| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
From Seishi Hiragushi via FreeBSD PR kern/49957.
Also, while we're here, make the loop counter size_t.
ok mcbride@
|
|
by "ifconfig fxp0 group foobar" "ifconfig xl0 group foobar"
these two interfaces are in one group.
Every interface has its if-family as default group.
idea/design from henning@, based on some work/disucssion from Joris Vink.
henning@, mcbride@ ok.
|
|
remaining TODO:
- "forward" case kernel behavior (IPv4 too), then pfctl syntax change
- red-black tree
|
|
pfctl is assuming that the keyword == 0 in its parser! (see decl for "dir").
|
|
the link0 flag via ifconfig(8). OK markus@, canacar@ also tested by ish@
|
|
ok millert@
|
|
caveats: (to be addressed soon)
- "scrub in" should queue fragments back into ip6intrq again, but
somehow it does not happen - the packet is kept inside reass queue.
need investigation
- ip6_forwarding path is not tested
- does not use red-black tree. somehow red-black tree behaved badly
and was not robust. performance issue, the above one is more
important.
good things:
- "scrub out" is perfectly ok
- i think now we can inspect upper-layer protocol fields (tcp port)
even if ip6 packet is fragmented.
- reass queue will be cleaned up properly by timeout (60sec). we might
want to impose pool limit as well
|
|
ok itojun claudio
|
|
encapsulating all such access into wall-defined functions
that makes sure locking is done as needed.
It also cleans up some uses of wall time vs. uptime some
places, but there is sure to be more of these needed as
well, particularily in MD code. Also, many current calls
to microtime() should probably be changed to getmicrotime(),
or to the {,get}microuptime() versions.
ok art@ deraadt@ aaron@ matthieu@ beck@ sturm@ millert@ others
"Oh, that is not your problem!" from miod@
|
|
ktable being destroyed, which makes it unsafe in a SLIST_FOREACH.
Fix from Chris Pascoe
|
|
Based in part on a diff from Matthew Gream.
|
|
No need to reconfig kernel or rebuild userland stuff.
requested deraadt@, help beck@
|
|
|
|
When enabled, it notifies the calling interface that the packet
matches a bpf filter and should be dropped.
ok henning@ markus@ frantzen@
|
|
ok millert@ deraadt@
|
|
things such that code that only need a second-resolution uptime or wall
time, and used to get that from time.tv_secs or mono_time.tv_secs now get
this from separate time_t globals time_second and time_uptime.
ok art@ niklas@ nordin@
|
|
|
|
|
|
sin6_scope_id, IPsec porion uses embedded form). beck ok
|
|
ok cedric@ henning@
|
|
|
|
input queues when using dhcp and hostap wi, or xl, or fxp....
ok art@
|
|
route(8) takes a new -mpath modifier to enter a multipath route.
requested deraadt@, ok itojun@ mcbride@ millert@
|
|
to program to over the next week; thanks for feedback in developing
this from cedric, claudio, chris, alex
|
|
DIOCRINABEGIN, DIOCRINACOMMIT ioctls.
Use DIOCXBEGIN/DIOCXCOMMIT/DIOCXROLLBACK instead.
ok beck@ dhartmei@ henning@
|
|
|
|
|
|
table is destroyed in pfr_setflags_ktable.
Fix from Chris Pascoe
|
|
keyword in C++. ok henning@, cedric@
|
|
|
|
their *source* IP address in addition to their destination address.
routing table "destination" now contains a "struct sockaddr_rtin"
for IPv4 instead of a "struct sockaddr_in".
the routing socket has been extended in a backward-compatible way.
todo: PMTU enhancements, IPv6. ok deraadt@ mcbride@
|
|
|
|
pool allocator, _nointr. testing/ok beck@ cedric@
|
|
|
|
|
|
descriptions, configurable with ifconfig
help from various, ok deraadt@
|
|
Now to have more bpf devices just add device nodes in /dev,
no need to recompile kernel anymore.
Code from form@pdp-11.org.ru, some help from markus@.
ok markus@ canacar@ deraadt@
|
|
interface is detached, and wakeup any polling processes when the
bpf descriptor is closed. ok henning@, tedu@
|
|
the parser now needs quotes around paths containing separators.
ok mcbride@
|
|
|
|
levels deep). More work required, but this is already
functional. authpf users will need to adjust their anchor
calls, but this will change again soon. ok beck@, cedric@,
henning@, mcbride@
|
|
add ETHER_MAX_LEN_JUMBO, ETHER_VLAN_ENCAP_LEN, ETHER_ALIGN, and
ETHERMTU_JUMBO constants.
if.h
add a few more interface capabilities flags.
Some from NetBSD, some from FreeBSD.
ok markus@
|
|
the ruleset and invalidate the pointer. ok cedric@
|
|
|
|
From NetBSD
ok deraadt@
|
|
RTM_CHANGE/LOCK only work on perfect matching routes. ppp and bgpd got
broken because of this. Most of the code in the "grotty" block is already
done by rn_lookup() only host routes need some special treatment.
OK cedric@
|
|
also fixup checksum when random-id modifies ip_id. This would previously
lead to incorrect checksums for packets modified by scrub random-id.
From Pyun YongHyeon. ok cedric@
|
|
a packet is routed already) in the mbuf tag, allow at most four times.
Fixes some legitimate cases broken by the previous change. ok cedric@
|
