| Age | Commit message (Collapse) | Author |
|---|
|
The current reason is that rtalloc_mpath(9) inside ip_output() might
end up inserting a RTF_CLONED route and that require a write lock.
ok kettenis@, bluhm@
|
|
and pretending the output succeeded. Packets are still dropped!
Idea from jsg@ following same change to bridge(4). ok mpi@
|
|
Input deraadt@
Bug fix & OK benno@
|
|
Call sobind(9) only when we have a source ip.
With this we can treat sc->so != NULL as a flag if the interface
is in state IFF_RUNNING.
Input & OK bluhm@, OK benno@
|
|
OK semarie@, deraadt@
|
|
|
|
Issue reported by semarie@ on bugs@ who also isolated the
use-after-fruit to pflow(4) using dlg@'s tracing mbuf diff.
Inputs from and ok florian@, semarie@, benno@
|
|
|
|
pointed out by and OK bluhm@
|
|
packets directly into the network stack with ip_output().
The locking is intentionally left as is and will be improved in
another commit.
Input / OK bluhm@, OK benno@
|
|
OK benno@
|
|
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
|
something based on an address family and later assumes one of the paths
was taken. This was initially just calls to panic until guenther
suggested a function to reduce the amount of strings needed.
This reduces the amount of noise with static analysers and acts
as a sanity check.
ok guenther@ bluhm@
|
|
long live the one true internet.
ok henning mikeb
|
|
ok deraadt@ tedu@
|
|
to include that than rdnvar.h. ok deraadt dlg
|
|
diff from benno@.
ok benno@, florian@
|
|
|
|
after discussions with beck deraadt kettenis.
|
|
ever used to pass on uint32 (for ipsec). stop that madness and just pass
the uint32, 0 in all cases but the two that pass the ipsec flowinfo.
ok deraadt reyk guenther
|
|
Avoid the confusion by using an appropriate name for the variable.
Note that since routing domain IDs are a subset of the set of routing
table IDs, the following idiom is correct:
rtableid = rdomain
But to get the routing domain ID corresponding to a given routing table
ID, you must call rtable_l2(9).
claudio@ likes it, ok mikeb@
|
|
option is pflowproto 10. Also it duplicates a lot of code from
pflowproto 10 and will get in the way in the future.
OK benno@
|
|
consumer just to please tcpdump is stupid and not done anywhere else.
kill with fire. ok benno
|
|
table if flowsrc is not set. Now works with new udp checksum code.
From Nathanael Rensen (nathanael.openbsd AT list DOT polymorpheus DOT
com), tweak and ok florian@
|
|
From Anders Berggren (anders AT halon DOT se), thanks.
OK henning, benno
|
|
ok lteo florian
|
|
created a bunch of useless dependencies. Remove this implicit
inclusion and do an explicit #include <netinet6/in6_var.h> when it
is needed.
OK mpi@ henning@
|
|
checksum. Since no one seems to have a use case for sending flows from
INADDR_ANY disallow this.
Pointed out by Nathanael Rensen on tech@, thanks.
While there make the SIOCSIFFLAGS and SIOCSETPFLOW cases symmetric by
only sending templates if the interface is running.
OK benno@
|
|
time values for version 10.
While there mark places which will blow up in 2038.
OK benno@
|
|
OK benno@
|
|
ok benno@
|
|
inspired by benno@'s previous diff for nat-to
tests/ok benno@
|
|
ok florian@ henning@
|
|
Report that this is needed for some netflow collector and tests by
Chris Ivancic & Colin Ligertwood.
OK mikeb@, benno@
|
|
move them to the corresponding header with an appropriate comment if
necessary.
ok guenther@
|
|
slipped by on i386, but the zaurus doesn't automagically pick it up.
spotted by patrick
|
|
|
|
ok beck@, mikeb@
|
|
v9. Without it it's not possible to find out at what time a flow
started/ended with only flowStartSysUpTime/flowEndSysUpTime. Fix this
by using flowStartSeconds/flowEndSeconds for v10.
Problem reported by Chris Ivancic and Colin Ligertwood, analyzed by
benno@
Tested by benno@ against nprobe (which doesn't care that much one way
or the other)
Tested by Chris Ivancic against solarwinds collector.
OK benno@
|
|
wire for v5 packets.
ok (and lots of gentle prodding from) florian@
|
|
fix kernel builds without bpfilter.
OK sthen@ mikeb@ deraadt@ henning@
|
|
runtime while time_uptime is monotonic. Prevent underflows in
pfsync(4) and pflow(4) by using signed variables. pfsync(4) problem
pointed out by camield.
Diff originally by dlg, frag and pflow bits by me.
feedback dlg
man page tweak jmc
Various versions of the pflow bits tested by Hrvoje Popovski
(hrvoje AT srce DOT hr), thanks!
ok benno, henning, dlg
|
|
figured out by and ok guenther
|
|
large parts written by Florian Obser (florian -at- narrans -dot- de).
feedback from sperreault@ gollo@ sthen@
ok from gollo@ dlg@ henning@
|
|
skewed at runtime by things like date(1) and ntpd. time_uptime is
monotonic and therefore more useful to compare against.
ok deraadt@ mikeb@
|
|
ok claudio henning yasuoka
|
|
|
|
ok claudio krw
|
|
are required to detect that.
Change the function to take a wait argument (used in nfs server, but
M_NOWAIT everywhere else for now) and to return an error
ok claudio@ henning@ krw@
|
|
sysctl.h was reliant on this particular include, and many drivers included
sysctl.h unnecessarily. remove sysctl.h or add proc.h as needed.
ok deraadt
|
