summaryrefslogtreecommitdiff
path: root/sys/net
AgeCommit message (Collapse)Author
2007-05-26add comments indicating why we do m = *m0; again after pf_normalize, ryan okHenning Brauer
2007-05-26one extern seems to be better than 20 for ifqmaxlen; ok krwJason Wright
2007-05-26More comment typos from Diego Casati. Including winners like funtion, allmost,Kenneth R Westerback
oustside, seqencer, toghether, nessissary, etc.
2007-05-23use the intr pool when allocating from interrupt context;Markus Friedl
fixes pppoe f_addrhooks panics (e.g. pr 5454); ok canacar
2007-05-21make bridge(4) mark packets with M_PROTO1 if gif(4) needs to useMarkus Friedl
etherip encapsulation; unbreaks remote ipsec bridges; ok claudio; additional testing Renaud Allard
2007-05-20Handle IP address stuff in tls/tlf state messagesCan Erkin Acar
instead of open/close events. Fixes PR 5457 where an extra open event arrived due to an authentication timeout/retransmission and confused things. Tested by RD Thrush and mpf@, discussions and ok mpf@
2007-05-16fix return values in bridge_output.Michele Marchetto
OK claudio@ jason@
2007-05-16count the number of multicast ranges that are kept in the list of multicastDavid Gwynne
addresses in struct arpcom. this lets a nic driver easily see if it wants allmulti behaviour, which in turn means we can clean some code up. ok jason@ claudio@ norby@
2007-05-15Update the ifp of bridge cache entries if the entry is not static. ThisClaudio Jeker
makes carp(4) fail-over work over bridge(4). OK michele@ jason@
2007-05-08block ALL packets with rthdr0 in pf_test6(). We already do thisRyan Thomas McBride
in ip6_input(), but pf_test6() is called from bridge code as well. ok dhartmei@ henning@ deraadt@ claudio@
2007-05-08Routing headers are dangerous. Deal with them the same way as IPv4 options:Ryan Thomas McBride
drop all packets with routing headers unless the matching rule explicitly specifies 'allow-opts'. ok dhartmei@ henning@ deraadt@ claudio@
2007-05-08wildcard is nowhere used anymore. Figured out by deraadt@Claudio Jeker
2007-05-08rtalloc2() and rtalloc_noclone() inside NPF > 0Theo de Raadt
2007-05-03Use if_flags instead of ifr_flags.Marco Pfatschbacher
It shouldn't make a difference, but some ioctl-callers don't initialize the ifreq properly. Fixes a panic w/ tun(4) on trunk(4). OK reyk@, claudio@
2007-04-26extend the trunk protocol API with some additional callbacks requiredReyk Floeter
for future work. also move the repeated tx start code into a common function. parts of it are merged from FreeBSD's trunk(4) port. oh, wait... they renamed it to 'lagg(4)' because a little green guy from Cizzco-Eeeh told them "trunk is for VLANs, trunk is for VLANs". Bad FreeBSD, don't listen to the little green guy from Cizzco-Eeeh! ok claudio@
2007-04-23add ethernet type for "slow protocols" (defined in IEEE 802.3ad)Reyk Floeter
ok dlg@
2007-04-19Cleanup spaces.Claudio Jeker
2007-04-18Typo in comment. From Brad.Marco Pfatschbacher
2007-04-18Break out of the mtag check loop when a hit was found else we end up in aClaudio Jeker
double free. Found and tested by Stefan Schmieta. OK markus@ mbalmer@
2007-04-17Add support for setting the address of the ppp peer.Marco Pfatschbacher
Use the proper in_ifscrub() / in_ifinit() calls for address changes to generate routing messages. The correct way to set the default route now needs the -ifp option, e.g. route add default -ifp pppoe0 0.0.0.1 Since the route is set right after bringing the interface up, it still works w/out -ifp though. Changes mostly from NetBSD. Tested by Matthias Bauer and bluhm@ OK canacar@
2007-04-11Don't use m_prepend() even if it is used mostly correct here.Claudio Jeker
m_prepend() should never be called directly, use M_PREPEND() instead. Doing so simplifies the code. Tested by fkr@ and Paul de Weerd. OK henning@
2007-04-10``it's'' -> ``its'' when the grammar gods require this change.Miod Vallat
2007-03-27grammar from bret lambert, and one more from me;Jason McIntyre
2007-03-25Synchronise carp advertisements on group demotion.Marco Pfatschbacher
This reduces group failover time to a few milliseconds. Diff from Nathanael. OK henning@
2007-03-24Kill the horrible hack of storing the pid in struct selinfo.Artur Grabowski
Instead, keep the proc pointer in it and put the selinfo on a list in struct proc in selrecord. Then clean up the list when leaving sys_select and sys_poll. miod@ ok, testing by many, including Bobs spamd boxes.
2007-03-23add ethertype for ata over ethernet (AoE)Ted Unangst
ok deraadt
2007-03-20do not use out of scope variable in macros -- only use the macro arguments ↵Michael Shalayeff
passed; makes it less of nfs kind of code; henning@ ok
2007-03-19Use u_int32_t instead of u_long for IP addresses.Marco Pfatschbacher
OK claudio@
2007-03-19no longer create a pflog0 by default.Henning Brauer
we had to put this workaround in since /etc/rc used to use the exit code if "ifconfig pflog0" to decide wether we run on a kernel with pflog support. rc has been fixed to explicitely create pflog0 when pf and pflogd are enabled in November 2006, so now is the time to remove this compat hack. pplz who haven't updated rc since 2006/11/16 lose pflogd. ok ryan theo
2007-03-18Add IP load balancing support for carp(4).Marco Pfatschbacher
This provides a similar functionality as ARP balancing, but also works for traffic that comes across routers. IPv6 is supported as well. The configuration scheme will change as soon we have sth better. Also add support for changing the MAC address on carp(4) interfaces. (code from mcbride) Tested by pyr@ and reyk@ OK mcbride@
2007-03-04Make sure a bpf device can only be opened once.Can Erkin Acar
Previously the descriptor was locked only after an interface is set, leading to a race condition. Reported by Jon Steel < jon.steel at esentire com > tested by otto@, looks correct deraadt@
2007-02-26because sparc has variable pagesize, ctob() varies between machines, and weTheo de Raadt
need uvm/uvm_extern.h to get at uvmexp. oops.
2007-02-23if machine has more than 100MB of physmem, default the max table entriesTheo de Raadt
to 200,000 instead of the conservative 100,000; ok dhartmei beck tested by ckuethe
2007-02-22Make gif(4) altq aware. This simplifies setting up traffic shaping on gif(4)Claudio Jeker
tunnels. Additional testing by Marc Winiger. OK kjc@ mbalmer@
2007-02-22make urpf-failed work with multipath routes.Pierre-Yves Ritschard
ok claudio@
2007-02-21For TUNSIFMODE protect the if_flags similar to the TUNSIFINFO case.Claudio Jeker
Don't allow the userland to fiddle with flags reserved by the driver. Noticed by Ingo Schwarze.
2007-02-19add handling of skip steps for urpf-failed addresses.Pierre-Yves Ritschard
ok dharthmei@, henning@
2007-02-16Unbreak ppp(8) over tun(4) by restriciting the flags that can be changedClaudio Jeker
via TUNSIFINFO. ppp(8) was happily clearing the RUNNING flag and so all incomming packets where dropped. Issue reported by irix <at> ukr <dot> net. While there check that the mtu is in a valid range -- stolen from SIOCSIFMTU case.
2007-02-15Set topology change propagation on all ports _except_ the caller.Reyk Floeter
From FreeBSD
2007-02-14Consistently spell FALLTHROUGH to appease lint.Jonathan Gray
ok kettenis@ cloder@ tom@ henning@
2007-02-12Don't pass random flags to SIOIFFLAGS when changing the lladdr.Marco Pfatschbacher
OK tedu@
2007-02-11Remove _KERNEL_OPT leftovers.Miod Vallat
2007-02-10Cleanup, kill dead code and unused arguments. Mostly stuff that is computedClaudio Jeker
and passed around but never used. OK mglocker@
2007-02-09allow counters to be reset with DIOCGETRULES.Henning Brauer
this allows an atomic read and reset counters, instead of read, reset in a later ioctl and lose everything in between. use the previously unused of pr->action. When it is set to PF_GET_CLR_CNTR, the ioctl requires write permissions and counters are reset after they have been copied out to userland. obsoletes DIOCCLRRULECTRS, which only works for the main ruleset, but not within anchors (yeah, that's how it all started) ok dhartmei, mcbride and theo agree as well
2007-02-09grammar fix from bret lambert;Jason McIntyre
2007-02-08compute pseudo-header checksum based on flnal destination asJun-ichiro itojun Hagino
ip6_dst (i'm bit skeptical about checksumming when the box is not the final destination). drop IPv6 jumbograms, as it could cause various funny symptoms due to ip6_plen being 0 (yup, we should properly handle it instead). ok by deraadt, naddy, hshoexer
2007-02-06Change the behaviour of tun(4) on close.Claudio Jeker
- if the interface was auto-created by opening a /dev/tun* device it will auto-destroy on close. This is comparable to ifconfig tun0 destroy and will remove all routes and addresses associated with the interface. - if the interface was created by ifconfig(8) or hostname.if(5) the interface is persistent -- it is just marked as not running. Especially routes are no longer removed when the interface is closed. This is useful for static setups like the server side of a ssh vpn or static qemu session. This behaviour is more logic then the half done cleanup that is currently done. OK mpf@
2007-01-31handle the full duplex link state in trunk(4). load sharing trunksReyk Floeter
with at least two ports are always handled as full fuplex links. this change will allow trunks as edge ports in a rstp bridge(4). ok brad@ pyr@
2007-01-26When switching mode inherit the TUN_NBIO and TUN_ASYNC flags and clearClaudio Jeker
these flags on close. OK mpf@
2007-01-18allow kernels with TCP_SIGNATURE (aka tcp md5sig), but without IPSEC toHenning Brauer
compile and work. need to register pfkey whenever tcp md5 or ipsec is defined, and the various ipsec encapsulations only if ipsec is defined. ok theo