth that was left for homework | Michael Shalayeff | |
| 2002-07-01 | Fix really long standing bug with fetching address cache entries: | Jason Wright | |
| handle ifbac_len == 0 as per the man page; Benny Holmgren <bigfoot@astrakan.hig.se> | |||
| 2002-06-30 | allocate sockaddr_dl for ifnet in if_alloc_sadl(), as we don't always know | Jun-ichiro itojun Hagino | |
| the size of sockaddr_dl on if_attach() - for instance, see ether_ifattach(). from netbsd. fgs ok | |||
| 2002-06-15 | unnecessary () on cast | Jason Wright | |
| 2002-06-15 | Transparent IPsec processing on the bridge; for now works only with | Angelos D. Keromytis | |
| static keys. | |||
| 2002-06-11 | splassert(IPL_NET) where comment says that we should. | Artur Grabowski | |
| 2002-06-10 | prevent mbuf leak on icmp_do_error() failure. | Jun-ichiro itojun Hagino | |
| NOTE: under 4.4BSD mbuf coding discipline, once you pass mbuf to a function like f(m), you no longer have ownership of the mbuf. the mbuf will always be freed by the called function f(). by keeping the programming rule you have less chance of memory leak. | |||
| 2002-06-09 | don't need device.h | Jason Wright | |
| 2002-06-08 | use consistent style in function declarations | jasoni | |
| 2002-06-08 | If a IP packet is too large for the outgoing interface and DF is set, | jasoni | |
| drop the packet and send a icmp needfrag.. blessed by jason@ | |||
| 2002-06-07 | Move all duplicated enqueueing code into one function, | jasoni | |
| bridge_ifenqueu(). - ok jason@, dhartmei@ | |||
| 2002-05-31 | respect rmx_mtu (cached PMTUD result) on outbound. deraadt/angelos ok | Jun-ichiro itojun Hagino | |
| 2002-05-28 | refragment ip packets if too large for the outgoing interface | jasoni | |
| - ok jason@, dhartmei@ | |||
| 2002-04-08 | Credit DARPA/USAF appropriately. | Jason Wright | |
| 2002-03-18 | filter ipv6 on the bridge. | jasoni | |
| - ok jason@ | |||
| 2002-03-14 | First round of __P removal in sys | Todd C. Miller | |
| 2002-02-14 | If helps to loop over the correct variable *sigh* | Jason Wright | |
| 2002-02-07 | bridge_output() needs a forcibly aligned copy just like bridge_broadcast() | Jason Wright | |
| because of calls it makes to altq; thanks to art for testing and kjc for pointing that I forgot this case. | |||
| 2002-01-02 | Don't forget to deallocate on failure. | Jason Wright | |
| 2002-01-01 | This is ugly: make a specialized deep copy in bridge_broadcast() that | Jason Wright | |
| ensures that the payload after the ethernet header is nicely aligned (basically this is two copies, one for the ethernet header and one for the payload) and glue the two copies together. bridge_filter() assumes it has been handed a nicely aligned packet. This should address pr#2248. | |||
| 2001-12-15 | add support for creating span ports so that one can snoop a bridge | Jason Wright | |
| from another interface/machine/network. | |||
| 2001-12-13 | remove redundant #if NPF. ok jason@ | jasoni | |
| 2001-12-10 | update ip stats when dropping an ip packet | jasoni | |
| ok jason@ | |||
| 2001-12-08 | mflags and len were uninitialized in bridge_broadcast (source of some | Jason Wright | |
| accounting errors me thinks). | |||
| 2001-11-26 | add fastroute options similar to what is found in ipf | jasoni | |
| ok dhartmei@, frantzen@ | |||
| 2001-08-21 | cut/pasto in rule flushing code (using wrong list); base on patch from Henk ↵ | Jason Wright | |
| van Lingen <henk@vanlingen.net> | |||
| 2001-08-12 | now, that kernel compiles, i can go get an ash tray somewhere | Michael Shalayeff | |
| 2001-07-27 | PF_IN/PF_OUT aren't defined if NPF <= 0, deal with it. | Jason Wright | |
| 2001-07-25 | Make sure pkthdr.rcvif is correct before calling pf_test() | Jason Wright | |
| 2001-07-25 | - unconditionalize call to bridge_input() (fewer #ifdef's and NPF>0 is ↵ | Jason Wright | |
| default case anyway). - add support for filtering on interface output (and call pf_test() appropriately) What all this means: nonstateful and stateful PF filtering now works with the bridge. | |||
| 2001-07-17 | split ip normalization out into a separate file, okay dhartmei@ | Niels Provos | |
| 2001-06-28 | first stab at packet normalization. includes full ip reassembly. | Niels Provos | |
| okay dhartmei@, dugsong@ | |||
| 2001-06-27 | IPFILTER->NPF | Angelos D. Keromytis | |
| 2001-06-27 | introduce the ALTQ queue macros into sys/net files. | Kenjiro Cho | |
| the new model removes direct references to the fields in ifp->if_snd, and defines the following macros to manipulate ifp->if_snd. IFQ_ENQUEUE(ifq, m, pktattr, err) IFQ_DEQUEUE(ifq, m) IFQ_POLL(ifq, m) IFQ_PURGE(ifq) IFQ_IS_EMPTY(ifq) the new model also enforces some rules regarding how to use these macros. details are descrined in http://www.csl.sony.co.jp/~kjc/software/altq-new-design.txt | |||
| 2001-06-26 | no longer pass around **m | Theo de Raadt | |
| 2001-06-25 | PACKETFILTER -> NPF | Kjell Wooding | |
| remove IPF cruft. ok jason | |||
| 2001-06-24 | Use ETHER_IS_MULTICAST macro; jason@ ok. | Federico G. Schwindt | |
| 2001-06-24 | pf mods for bridge; not yet tested | Jason Wright | |
| 2001-06-23 | UDP/IP/TCP packets that hit a bridge and need hardware checksumming | Angelos D. Keromytis | |
| are simply dropped. | |||
| 2001-06-23 | Remember to compute IP/TCP/UDP checksum if we're going to broadcast on | Angelos D. Keromytis | |
| bridge. | |||
| 2001-06-22 | KNF | Theo de Raadt | |
| 2001-06-15 | change the meaning of ifnet.if_lastchange to meet RFC1573 ifLastChange. | Jun-ichiro itojun Hagino | |
| follows BSD/OS practice and ucd-snmp code (FreeBSD does it for specific interfaces only). was: if_lastchange get updated on every packet transmission/receipt. now: if_lastchange get updated when IFF_UP is changed. | |||
| 2001-06-07 | use faster arc4random() instead of get_random_bytes(); jason@ ok | Michael Shalayeff | |
| 2001-06-06 | in bridge_filter(), pullup hlen, not sizeof(struct ip); ok jason@ | jasoni | |
| 2001-06-01 | Don't let packets that need IPsec crypto processing at the NIC be | Angelos D. Keromytis | |
| bridge-broadcast; rather, turn off offloading for now. The IPsec stack will do its own crypto for subsequent packets, which will be broadcast. Once the bridge knows which interface to send packets for that MAC to, if that interface supports IPsec offloading it'll turn it back on. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |