Age | Commit message (Collapse) | Author | |
---|---|---|---|
2004-10-09 | sizeof(struct ether_header) -> ETHER_HDR_LEN | Brad Smith | |
ok mcbride@ | |||
2004-08-18 | skip splx() for skiplookup; report Vafa D. Izadinia; ok henning, canacar | Markus Friedl | |
2004-06-21 | First step towards more sane time handling in the kernel -- this changes | Thorsten Lockert | |
things such that code that only need a second-resolution uptime or wall time, and used to get that from time.tv_secs or mono_time.tv_secs now get this from separate time_t globals time_second and time_uptime. ok art@ niklas@ nordin@ | |||
2004-06-21 | Get rid of pf_test_eh() wrapper. | Ryan Thomas McBride | |
ok cedric@ henning@ | |||
2004-05-04 | Apply bridge filter rules to incoming packets destined to the local machine. | Can Erkin Acar | |
Allows tagging of the incoming packets, and a single interface bridge to be actually useful for MAC level filtering/tagging. ok henning@ | |||
2004-05-04 | Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro. | Alexander Yurchenko | |
This matches our SLIST behaviour and NetBSD's SIMPLEQ as well. ok millert krw deraadt | |||
2004-04-28 | make return-rst work on pure bridges. ok dhartmei@ henning@ mcbride@ | Cedric Berger | |
2004-02-10 | plug mbuf leak (ip_fragment() always free mbuf on error). tested by cedric, | Jun-ichiro itojun Hagino | |
dhartmei ok | |||
2004-02-02 | missing #if NPF > 0. ok henning@ | Cedric Berger | |
2003-12-17 | start spanning tree on ifconfig up; from Marco Pfatschbacher; ok jason@ | Markus Friedl | |
2003-12-16 | when a bridge filter rule specifies both src and dst mac address, we do not | Henning Brauer | |
want to compare both against the packet's source address. works much better when we compare the dst address to the packet's dst address. ok camield@ canacar@ markus@ jason@ | |||
2003-12-16 | return error in ifc_destroy; ok deraadt, itojun, cedric, hshoexer | Markus Friedl | |
2003-12-03 | add support for ifconfig clone/destroy; ok henning deraadt | Markus Friedl | |
2003-10-02 | do not try to send incomplete fragments on ENOBUFS case | Jun-ichiro itojun Hagino | |
(behavior change from 4.4bsd). dhartmei ok | |||
2003-08-15 | change arguments to suser. suser now takes the process, and a flags | Ted Unangst | |
argument. old cred only calls user suser_ucred. this will allow future work to more flexibly implement the idea of a root process. looks like something i saw in freebsd, but a little different. use of suser_ucred vs suser in file system code should be looked at again, for the moment semantics remain unchanged. review and input from art@ testing and further review miod@ | |||
2003-07-28 | typo. from cedric | Jun-ichiro itojun Hagino | |
2003-07-25 | do not flip ip_len/ip_off. pechkin and henning ok | Jun-ichiro itojun Hagino | |
2003-06-30 | change that queue ID allocator so it always has the queues sorted by ID. | Henning Brauer | |
that allows us to get rid of the "tagid" global which stored the highest tag ID in use. when allocating a new ID scan the list for a free slot and only use highest + 1 on failure instead of using highest + 1 from the beginning scanning for a dup afterwards. this prevents ID space fragmentation better. as a result this allows us do get rid of the pf_tag_purge() function completely and let pf_tag_unref() remove an entry once the reference counter reaches zero by itself. after all it makes for easier code and is about 50% faster. idea came up during a discussion on icb earlier today between cedric and myself, which itself was particulary inspired by Darren Reed questioning the need for pf_tag_purge on tech-net@netbsd. ok dhartmei@ cedric@ | |||
2003-06-30 | missing pf_tag_purge() | Henning Brauer | |
cedric made me check | |||
2003-06-25 | add a pf_tagname field to ifbrlreq and a pf_tag field to ifbrlnode. | Henning Brauer | |
on bridge rule load translate tagnames to pf tags using pf_tagname2tag etc if packets match a bridge filter rule tag them using pf_tag_packet() with the given tag help dhartmei@ ok deraadt@ jason@ dhartmei@ | |||
2003-06-02 | nuke clause 3 & 4 | Jason Wright | |
2003-05-30 | KNF & ANSI, jason agrees | Henning Brauer | |
2003-05-30 | o the timeout is int, not u_int32_t | Henning Brauer | |
o check timeout for negative values and overflow ok tedu@ jason@ | |||
2003-05-03 | string fixes; tedu ok | Theo de Raadt | |
2003-03-31 | Protect tdb access w/ spltdb; Patrick Latifi | Todd C. Miller | |
Since bridgeintr_frame() is called at splsoftnet() this isn't a big deal but should still be fixed. jason@ OK. | |||
2003-03-11 | forward 8021Q packets with vlan header if the destination interface has | Markus Friedl | |
IFCAP_VLAN_MTU capability. allows forwarding of vlan traffic over bridge(4) since these packets are larger then the mtu; ok jason@ | |||
2003-02-21 | Plug two mbuf leak on error bugs, one from dhartmei one from me. | Jason Wright | |
2003-02-17 | enqueue the copy that was just made, not the original (probably fixes ↵ | Jason Wright | |
kernel/3097, waiting to hear). | |||
2003-02-16 | KNF | Theo de Raadt | |
2003-01-07 | apply the discover rule to bridge_output() as well | Jason Wright | |
2003-01-07 | remove the altq classifier code which is replaced by pf and no longer used. | Kenjiro Cho | |
ok henning@, deraadt@ | |||
2003-01-03 | Fix the unicast case call to bridge_rtupdate(), check that the -source- | Jason Wright | |
interface is LEARNING not the destination. | |||
2002-12-09 | NPF, not NFP (prevented outgoing bridge_ipsec() packets from being ↵ | Jason Wright | |
filtered); Darren Reed <avalon@coombs.anu.edu.au> | |||
2002-12-09 | allow setting of ifcost with brconfig. enables selection of preferred | Markus Friedl | |
port/path to root bridge among several LANs. unlike ifpriority, which allows you to select designated port if serveral interfaces belong to the same LAN; ok jason@ | |||
2002-12-04 | spanning tree: flush dynamic mac cache if interface goes to the | Markus Friedl | |
blocking or disabled state. send packets only if interface is the forwarding state; comment from netbsd; with and ok jason@ | |||
2002-10-10 | Missing m_pullup() and mbuf corruption. This potentially caused | Daniel Hartmeier | |
panic: m_copym0: m == 0 and not COPYALL and/or panic: m_copydata: null muf on bridges running pf with scrubbing enabled. Bug report, test vector and confirmation by Jon Morby. ok jason@, jasoni@ | |||
2002-08-07 | consistently check byte order of ether_type; pointed out by dhartmei | Jason Wright | |
2002-07-02 | make it compile w/ ipsec and no pf ; smth that was left for homework | Michael Shalayeff | |
2002-07-01 | Fix really long standing bug with fetching address cache entries: | Jason Wright | |
handle ifbac_len == 0 as per the man page; Benny Holmgren <bigfoot@astrakan.hig.se> | |||
2002-06-30 | allocate sockaddr_dl for ifnet in if_alloc_sadl(), as we don't always know | Jun-ichiro itojun Hagino | |
the size of sockaddr_dl on if_attach() - for instance, see ether_ifattach(). from netbsd. fgs ok | |||
2002-06-15 | unnecessary () on cast | Jason Wright | |
2002-06-15 | Transparent IPsec processing on the bridge; for now works only with | Angelos D. Keromytis | |
static keys. | |||
2002-06-11 | splassert(IPL_NET) where comment says that we should. | Artur Grabowski | |
2002-06-10 | prevent mbuf leak on icmp_do_error() failure. | Jun-ichiro itojun Hagino | |
NOTE: under 4.4BSD mbuf coding discipline, once you pass mbuf to a function like f(m), you no longer have ownership of the mbuf. the mbuf will always be freed by the called function f(). by keeping the programming rule you have less chance of memory leak. | |||
2002-06-09 | don't need device.h | Jason Wright | |
2002-06-08 | use consistent style in function declarations | jasoni | |
2002-06-08 | If a IP packet is too large for the outgoing interface and DF is set, | jasoni | |
drop the packet and send a icmp needfrag.. blessed by jason@ | |||
2002-06-07 | Move all duplicated enqueueing code into one function, | jasoni | |
bridge_ifenqueu(). - ok jason@, dhartmei@ | |||
2002-05-31 | respect rmx_mtu (cached PMTUD result) on outbound. deraadt/angelos ok | Jun-ichiro itojun Hagino | |
2002-05-28 | refragment ip packets if too large for the outgoing interface | jasoni | |
- ok jason@, dhartmei@ |