Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-08-11 | don't accept SYN-only TCP options for established connections; | Markus Friedl | |
cf FreeBSD-SA-05:15.tcp; ok claudio, mcbride | |||
2005-08-02 | change the TCP reass queue from LIST to TAILQ; | Markus Friedl | |
ok henning claudio fgsch krw | |||
2005-06-30 | implement PMTU checks from | Markus Friedl | |
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html i.e. don't act on ICMP-need-frag immediately if adhoc checks on the advertised mtu fail. the mtu update is delayed until a tcp retransmit happens. initial patch by Fernando Gont, tested by many. | |||
2005-04-25 | csum -> csum_flags | Brad Smith | |
ok krw@ canacar@ | |||
2005-04-05 | add tcp sack stats, similar to freebsd; ok deraadt | Markus Friedl | |
2005-03-12 | make sure code and comment match | Markus Friedl | |
2005-03-09 | from freebsd: | Markus Friedl | |
1. set rcv_laststart/rcv_lastend after checking the tcp window 2. pass rcv_laststart and rcv_lastend on the stack (shrink tcp state) ok henning, djm | |||
2005-03-04 | - check th_ack against snd_una/max; from Raja Mukerji via hugh@ | Markus Friedl | |
- limit pool to tcp_sackhole_limit entries (sysctl-able) - stop sack option processing on pool_get errors - use SEQ_MIN/SEQ_MAX ok henning, hshoexer, deraadt | |||
2005-02-27 | 1. tcp_xmit_timer(): remove extra rtt decrement (t_rtttime is 0-based | Markus Friedl | |
while t_rtt was 1-based), update callers 2. define and use TCP_RTT_BASE_SHIFT instead of the hardcoded 2. 3. add missing shifts when t_srtt/t_rttvar are used. 4. update the comments: t_srtt uses 5 bits of fraction (not 3) and t_rttvar uses 4 bits 5. remove obsolete/unused macros TCP_RTT_SCALE and TCP_RTTVAR_SCALE 6. make sure rttmin is not > TCPTV_REXMTMAX parts from netbsd, ok mcbride, henning | |||
2005-01-10 | Make sure bogus values don't make their way into tcp_xmit_timer() calculations. | Ryan Thomas McBride | |
- Ignore ts_ecr if it is 0, or the resulting rtt is out of range. (use tp->t_rtttime instead) - Initialise tcp_now to 1, to avoid the 500ms window where a valid ts_ecr of 0 could be ignored. - Convert out-of-range rtt values to valid ones in tcp_xmit_timer(). ok frantzen@ markus@ | |||
2004-12-30 | handle rtt < 0; markus ok | Theo de Raadt | |
2004-12-29 | fix indent | Markus Friedl | |
2004-11-25 | fix for race between invocation for timer and network input | Markus Friedl | |
1) add a reaper for TCP and SYN cache states (cf. netbsd pr 20390) 2) additional check for TCP_TIMER_ISARMED(TCPT_REXMT) in tcp_timer_persist() with mickey@; ok deraadt@ | |||
2004-10-28 | Modulate tcp_now by a random amount on a per-connection basis. | Ryan Thomas McBride | |
ok markus@ frantzen@ | |||
2004-09-22 | account for linkhdr size when choosing mbufs vs mbuf clusters | Theo de Raadt | |
ok dhartmei markus claudio henning mcbride ... | |||
2004-07-16 | undo 1.148, otherwise we have assymmetric cwnd when entering ESTABLISHED: | Markus Friedl | |
2mss on the server side, and 1mss on the client. | |||
2004-06-20 | remove #ifdef TUBA | Jun-ichiro itojun Hagino | |
2004-06-14 | Calculate optp (pointer to beginning of TCP options) based on th, not | Daniel Hartmeier | |
mtod(m), since the previous IP6_EXTHDR_GET() only guarantees this part to be continuous. Report from Andreas Bartelt. ok markus@, itojun@ | |||
2004-06-08 | factor out md5 code; ok+tests henning@, djm@, hshoexer@ | Markus Friedl | |
2004-05-31 | simplify; ok henning, itojun | Markus Friedl | |
2004-05-27 | the tcp header might be in a different mbuf after pulldown(); | Markus Friedl | |
fixes tcp corruption on rl(4); ok itojun, cedric | |||
2004-05-26 | use sa_family not inp; netbsd merge error; ok dhartmei | Markus Friedl | |
2004-05-21 | use 'mss' as lower limit, since 'ifp' might not be set; ok dhartmei@, henning@ | Markus Friedl | |
report and test by mpf@ | |||
2004-05-07 | Replace RSA-derived md5 code with code derived from Colin Plumb's PD version. | Todd C. Miller | |
This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@ | |||
2004-05-04 | The tcp specific routing metrics are almost never used so reduce the routing | Claudio Jeker | |
table from these metrics. struct rt_msghdr used by the routing socket is not affected and so most userland apps don't need to be changed. some man page polishing by jmc@ OK henning@ markus@ theo@ | |||
2004-04-26 | - allow the user to force the TCP mss below the fail-safe 216 with a low | Mike Frantzen | |
interface MTU. - break a tcp_output() -> tcp_mtudisc() -> tcp_output() infinite recursion when the TCP mss ends up larger than the interface MTU (when the if_mtu is smaller than the tcp header). connections will still stall feedback from itojun@, claudio@ and provos and testing from beck@ | |||
2004-04-20 | add tcps_rcvacktooold; ok deraadt | Markus Friedl | |
2004-04-15 | Unbreak INET6less kernels. | Alexander Yurchenko | |
ok markus | |||
2004-04-15 | allow TCP packet with IPv4 option (we have been dropping these). | Jun-ichiro itojun Hagino | |
simplify some of the codepath by using IP6_EXTHDR_GET. markus ok | |||
2004-04-14 | syn_cache_get: send RST instead of RST+ACK in response to ACK; ok deraadt | Markus Friedl | |
2004-04-12 | factor out dropafterack_ratelim code, use ratelimit | Markus Friedl | |
for tcps_rcvacktoomuch, too; drop very old ACKs; ok deraadt@ | |||
2004-04-04 | on in-window SYN, send back rate-limited ACK; ok dhartmei frantzen markus | Theo de Raadt | |
2004-03-17 | typo in comment (fragment->segment); ok itojun@ | Markus Friedl | |
2004-03-02 | limit total number of queued out-of-order packets to NMBCLUSTERS/2; ok mcbride | Markus Friedl | |
2004-02-27 | implement tcp_drain() similar to ip_drain(); ok mcbride@ | Markus Friedl | |
2004-02-11 | make mss signed; avoids large mss if ifp==NULL; ok itojun@ | Markus Friedl | |
2004-02-10 | check TF_SIGNATURE when calculating the mss; add TCPOLEN_SIGLEN and | Markus Friedl | |
avoid magic constants; ok henning@ | |||
2004-02-05 | take RFC2460 section 5 last paragraph into consideration when we compute MSS | Jun-ichiro itojun Hagino | |
(if path MTU < 1280, use 1280 as packet size and attach fragment header). markus ok | |||
2004-01-31 | !sack_disable -> sack_enable; ok deraadt@ | Markus Friedl | |
2004-01-29 | reset TCPT_KEEP to tcp_keepidle when switching to ESTABLISHED; | Markus Friedl | |
ok henning, deraadt | |||
2004-01-29 | turn off TF_SIGNATURE on the listen socket if there is no matching SA. | Markus Friedl | |
allows using a single listen socket for both tcpmd5 and plain tcp. ok aaron, henning. | |||
2004-01-29 | support for RFC3390 (Increasing TCP's Initial Window); ok deraadt, itojun | Markus Friedl | |
2004-01-29 | don't increase the cwnd on syn-ack; ok itojun@, deraadt@ | Markus Friedl | |
2004-01-22 | add gettdbbysrcdst(), just like gettdb(), but compares tdb_src as well; ok ↵ | Markus Friedl | |
mcbride@ | |||
2004-01-15 | es tanzt das KNF | Markus Friedl | |
2004-01-15 | move call to tcp_mss_update() from syn_cache_add() to syn_cache_get(), | Markus Friedl | |
when the 3-way handshake completes (and not on the listen pcb). ok itojun, dhartmei | |||
2004-01-14 | syncache+ipv6 support for TCP_SIGNATURE; with itojun; ok deraadt | Markus Friedl | |
2004-01-13 | bring back the old TCP_SIGNATURE code from tcp_input.c rev 1.45 | Markus Friedl | |
and make it compile (does not work yet); ok deraadt@ | |||
2004-01-13 | pass pcb and not socket to ip_output; #ifdef SACK; ok itojun@ | Markus Friedl | |
2004-01-09 | decrease min mss to (256 - 40); ok deraadt | Markus Friedl | |