summaryrefslogtreecommitdiff
path: root/sys/netinet/in.h
AgeCommit message (Collapse)Author
2005-10-05Add multicast routing to GENERIC.Esben Norby
It is now possible to enable multicast routing in the kernel with the sysctl option net.inet.ip.mforwarding=1 Based on intial work by msf@ help claudio@ ok claudio@ deraadt@
2005-06-06another leftover from the src routing adventure a year agoHenning Brauer
2005-05-27Experimental support for opportunitic use of jumbograms where only some hostsRyan Thomas McBride
on the local network support them. This adds a new socket option, SO_JUMBO, and a new route flag, RTF_JUMBO. If _both_ the socket option is set and the route for the host has RTF_JUMBO set, ip_output will fragment the packet to the largest possible size for the link, ignoring the card's MTU. The semantics of this feature will be evolving rapidly; talk to us if you intend to use it. ok deraadt@ marius@
2005-05-24add net.inet.ip.ifq for monitoring and changing ifqueue; similar to netbsdMarkus Friedl
ok henning
2005-01-14Add kernel support for Protocol Independant Multicast (PIM)Ryan Thomas McBride
Information: http://netweb.usc.edu/pim/ From Pavlin Radoslavov <pavlin@icir.org> ok deraadt@ brad@
2004-11-24Multicast routing cleanup from Pavlin RadoslavovRyan Thomas McBride
- sync ip_mroute.c with NetBSD - import some FreeBSD changes to MFC entry handling - set im->im_vif correctly when sending IGMPMSG_WRONGVIF - increment mrtstat.mrts_upcalls correctly - return error from get_sg_cnt() if there is no matching forwarding entry ok henning@ brad@ naddy@
2004-06-06extend routing table to be able to match and route packets based onCedric Berger
their *source* IP address in addition to their destination address. routing table "destination" now contains a "struct sockaddr_rtin" for IPv4 instead of a "struct sockaddr_in". the routing socket has been extended in a backward-compatible way. todo: PMTU enhancements, IPv6. ok deraadt@ mcbride@
2004-02-15switch to sysctl_int_arr(); ok itojun, henning, miod, deraadtMarkus Friedl
2003-12-17Change pfsync IP protocol and multicast group numbers.Ryan Thomas McBride
IPPROTO_PFSYNC -> 240 INADDR_PFSYNC_GROUP -> 224.0.0.240 ok deraadt@
2003-12-15Add initial support for pf state synchronization over the network.Ryan Thomas McBride
Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@
2003-10-17Common Address Redundancy ProtocolRyan Thomas McBride
Allows multiple hosts to share an IP address, providing high availability and load balancing. Based on code by mickey@, with additional help from markus@ and Marco_Pfatschbacher@genua.de ok deraadt@
2003-06-02Remove the advertising clause in the UCB license which BerkeleyTodd C. Miller
rescinded 22 July 1999. Proofed by myself and Theo.
2002-03-14First round of __P removal in sysTodd C. Miller
2001-11-06send igmp v2 leave messages to allrouters address (PR#2164)Jakob Schlyter
patch based on parts from NetBSD submitted by goeran@cdg.chalmers.se
2001-07-05StyleAngelos D. Keromytis
2001-07-05IPComp itself (include files). angelos@ ok.Jean-Jacques Bernard-Gundol
2001-06-25Use in_cksum_phdr() rather than in_cksum() -- from NetBSDAngelos D. Keromytis
2001-06-24Import in_cksum_phdr() and in_cksum_addword() from NetBSD.Angelos D. Keromytis
2001-06-24Import in_delayed_cksum() and convert to using it; also, don't doAngelos D. Keromytis
TCP/UDP HW checksumming if doing IP fragmentation. From NetBSD
2001-06-23Typo.Angelos D. Keromytis
2001-06-23Prototype for in4_cksum()Angelos D. Keromytis
2001-06-12IPsec setsockopts.Angelos D. Keromytis
2001-06-09Inclusion protection.Angelos D. Keromytis
2001-05-27Add some IPsec-related IP-level socket options.Angelos D. Keromytis
2001-05-17convert mbuf and cluster allocation to pool, mostly from NetBSDNiels Provos
okay art@ miod@
2000-12-09remove duplicated def of INET_ADDRSTRLEN.Jun-ichiro itojun Hagino
2000-09-19Lots and lots of changes.Angelos D. Keromytis
2000-09-18Path MTU discovery based on NetBSD but with the decision to use the DFNiels Provos
flag delayed to ip_output(). That halves the code and reduces most of the route lookups. okay deraadt@
2000-06-18for mcdonald-simple-ipsec-api get/setsockopt, variable size was mixed up.Jun-ichiro itojun Hagino
in some place sizeof(u_char), and in some place sizeof(int) were used. previous code can cause problem in big endian machines. now it always uses "int" (isakmpd uses int, so it should be okay) set m_len properly on mcdonald-simple-ipsec-api getsockopt.
2000-05-25net.inet.ip.gif_ttl (and IPv6 counterpart) is never used.Jun-ichiro itojun Hagino
enforce type checking on IN6_ARE_ADDR_EQUAL.
2000-02-09improve RFC2553/2292 conformance. netinet6/{ip6,icmp6,in6}.h should notJun-ichiro itojun Hagino
be included. neitnet6/{ip6,icmp6}.h includes #error statements only - i'll remove them couple of days later.
2000-01-26new bindresvport() semantics that itojun, shin, jean-luc and i have agreed ↵Theo de Raadt
on, which will be happy for the future. bindresvport_sa() for sockaddr *, too. docs later..
2000-01-21Rename the ip4_* routines to ipip_*, make it so GIF tunnels are notAngelos D. Keromytis
affected by net.inet.ipip.allow (the sysctl formerly known as net.inet.ip4.allow), rename the VIF ipip_input to ipip_mroute_input.
2000-01-18Bump IPPROTO_MAX to include IPPROTO_MOBILE and IPPROTO_ETHERIP.Angelos D. Keromytis
2000-01-11Remove ifdef'ed out definitions.Angelos D. Keromytis
2000-01-10Add 10 new ipsec-related sysctl variables...they are currently underAngelos D. Keromytis
net.inet.ip; perhaps they should be moved under net.inet.ipsec or some such.
2000-01-10Add net.inet.ip.ipsec-invalid-life, default value 60 seconds; theAngelos D. Keromytis
amount of time embryonic SAs will be kept before they have to be initialized by key management (this only affects automated key management).
2000-01-09Add a sysctl for IPsec ingress access control (better explanation on aAngelos D. Keromytis
follow-up commit).
2000-01-07Forgot the names here...Angelos D. Keromytis
2000-01-07IPPROTO_GRE and IPPROTO_MOBILE definitions (from NetBSD)Angelos D. Keromytis
1999-12-18too much software forgets to include sys/socket.h, SIGHTheo de Raadt
1999-12-16rresvport_af() and bindresvport_af()Theo de Raadt
1999-12-08bring in KAME IPv6 code, dated 19991208.Jun-ichiro itojun Hagino
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details. GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
1999-10-28Add etherip.allow sysctl node entry.Angelos D. Keromytis
1999-10-28Define IPPROTO_ETHERIP.Angelos D. Keromytis
1999-04-11Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default.Niklas Hallqvist
If you are going to use either of AH or ESP or both, enable these in /etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now named net.inet.ip.encdebug. Some corrected function signatures too.
1999-04-09The kernel parts of a sysctl that can switch on/off IP-in-IP (protocol 4)Niklas Hallqvist
support, when IPSEC is compiled in. The default is disabled. Turn on with: sysctl -w net.inet.ip4.allow=1 ***Only*** do this if you are really knowing what you do! This control does not control the tunnel modes of ESP and AH.
1999-03-27add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoingNiels Provos
SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
1999-03-24Removed old NRL convention in6a_words virtual-field from struct in6_addr.cmetz
Let's not encourage the use of an obsolete convention.
1999-02-24Added in.h definitions required by IPv6 Basic API and Advanced API specs, andcmetz
a few extras that are just plain useful. Note that I used u_intxx_t instead of the POSIX p1003.1g uintxx_t that those specs mandate, so as to not increase the number of outside symbol definitions that in.h depends on.