| Age | Commit message (Collapse) | Author |
|---|
|
or VLAN interfaces.
Based on a similar change from NetBSD.
ok canacar@
|
|
Reported and tested by Zach Wilkinson
ok brad@, claudio@
|
|
broken by me almost a year ago with the proto_checksum changes :(
problem noticed & fix tested by Helmut Schneider <jumper99@gmx.de>
narrowed down & ok dhartmei
|
|
receiving PPPoE packets but without any PPPoE interfaces
setup.
From mickey@ via PR 5713.
ok canacar@ claudio@ dlg@
|
|
|
|
Instead of using the same IP on multiple interfaces, carp has to be
configured with the new "carpnodes" and "balancing" options.
# ifconfig carp0 carpnodes 1:0,2:100,3:100 balancing ip carpdev sis0 192.168.5.50
Please note, that this is a flag day for anyone using carp balancing.
You'll need to adjust your configuration accordingly.
Addititionally this diff adds IPv6 NDP balancing support.
Tested and OK mcbride@, reyk@.
Manpage help by jmc@.
|
|
while UP and holding an open bpf handler by checking bpfilter_lookup()
for returning NULL in bpfpoll(). Added an XXX comment which reminds us
to recheck why this race condition happens in conjunction with the USB
stack.
Commented by miod@ and thib@ (would prefer to directly fix race condition,
if this is possible at all).
lot of help and OK claudio@
|
|
bit in netisr is set. 1 != (1 << 1).
Reported by mickey, fix by me.
OK markus@, miod@, claudio@
|
|
packet have to be protected by the same splnet. Otherwise on
architectures where soft interrupts are executed immediately, the
interrupt is processed before the packet is in the queue.
On real hardware interfaces this was not a problem as ether_input()
is called at splnet anyway. But when sending to a tun interface
the packet got delayed.
ok beck@ miod@ henning@ mpf@ markus@
|
|
Panic reported by deraadt.
OK henning@
|
|
ports.
ok reyk@ dlg@
|
|
all the original ones did, the recently added ones for labels per interface
didn't. no cookie for reyk ;(
ok deraadt
|
|
from chris@nmedia.net
|
|
the comments. Based on diff from Guy Harris
|
|
OK dhartmei@
|
|
In pf_normalize_tcpopt() pull the TCP options before processing them.
This gets the correct TCP options even if an mbuf chain was used, instead
like now pointing into an invalid mbuf data buffer.
Will close PR 5623. Diff done together with dhartmei@.
OK dhartmei@
|
|
rdr rules. this helps to get some statistics about l3 redirections.
ok henning@
|
|
ok claudio@ krw@ jason@ dlg@
|
|
provide netstat(1) with data it needs; ok claudio reyk
|
|
deraadt@.
|
|
must be able to handle as MRU but while testing pppoe(4) against a pppoe(8)
server I figured out that pppoe(8) insists on a MRU 1492. Because of this
we allow the offered MRU to be between PP_MIN_MRU and PP_MAX_MRU especially
because the MRU is not used at all as long as it is smaller then PP_MAX_MRU.
OK canacar@
|
|
route. This mostly affects "route delete" and it will not remove the last
route if previous delete is redone. OK henning@
|
|
copyin/out. Change the API so that the state is included in the ioctl
argument, so the ioctl wrappers take care of copying memory as appropriate.
Also change the DIOCGETSTATE API to be more useful. Instead of getting
an arbitrarily "numbered" state (using numbering that can change between
calls), instead search based on id and creatorid. If you want to monitor
only a particular state, you can now use the bulk functions first to find
the appropriate id/creatorid and then fetch it directly from then on.
ok dlg@ henning@
|
|
default rule.
When pf_insert_state fails, it's because a matching state already exists.
Return a better error code to the user in this case.
ok henning@ dlg@
|
|
|
|
put it for us already.
Also, fix cut-n-paste error in previous commit.
ok dlg@ henning@
|
|
ok dlg@ henning@
|
|
next expiry run.
ok dlg@ henning@
|
|
and what it was copying would get overwritten anyway. Remove the copy
and avoid a panic.
DIOCGETSTATE would incorrectly dereference a pointer to a pointer,
causing another panic. Fix this.
|
|
sys/dev/pci/pciide.c from naddy@
|
|
sys/netinet/in_pcb.c and sys/net/bridgestp.c ok henning@
sys/dev/pci/bktr/* ok jakemsr@
|
|
|
|
but pf_insert_state does fiddle with the state's state_key pointer - it
has too -, and can leave it at NULL. pf_src_tree_remove_state()
tried to grab the protocol from it. fortunately that is superfluous here,
since tcp_est will never be set in the non-tcp case - it is only touched
in pf_src_connlimit which in turn is only ever called from pf_test_tcp().
ok mcbride + identical diff from pascoe, but he was a few minutes late :)
|
|
that is kept in a list per carp interface. This is the huge first
step necessary to make carp load balancing nice and easy. One carp
interface can now contain up to 32 virtual host instances.
This doesn't do anything useful yet, but here is how an ifconfig
for multiple entries now looks like:
# ifconfig carp2 carpnodes 5:0,6:100 192.168.5.88
carp2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5e:00:01:05
carp: carpdev sis0 advbase 1
state MASTER vhid 5 advskew 0
state BACKUP vhid 6 advskew 100
groups: carp
inet 192.168.5.88 netmask 0xffffff00 broadcast 192.168.5.255
OK mcbride@
|
|
|
|
|
|
please close the pr after another solution is found for both problems
|
|
I wonder why 64-bit archs have not been bitten by this.
OK mcbride@, henning@
|
|
different protocols. from Max Laier. ok markus@, henning@
|
|
ok deraadt@ dlg@ henric@ mcbride@
|
|
tested david@, ok dhartmei@
|
|
This prevents a null-deref when empty groups are used in set loginterface.
Fixes PR 5628 as reported by Andreas Bihlmaier.
Bad mpf :(
OK henning@
|
|
|
|
|
|
Noticed by Kai_Doernemann_at_genua.de
OK henning@, deraadt@
|
|
Suggestions from mpf@ and canacar@
ok deraadt mpf canacar
|
|
inside that loop doesn't yield the expected results.
from freebsd r1.37 Andrew Thompson <thompsa@freebsd.org>
|
|
Add support for probablities of 0% and 100%.
With and OK deraadt@
|
|
the broadcast start routing.
ok pyr@
|
|
ports and receives frame on any port. This allows interaction with
some L2 configurations.
with input and ok reyk@
|
