Age | Commit message (Collapse) | Author | |
---|---|---|---|
2006-03-25 | allow bpf(4) to ignore packets based on their direction (inbound or | Damien Miller | |
outbound), using a new BIOCSDIRFILT ioctl; guidance, feedback and ok canacar@ | |||
2006-03-04 | With the exception of two other small uncommited diffs this moves | Brad Smith | |
the remainder of the network stack from splimp to splnet. ok miod@ | |||
2006-01-23 | support PMTU-Discovery for link2 ipsec bridges; ok claudio | Markus Friedl | |
2006-01-05 | bzero buffers after malloc, or clear string buffer before strlcpy'ing | Theo de Raadt | |
into them, if you are gonna copy it out to userland some ok dhartmei, some ok tedu | |||
2006-01-04 | Remove redundant calls to bpfdetach. | Can Erkin Acar | |
ok brad@ | |||
2005-10-09 | if the wireless hostap interface belongs to a bridge, learn the node's | Reyk Floeter | |
address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints. ok jason@, jsg@ can't see anything obectionable | |||
2005-07-31 | Change the API for icmp_do_error so that it takes the mtu directly, rather | Christopher Pascoe | |
than a pointer to struct ifnet containing it. Saves a 448 byte stack allocation in ip_forward which previously faked up a struct ifnet just for this purpose. idea ok deraadt millert | |||
2005-06-16 | no need for NVLAN; ok jason, brad, camiel | Markus Friedl | |
2005-04-25 | csum -> csum_flags | Brad Smith | |
ok krw@ canacar@ | |||
2005-04-25 | Use ETHERTYPE_VLAN. | Brad Smith | |
2004-12-23 | Simplify hashtable (de)allocation by moving it into the clone functions. | Camiel Dobbelaar | |
ok mickey@ henning@, "looks good" markus@ jason@ | |||
2004-12-19 | Make it possible for carp to work on fddi and token ring again. | Ryan Thomas McBride | |
ok pascoe@ mpf@ | |||
2004-12-17 | Reorder code in the ethernet output path, and enhance unicast address | Christopher Pascoe | |
matching in the bridge receive path to make CARP operate correctly on physical interfaces that are participating in a bridge. ok mcbride@ henning@ dlg@ | |||
2004-10-09 | sizeof(struct ether_header) -> ETHER_HDR_LEN | Brad Smith | |
ok mcbride@ | |||
2004-08-18 | skip splx() for skiplookup; report Vafa D. Izadinia; ok henning, canacar | Markus Friedl | |
2004-06-21 | First step towards more sane time handling in the kernel -- this changes | Thorsten Lockert | |
things such that code that only need a second-resolution uptime or wall time, and used to get that from time.tv_secs or mono_time.tv_secs now get this from separate time_t globals time_second and time_uptime. ok art@ niklas@ nordin@ | |||
2004-06-21 | Get rid of pf_test_eh() wrapper. | Ryan Thomas McBride | |
ok cedric@ henning@ | |||
2004-05-04 | Apply bridge filter rules to incoming packets destined to the local machine. | Can Erkin Acar | |
Allows tagging of the incoming packets, and a single interface bridge to be actually useful for MAC level filtering/tagging. ok henning@ | |||
2004-05-04 | Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro. | Alexander Yurchenko | |
This matches our SLIST behaviour and NetBSD's SIMPLEQ as well. ok millert krw deraadt | |||
2004-04-28 | make return-rst work on pure bridges. ok dhartmei@ henning@ mcbride@ | Cedric Berger | |
2004-02-10 | plug mbuf leak (ip_fragment() always free mbuf on error). tested by cedric, | Jun-ichiro itojun Hagino | |
dhartmei ok | |||
2004-02-02 | missing #if NPF > 0. ok henning@ | Cedric Berger | |
2003-12-17 | start spanning tree on ifconfig up; from Marco Pfatschbacher; ok jason@ | Markus Friedl | |
2003-12-16 | when a bridge filter rule specifies both src and dst mac address, we do not | Henning Brauer | |
want to compare both against the packet's source address. works much better when we compare the dst address to the packet's dst address. ok camield@ canacar@ markus@ jason@ | |||
2003-12-16 | return error in ifc_destroy; ok deraadt, itojun, cedric, hshoexer | Markus Friedl | |
2003-12-03 | add support for ifconfig clone/destroy; ok henning deraadt | Markus Friedl | |
2003-10-02 | do not try to send incomplete fragments on ENOBUFS case | Jun-ichiro itojun Hagino | |
(behavior change from 4.4bsd). dhartmei ok | |||
2003-08-15 | change arguments to suser. suser now takes the process, and a flags | Ted Unangst | |
argument. old cred only calls user suser_ucred. this will allow future work to more flexibly implement the idea of a root process. looks like something i saw in freebsd, but a little different. use of suser_ucred vs suser in file system code should be looked at again, for the moment semantics remain unchanged. review and input from art@ testing and further review miod@ | |||
2003-07-28 | typo. from cedric | Jun-ichiro itojun Hagino | |
2003-07-25 | do not flip ip_len/ip_off. pechkin and henning ok | Jun-ichiro itojun Hagino | |
2003-06-30 | change that queue ID allocator so it always has the queues sorted by ID. | Henning Brauer | |
that allows us to get rid of the "tagid" global which stored the highest tag ID in use. when allocating a new ID scan the list for a free slot and only use highest + 1 on failure instead of using highest + 1 from the beginning scanning for a dup afterwards. this prevents ID space fragmentation better. as a result this allows us do get rid of the pf_tag_purge() function completely and let pf_tag_unref() remove an entry once the reference counter reaches zero by itself. after all it makes for easier code and is about 50% faster. idea came up during a discussion on icb earlier today between cedric and myself, which itself was particulary inspired by Darren Reed questioning the need for pf_tag_purge on tech-net@netbsd. ok dhartmei@ cedric@ | |||
2003-06-30 | missing pf_tag_purge() | Henning Brauer | |
cedric made me check | |||
2003-06-25 | add a pf_tagname field to ifbrlreq and a pf_tag field to ifbrlnode. | Henning Brauer | |
on bridge rule load translate tagnames to pf tags using pf_tagname2tag etc if packets match a bridge filter rule tag them using pf_tag_packet() with the given tag help dhartmei@ ok deraadt@ jason@ dhartmei@ | |||
2003-06-02 | nuke clause 3 & 4 | Jason Wright | |
2003-05-30 | KNF & ANSI, jason agrees | Henning Brauer | |
2003-05-30 | o the timeout is int, not u_int32_t | Henning Brauer | |
o check timeout for negative values and overflow ok tedu@ jason@ | |||
2003-05-03 | string fixes; tedu ok | Theo de Raadt | |
2003-03-31 | Protect tdb access w/ spltdb; Patrick Latifi | Todd C. Miller | |
Since bridgeintr_frame() is called at splsoftnet() this isn't a big deal but should still be fixed. jason@ OK. | |||
2003-03-11 | forward 8021Q packets with vlan header if the destination interface has | Markus Friedl | |
IFCAP_VLAN_MTU capability. allows forwarding of vlan traffic over bridge(4) since these packets are larger then the mtu; ok jason@ | |||
2003-02-21 | Plug two mbuf leak on error bugs, one from dhartmei one from me. | Jason Wright | |
2003-02-17 | enqueue the copy that was just made, not the original (probably fixes ↵ | Jason Wright | |
kernel/3097, waiting to hear). | |||
2003-02-16 | KNF | Theo de Raadt | |
2003-01-07 | apply the discover rule to bridge_output() as well | Jason Wright | |
2003-01-07 | remove the altq classifier code which is replaced by pf and no longer used. | Kenjiro Cho | |
ok henning@, deraadt@ | |||
2003-01-03 | Fix the unicast case call to bridge_rtupdate(), check that the -source- | Jason Wright | |
interface is LEARNING not the destination. | |||
2002-12-09 | NPF, not NFP (prevented outgoing bridge_ipsec() packets from being ↵ | Jason Wright | |
filtered); Darren Reed <avalon@coombs.anu.edu.au> | |||
2002-12-09 | allow setting of ifcost with brconfig. enables selection of preferred | Markus Friedl | |
port/path to root bridge among several LANs. unlike ifpriority, which allows you to select designated port if serveral interfaces belong to the same LAN; ok jason@ | |||
2002-12-04 | spanning tree: flush dynamic mac cache if interface goes to the | Markus Friedl | |
blocking or disabled state. send packets only if interface is the forwarding state; comment from netbsd; with and ok jason@ | |||
2002-10-10 | Missing m_pullup() and mbuf corruption. This potentially caused | Daniel Hartmeier | |
panic: m_copym0: m == 0 and not COPYALL and/or panic: m_copydata: null muf on bridges running pf with scrubbing enabled. Bug report, test vector and confirmation by Jon Morby. ok jason@, jasoni@ | |||
2002-08-07 | consistently check byte order of ether_type; pointed out by dhartmei | Jason Wright | |