| Age | Commit message (Collapse) | Author |
|---|
|
|
|
after discussions with beck deraadt kettenis.
|
|
the various bpf_mtap_* are very similiar, they differ in what (and to some
extent how) they prepend something, and what copy function they pass to
bpf_catchpacket.
use an internal _bpf_mtap as "backend" for bpf_mtap and friends.
extend bpf_mtap_hdr so that it covers all common cases:
if dlen is 0, nothing gets prepended.
copy function can be given, if NULL the default bpf_mcopy is used.
adjust the existing bpf_mtap_hdr users to pass a NULL ptr for the copy fn.
re-implement bpf_mtap_af as simple wrapper for bpf_mtap_hdr.
re-implement bpf_mtap_ether using bpf_map_hdr
re-implement bpf_mtap_pflog as trivial bpf_mtap_hdr wrapper
ok bluhm benno
|
|
mean?
ok deraadt@
|
|
your IPv4 routes.
mcbride@ says that this function has been introduced in order to be able
to reach the MASTER node from a BACKUP node using the CARP address. The
reasons are:
1) For troubleshooting, so I can ping or otherwise monitor the MASTER
host.
2) In some cases it's undesirable (or even not possible) to run
services on other IP addresses. For example, services that only allow
you to configure 1 listening IP, or services where you wish to avoid
users connecting to anything but the MASTER server.
Sadly this function becames a horrible hack. So if somebody thinks the
reasons explained before justify such logic, feel free to submit a
correct diff.
ok bluhm@, henning@, mikeb@
|
|
ever used to pass on uint32 (for ipsec). stop that madness and just pass
the uint32, 0 in all cases but the two that pass the ipsec flowinfo.
ok deraadt reyk guenther
|
|
carp_rewrite_lladdr to overwrite the src lladdr, get the intended src
lladdr before assembling the ethernet header.
carp_rewrite_lladdr -> carp_get_srclladdr
ok reyk claudio
|
|
Avoid the confusion by using an appropriate name for the variable.
Note that since routing domain IDs are a subset of the set of routing
table IDs, the following idiom is correct:
rtableid = rdomain
But to get the routing domain ID corresponding to a given routing table
ID, you must call rtable_l2(9).
claudio@ likes it, ok mikeb@
|
|
Instead of always copying ifa_flags to the routing entry flags when
creating a route by calling rtinit(), explicitly pass the RTF_CLONING
flag when required. This means ifa_flags are now *only* used to check
if an address has an associated route that was created by the kernel
auto-magically.
ok benno@
|
|
not like them!
Since carp(4) interfaces do some magic tricks to find a compatible
interface if you do not specify a `carpdev' argument, make them
iterate over &ifnet instead of &in{,6}_ifaddr.
ok benno@, mikeb@, florian@
|
|
coherent with the existing rtable_* functions and document it.
While here fix some other manpage glitches pointed out by jmc@.
|
|
address and not the mac of the physical interface as target lladdr.
This allows us to get rid of the hack adding and removing the route to
loopback of a carp node when its status switch to master and backup
respectively. Now the route entry will no longer be updated to use the
mac address of the physical interface of the master node as gateway.
While here send the ARP request through the carp interface for consistency.
Analysed with and ok mikeb@, ok bluhm@
|
|
if we're acting as router. Otherwise clients lose the default route
learned from router advertisements during carp failover.
Patch by Ole Myhre; ok bluhm@
|
|
reading it from the packet header. While here makes carp_input()
take the same arguments as ether_input().
ok bluhm@, mikeb@
|
|
consistent with struct ifaddr "ifa" and struct in_ifaddr "ia".
OK mpi@
|
|
|
|
dereferencing the mbuf various times. No functional change.
ok mpf@, bluhm@
|
|
ok deraadt@
|
|
miod@ cannot find two boards using the same media.
With precious punctuation review from guenther@, thanks!
ok deraadt@, henning@
|
|
Still some important missing pieces, and this is not yet enabled.
OK bluhm@
|
|
they have found the interface address, so we can get rid of the
additional variable ia_if. No functional change.
OK mpi@ phessler@
|
|
has been found. This makes the IPv6 code work like IPv4.
OK mpi@
|
|
created a bunch of useless dependencies. Remove this implicit
inclusion and do an explicit #include <netinet6/in6_var.h> when it
is needed.
OK mpi@ henning@
|
|
missing. Especially the IN6_IS_ADDR_LINKLOCAL() macro should not
be necessary in IPv4 only code. No binary change.
OK henning@ claudio@
|
|
Reported by naddy@
|
|
structure rather than doing various M_WAITOK allocations during
the *attach() functions, we always rely on them anyway.
ok mikeb@, uebayasi@
|
|
iterating once we found a matching address.
ok mpf@, yasuoka@, henning@
|
|
|
|
one so that we can use the real MAC address for carp(4) like an example
following.
ifconfig carp0 carpdev REALIF lladdr <real interface's lladdr>
ok reyk mcbride
|
|
slipped by on i386, but the zaurus doesn't automagically pick it up.
spotted by patrick
|
|
.h files to pull it in, if needed
ok tedu
|
|
|
|
ok beck@, mikeb@
|
|
ok bluhm@, mikeb@
|
|
|
|
is really needed, instead of an ethernet header and selector.
ok mikeb henning mpf
|
|
to a radix_node struct.
The radix tree pushdown continues.
ok claudio@
|
|
in my tree for a while and I forgot what exactly triggered it, but in one
way or another this comes from the netbsd camp
ok benno mpf
|
|
figured out by and ok guenther
|
|
to connect to the carp address when the carpdev interface has
an ip address too in the non-default rdomain.
ok claudio
|
|
the advskew as the master down timeout.
OK henning.
|
|
1.175.
ok henning mpf
|
|
in the v6 input path. IP6_EXTHDR_GET() internally uses m_pulldown(),
which might return a pointer to a different mbuf in the chain.
In this case, carp_cksum() will be called with the wrong mbuf.
This fixes occasional checksum mismatches.
Problem found and initial fix by stsp@
OK stsp@
|
|
This lets carp delete IFF_PROMISC on its carpdev upon destroy.
Fix from Stefan Rinkes.
OK sthen, bluhm, deraadt.
|
|
mkay? ok ryan
|
|
that are not up. OK henning.
|
|
with advertisement intervals of less than a second.
This is needed in setups where takover times < 3s are needed.
Don't use this unless you really need it. Running with
too agressive timeouts might lead to false positive
takeovers.
OK mcbride, claudio.
|
|
OK claudio@
|
|
a special meaning and should only be set if the link state is not known
because it is considered as being up. Use LINK_STATE_INVALID instead.
OK mpf@ mcbride@ henning@
|
|
essentially identical; the only difference being that m_pullup2 is
capable of handling mbuf clusters, but called m_pullup for shorter
lengths (!).
testing dlg@ ok claudio@
|
