| Age | Commit message (Collapse) | Author |
|---|
|
|
|
to a route.
the label is sent over the routing socket wrapped into a new
struct sockaddr_rtlabel, allowing for handling it like any other sockaddr.
struct rtentry only contains a (16 bit) label-ID, with the actual labels
kept outside the routing table.
ID allocator code inspired by my own code for altq and pf tags.
mostly hacked at the c2k4 hackathon, markus ok
|
|
ok itojun claudio
|
|
No need to reconfig kernel or rebuild userland stuff.
requested deraadt@, help beck@
|
|
their *source* IP address in addition to their destination address.
routing table "destination" now contains a "struct sockaddr_rtin"
for IPv4 instead of a "struct sockaddr_in".
the routing socket has been extended in a backward-compatible way.
todo: PMTU enhancements, IPv6. ok deraadt@ mcbride@
|
|
RTM_CHANGE/LOCK only work on perfect matching routes. ppp and bgpd got
broken because of this. Most of the code in the "grotty" block is already
done by rn_lookup() only host routes need some special treatment.
OK cedric@
|
|
table from these metrics. struct rt_msghdr used by the routing socket is not
affected and so most userland apps don't need to be changed.
some man page polishing by jmc@
OK henning@ markus@ theo@
|
|
user visible changes:
- you can add multiple routes with same key (route add A B then route add A C)
- you have to specify gateway address if there are multiple entries on the table
(route delete A B, instead of route delete A)
kernel change:
- radix_node_head has an extra entry
- rnh_deladdr takes extra argument
TODO:
- actually take advantage of multipath (rtalloc -> rtalloc_mpath)
|
|
|
|
to built-ins, so eventually we will have one version of these files.
Special adjustments for the kernel to cope: machine/stdarg.h -> sys/stdarg.h
and machine/ansi.h needs to have a _BSD_VA_LIST_ for syslog* prototypes.
okay millert@, drahn@, miod@.
|
|
|
|
argument. old cred only calls user suser_ucred. this will allow future
work to more flexibly implement the idea of a root process. looks like
something i saw in freebsd, but a little different.
use of suser_ucred vs suser in file system code should be looked at again,
for the moment semantics remain unchanged.
review and input from art@ testing and further review miod@
|
|
|
|
|
|
without it "route change X" would change less-specific route by mistake.
reported by jinmei@kame, markus ok
|
|
rescinded 22 July 1999. Proofed by myself and Theo.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
the ANSI way.
|
|
|
|
|
|
(Look ma, I might have broken the tree)
|
|
idea from deraadt@ via NetBSD
millert@ ok
|
|
(freebsd3 has a fix since 1999, but has insufficient validation on sa_len)
|
|
with old code we may see junk at the end. sync with kame, 4.4BSD bug.
|
|
|
|
have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument.
pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest.
3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr *
(almost noone is using it anyways).
benefit: the follwoing command now works. previously we need two route(8)
invocations, "add" then "change".
# route add -inet6 default ::1 -ifp gif0
remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was
introduced by 4.3BSD-reno and never corrected.
XXX is eon_rtrequest() change correct regarding to 3rd arg?
eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno,
so i do not have correct answer in the source code.
someone with more clue about netiso-over-ip, please help.
|
|
|
|
non-root userland process, under certain routing table setup.
http://orange.kame.net/dev/query-pr.cgi?pr=217
|
|
the hack tries to respect ifa or ifp passed to RTM_ADD. However, the change
broke certain link-layers. They include:
- midway ethernet card (en*), which uses sockaddr_dl in gateway portion
to pass PVC information. with the patch, the gateway portion will be
overwritten by empty sockaddr_dl and PVC initialization will fail.
- IPv6, which can't set static ND table with the patch (ndp -s) with the
similar reason.
There may be improved hack coming soon, hope the new one does not break others.
|
|
|
|
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).
|
|
|
|
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal
userland key management applications when security services are requested.
this is only for outgoing connections at the moment, incoming packets
are not yet checked against the selected socket policy.
|
|
|
|
|
|
|
|
|
|
|
