Age | Commit message (Collapse) | Author |
|
A race can happen if a task, like the watchog, sleeps too long keeping
an ifp reference while the interface is detached. In this case a TCP
timer will try to send packets with a cached route. Since the ifp is
being detached if_get(9) returns NULL.
Found the hardway by awolk@.
ok bluhm@
|
|
ok mpi@ visa@
|
|
IP_TTL can be reset by passing -1, IP_MINTTL can be reset by passing 0.
This is consistent with what Linux does and
IPV6_UNICAST_HOPS/IPV6_MINHOPCOUNT.
ok bluhm@
|
|
instead of EHOSTUNREACH. On the latter, ip_forward can generate undesired
icmp errors - either pf generates those itself (block return), or there
shouldn't be any.
Bizarrely enough, ip_forward has EACCES handling with a comment specifically
pointing to packets blocked by pf, but the code in ip_output used EHOSTUNREACH
from day #1 on.
found & analyzed by Kristof Provost <kp at FreeBSD>, discussed at BSDcan
ok mpi millert
|
|
packet.
ok visa@, stsp@, sthen@
|
|
Ok phessler@, henning@
|
|
is not intended and will behave unexpectedly if the address is
already used in another domain. It did not work anyway, as the PCB
ended in the wrong hash bucket after changing the rtable. Fail
with EBUSY if the socket is already bound and rehash the PCB if its
rtable changes.
input claudio@; OK mpi@
|
|
|
|
work in the forwarding path.
Tested by Hrvoje Popovski, ok dlg@
|
|
This removes the only use of ETOOMANYREFS in our code, making intro(2)
match reality. No software out there explicitely checks for ETOOMANYREFS
in multicast code.
Discussed with millert@ and mpi@ (who suggested using ENOBUFS)
|
|
an interface joined a specific multicast group.
ok phessler@, visa@, dlg@
|
|
ok mikeb@, bluhm@
|
|
ok henning
|
|
(follow up on my earlier commit)
OK bluhm@
|
|
|
|
required.
ok bluhm@ mpi@.
|
|
|
|
for failed route lookups. This is something that was maybe useful in the
90is but in this modern times it is just annoying and nothing expect it
anyway. OK mpi@, sthen@
|
|
|
|
This simplifies the if_get()/if_put() dance.
Tested by jasper@
|
|
ip_output().
Note that ipmforwarding is not enabled by default.
|
|
descriptor.
Allow to get rid of two if_ref() in the output paths.
ok dlg@
|
|
IP options or if an IPv6 packet contains header extensions.
Required by cnmac(4) and a sensible precautionary measure in general.
ok visa@, mikeb@
|
|
ok claudio@
|
|
this can be used as an alternative to sysctl net.inet.ip.ttl, in
programs that use pledge().
ok reyk@, "Like this" deraadt@
|
|
While here add a missing ``rtableid'' check in in_selectsrc().
ok bluhm@
|
|
Note that after calling rtalloc(9) we only check if a route has been
returned or not and do not check for its validity. This cannot be
improved without a massive refactoring.
The kernel currently *do* use !RTF_UP route due to a mismatch between
the value of ifp->if_link_state and the IFF_UP|IFF_RUNNING code.
I'd explain the RTF_UP flag as follow:
. If a cached route entry w/o RTF_UP is passed to ip{6,}_output(),
. call rtalloc(9) to see if a better entry is present in the tree.
This is enough to support MPATH and route cache invalidation.
ok bluhm@
|
|
|
|
specific places.
ok claudio@, benno@
|
|
needs to see lo0 in the output path.
ok claudio@
|
|
lookup to ensure pf_test() is called with the same interface in the
input annd output path for local traffic.
Fix a regression reported by Heiko Zimmermann on bugs@, thanks!
ok mikeb@, claudio@
|
|
Use instead the RTF_LOCAL flag to loop local traffic back to the
corresponding protocol queue.
With this change rt_ifp is now always the same as rt_ifa->ifa_ifp.
ok claudio@
|
|
the protocol queues.
It basically does what looutput() was doing but having a generic
function will allow us to get rid of the loopback hack overwwritting
the rt_ifp field of RTF_LOCAL routes.
ok mikeb@, dlg@, claudio@
|
|
Found by jsg@ with clang
|
|
OK dlg@
|
|
Merge the two blocks into one that is executed before the IPSec tdb lookup.
OK mpi@ which had a sent out a similar diff around 3 years ago.
|
|
Found the hardway by naddy@
|
|
This introduces a behavior change as we now reject !RTF_UP routes to
output packets. This stricter check exposed a bug in the setup of
new routes and was the reason for the previous revert. This should
be now fixed by r1.229 of sys/net/route.c .
ok bluhm@
|
|
configured networks on RAMDISK kernels.
The problem is that the default route installed by dhclient(8) does not
have the RTF_UP flag in this environement and rtisvalid(9) doesn't allow
you to use a RTF_DOWN route.
|
|
ok bluhm@
|
|
Reported by jsg@, ok deraadt@
|
|
This pseudo-option is a hack to support return-rst on bridge(4). It
passes Ethernet information via a "struct route" through ip_output().
"struct route" is slowly dying...
ok claudio@, benno@
|
|
ok stsp mpi
|
|
compatibility with 4.3BSD in September 1989.
*Pick your own definition for "temporary".
ok bluhm@, claudio@, dlg@
|
|
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
|
annoying trailing, leading and embedded whitespace. No change to
.o files.
ok deraadt@
|
|
|
|
ok krw@ miod@
|
|
No objection from reyk@, OK markus, hshoexer
|
|
ok mikeb
|