summaryrefslogtreecommitdiff
path: root/sys/net
AgeCommit message (Expand)Author
2021-07-26Use per-CPU counters for tunnel descriptor block (tdb) statistics.mvs
2021-07-22Add sizes for free() in zlibTheo Buehler
2021-07-20Turn pipex(4) session statistics to per-CPU counters. This makes pipex(4)mvs
2021-07-20The current workaround to disable parallel IPsec did not work.Alexander Bluhm
2021-07-19Fix an alignment fault observed on an octeon machine while pppoe(4) wasStefan Sperling
2021-07-14Export SA replay counters via pfkey and print with ipsecctl.tobhe
2021-07-09ifq_hdatalen can return 0 if ifq_empty is true, which avoids locks.David Gwynne
2021-07-08Initialize `ipsec_acquire_pool' pool (9) within pfkey_init() instead ofmvs
2021-07-08Debug printfs in encdebug were inconsistent, some missing newlinesAlexander Bluhm
2021-07-07tell ether_input() to call pf_test() outside of smr_read sections,Alexandr Nedvedicky
2021-07-07pfsync_undefer() must be called outside of PF_LOCKAlexandr Nedvedicky
2021-07-05Export tdb MTU to userland via SADB_GET. This helps debug path MTUtobhe
2021-07-05etherbridge_map was way too clever, so simplify it.David Gwynne
2021-06-30Remove splnet() from ifnewlladdr(), it is not needed anymore.Alexander Bluhm
2021-06-25let pfsync_request_update actually retry when it overfills a packet.David Gwynne
2021-06-23rtsock: revert from timeout_set_flags(9) to timeout_set_proc(9); ok mvs@cheloha
2021-06-23augment the global pf state list with its own locks.David Gwynne
2021-06-23pf_purge_expired_states can check the time once instead of for every state.David Gwynne
2021-06-23pfsync_undefer_notify needs to be careful before dereferecing state keys.David Gwynne
2021-06-23rework pf_state_expires to avoid confusion around state->timeout.David Gwynne
2021-06-17more consistently use pfsync_free_deferral to free the mbuf.David Gwynne
2021-06-15use getnsecuptime instead of getmicrouptime.David Gwynne
2021-06-15get the uptime before comparing to it.David Gwynne
2021-06-15factor out nsecuptime and getnsecuptime.David Gwynne
2021-06-15rework pfsync deferal timeout handling.David Gwynne
2021-06-09whitespace tweak. no functional change.David Gwynne
2021-06-02With parallel execution of pf_test() two packets may try to update the sameAlexandr Nedvedicky
2021-06-02whitespace tweaks, no functional change.David Gwynne
2021-06-02only read the if_bpf pointer once.David Gwynne
2021-06-02tpmr_input is called in an smr crit section, so it doesnt need its own.David Gwynne
2021-06-02read the tpmr if_flags once in tpmr_input so link flags apply consistently.David Gwynne
2021-06-02use ipv4_check and ipv6_check to well, check ip headers before running pf.David Gwynne
2021-06-02use ipv4_check and ipv6_check provided by the network stacks.David Gwynne
2021-06-01Check `so_state' in rtm_senddesync() and return if SS_ISCONNECTED ormvs
2021-06-01a couple of minor whitespace tweaks. no functional change.David Gwynne
2021-05-30Declare all struct protosw as constant.Alexander Bluhm
2021-05-27ajacoutot says i missed copying some bits from bridge for divert-to.David Gwynne
2021-05-27ajacouto says i missed copying some bits from bridge for divert-to.David Gwynne
2021-05-26Use `so_lock' to protect key management (PF_KEY) sockets. This can bemvs
2021-05-26add support for pf divert-to on tpmr, like what was done for veb(4).David Gwynne
2021-05-26support divert-to when pf applies it to a packet.David Gwynne
2021-05-25As network features are not added dynamically, the domain structuresAlexander Bluhm
2021-05-25The arrays sadb_exts_allowed_out and sadb_exts_required_out areAlexander Bluhm
2021-05-17fix state key reference underflow, when sk == skrevAlexandr Nedvedicky
2021-05-17Revert. Last change should not have been committed.Claudio Jeker
2021-05-17Increase the default buffer space using on PF_UNIX sockets to 8k.Claudio Jeker
2021-05-16panic does not require a \n at the end. When one is provided, it looks wrong.Theo de Raadt
2021-05-16In route detach we delete `rop_timeout' while `rop' is still linked tomvs
2021-05-15Fix IPsec NAT-T to work with pipex(4). Introduce a new packet tagYASUOKA Masahiko
2021-05-06Kill pfkeyv2_parsemessage() declaration which is absolutely uselessmvs