| Age | Commit message (Collapse) | Author |
|---|
|
so use rtable_l2() to get the right id. Fixes adding routes to rtables.
OK mpi@ phessler@
|
|
ok bluhm@
|
|
time soon so remove all the code to support multiple pfkey versions.
OK mpi@
|
|
Prompted by a bug report from semarie@, thanks!
|
|
expansion bug in bpf prevented protocols above 127. m_data is
signed, bpf_mbuf_ldb() returns unsigned.
bug report Matthias Pitzl; OK deraadt@ millert@
|
|
family switch. This makes the specific calculation more obvious.
OK claudio@
|
|
|
|
|
|
O.K. bluhm@
|
|
without needing a previously created state by MLD Listener Query. It
wasn't working because: (1) you might not have a previous MLD Listener
Query and (2) the addresses of the Query and Report don't match.
ok mikeb@, sashan@
|
|
packets. This is the IP in IP protocol input function, so call it
ipip_input(). Rename the existing ipip_input() to ipip_input_gif()
as it is the input function used by the gif interface. Pass the
address family to make it consistent with pr_input. Use __func__
in debug print and panic messages. Move all ipip prototypes to the
ip_ipip.h header file.
OK dhill@ mpi@
|
|
ok bluhm@
|
|
we actually don't need to pre-allocate per_anchor_stack[], if we use
a 'natural' recursion, when doing anchor tree traversal.
O.K. mikeb@, mpi@
|
|
ok visa@
|
|
|
|
ok bluhm@
|
|
OK mpi@
|
|
ok bluhm@
|
|
ok rzalamena@
|
|
All interface ioctl()s are executed with the NET_LOCK() held, which
protects all soft states of the network stack. IPL_NET is only needed
in drivers dealing with hardware and by extension the wireless stack.
|
|
Recursions are still marked as XXXSMP.
ok deraadt@, bluhm@
|
|
variable so the kernel will build on arm64 again.
|
|
OK sthen, visa
|
|
Remove an if condition that cannot happen.
OK mikeb@
|
|
|
|
Sprinkle some #ifdef INET6 and do not use in6addr_any from the
netinet6 code.
test and OK rzalamena@
|
|
|
|
entry on the multipath list.
Fix a NULL dereference triggered by a CPU doing a lookup when another one
is updating the priorities of some routes. By not doing a remove/insert
we ensure that ``an_rtlist'' is never empty and do not need a conditional
in the fast path.
Problem reported by and ok markus@
|
|
|
|
|
|
ok bluhm@
|
|
so that we can run these parts of pf in parallel. Also replace a
single usage of pfr_mask with a stack local variable.
ok mpi@
|
|
Found by and input from dlg@, OK sthen, tedu, henning
|
|
* don't share mifs (multicast interface) between rdomains
* allow multiple routing sockets connected at the same time if they are
in different rdomains.
ok bluhm@
|
|
When the initial state is set to DROPPING, the code immediately
jumps to a CONTROL state bypassing DROPPING. To fix this we start
with an explicit INITIAL state so that we do an INITIAL->DROPPING
transition right off the bat in the beginning of the loop and
then perform a DROPPING->CONTROL and either CONTROL->DROPPING and
restart the loop or CONTROL->RECOVERY/ACCEPTING and terminate.
|
|
Reported by Remi Barbier, thanks! OK mpi@
|
|
kernel. It was only used in IPsec sources. No binary change
OK deraadt@
|
|
change the pointer. Then *mp keeps the invalid pointer and it might
be used. Fix the potential use after free and also reset *mp in
other places to have less dangling pointers to freed mbufs.
OK mpi@ mikeb@
|
|
The purpose of FQ-CoDel is to provide fair sharing of bandwidth
between simultaneous connections and reduce latency differences
among them.
OK mpi, sthen, visa
|
|
inline function instead of casting it to sockaddr. While there,
use inline instead of __inline for all these conversions. Some
struct sockaddr casts can be avoided completely.
OK dhill@ mpi@
|
|
ifq_mfreeml() is similar to the ifq_mfreem(), but takes an mbuf list
as an argument. This also lets these functions subtract the number
of packets to be disposed of from the ifq length.
OK dlg
|
|
i hadnt documented that api changes made to support multiple ifqueues
on a single ifnet.
a glaring omission is doco for if_attach_queues, but that should
go into a manpage for driver writers to read, not internal doco on
the stack.
|
|
a goal of the ifq api is to avoid freeing an mbuf while holding a
lock. to acheive this it allowed the backend enqueue operation to
return a single mbuf to be freed. however, mikeb@ is working on a
backend that wants to free packets during dequeue. to support this,
ifq_mfreem queues a packet during dequeue for freeing at the end
of the ifq serialiser.
there's some doco in ifq.h about it.
requested by mikeb@
|
|
By hiding H-FSC behind pfq_ops structure similar to the ifq_ops,
we provide a possibility to plug alternative queueing interfaces
for use in pf. This reduces amount of H-FSC specific code in the
pf ioctl handler
While here, change the the order of elements in hfsc_class_stats
to provide some compatibility between queue stat structures of
different traffic conditioners.
No objections from henning@, ok sthen@
|
|
Since only leaf queues can have packets assigned to them,
H-FSC requires the user specified root queue to have a
parent. To simplify userland tools and the configuration
interface, the kernel can be leveraged to set it up.
ok henning
|
|
with certain rulesets and excessively noisy; move them to LOG_INFO (which was
previously unused). ok benno@
|
|
by the tree of given state key are filled.
ok sasha
|
|
on amd64 and i386.
|
|
No binary change.
OK mpi@
|
|
ok claudio
|
