Age | Commit message (Collapse) | Author | |
---|---|---|---|
2001-06-08 | Cut down on include files. | Angelos D. Keromytis | |
2001-06-05 | repair copyright notices for NRL & cmetz; cmetz | Theo de Raadt | |
2001-05-27 | Remove unnecessary XXX comment. | Angelos D. Keromytis | |
2000-12-13 | more random tcp sequence numbers. okay deraadt@, angelos@ | Niels Provos | |
2000-12-11 | nuke #ifdef TCP6 (no longer supported). | Jun-ichiro itojun Hagino | |
validate ICMPv6 too big messages (pmtud) based on pcb. we accept certain amount of non-validated ones, as IPv6 mandates ICMPv6 (so even for traffic from unconnected pcb, we need pmtud). sync with kame | |||
2000-10-14 | implement net.inet.tcp.rstppslimit. rate-limits outbound TCP RST traffic | Jun-ichiro itojun Hagino | |
to less than N per 1 second. | |||
2000-09-19 | Lots and lots of changes. | Angelos D. Keromytis | |
2000-07-11 | compute correct window scale when recvpipe option is set in route; based | Niels Provos | |
on diff from "Pete Kazmier" <pete@kazmier.com> | |||
2000-07-06 | completely remove ipv4 mapped cases from tcp_input(). | Jun-ichiro itojun Hagino | |
cleanup (indentation, v4-or-v6 conditions) | |||
2000-07-05 | more cleanup for IPv4 mapped address support. there seem to be some | Jun-ichiro itojun Hagino | |
inconsistency in corner cases (from NRL I believe). todd (fries) and I have seen panic, with the following call chain: ip6_input -> tcp_input -> tcp_respond -> ip_input -> bang! more cleanups should be done, to decrease complexity. for example, INP_IPV6_MAPPED should be nuked. | |||
2000-06-18 | permit compilation of non-V6 kernels | Theo de Raadt | |
2000-06-18 | support ipv6 for tcp_ident | Bob Beck | |
2000-06-18 | for setsockopt/getsockopt, don't assume non-PF_INET6 address family as | Jun-ichiro itojun Hagino | |
PF_INET. we may see other family in the future... (pedant) | |||
2000-06-03 | correctly handle ctlinput messages for IPv6. | Jun-ichiro itojun Hagino | |
1999-12-21 | option TCP_NEWRENO goes away, its the default case for TCP_SACK if | Niels Provos | |
SACK is disabled for the connection or via sysctl | |||
1999-12-20 | decide address family for {set,get}sockopt() by domain table, | Jun-ichiro itojun Hagino | |
not from tcb. it will present more natural behavior. af for socket option obeys address family passed to bind(2). | |||
1999-12-08 | bring in KAME IPv6 code, dated 19991208. | Jun-ichiro itojun Hagino | |
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details. GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon). | |||
1999-09-01 | increase tcp_iss increment | Niels Provos | |
1999-07-06 | Added support for TCP MD5 option (RFC 2385). | cmetz | |
1999-07-02 | Significant cleanups in the way TCP is made to handle multiple network | cmetz | |
protocols. "struct tcpiphdr" is now gone from much of the code, as are separate pointers for ti and ti6. The result is fewer variables, which is generally a good thing. Simple if(is_ipv6) ... else ... tests are gone in favor of a switch(protocol family), which allows future new protocols to be added easily. This also makes it possible for someone so inclined to re-implement TUBA (TCP over CLNP?) and do it right instead of the kluged way it was done in 4.4. The TCP header template is now referenced through a mbuf rather than done through a data pointer and dtom()ed as needed. This is partly because dtom() is evil and partly because max_linkhdr + IPv6 + TCP + MSS/TS/SACK opts won't fit inside a packet header mbuf, so we need to grab a cluster for that (which the code now does, if needed). | |||
1999-03-24 | Replace 'in6a_words' (old NRL convention) with 's6_addr32' (new BSDI et al. | cmetz | |
convention that is more common and more specific as to the access size) | |||
1999-01-11 | netinet merge of NRL stuff. some indent and shrinkage needed; NRL/cmetz | Theo de Raadt | |
1999-01-07 | in_pcblookup() now takes ptr to both ip address arguments | Theo de Raadt | |
1999-01-07 | indent | Theo de Raadt | |
1998-11-17 | NewReno, SACK and FACK support for TCP, adapted from code for BSDI | Niels Provos | |
by Hari Balakrishnan (hari@lcs.mit.edu), Tom Henderson (tomh@cs.berkeley.edu) and Venkat Padmanabhan (padmanab@cs.berkeley.edu) as part of the Daedalus research group at the University of California, (http://daedalus.cs.berkeley.edu). [I was able to do this on time spent at the Center for Information Technology Integration (citi.umich.edu)] | |||
1998-06-27 | indent | Theo de Raadt | |
1998-06-27 | indent | Theo de Raadt | |
1998-06-27 | Disallow TCP connect() to multicast addresses; cmetz@inner.net | Angelos D. Keromytis | |
1998-06-26 | indent | Theo de Raadt | |
1998-06-11 | indent | Theo de Raadt | |
1998-06-10 | wasteland quality control cleanup | Theo de Raadt | |
1998-06-10 | New TCPCTL_IDENT sysctl for identd without kmem insanity. | Bob Beck | |
1998-05-18 | first step to the setsockopt/getsockopt interface as described in | Niels Provos | |
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal userland key management applications when security services are requested. this is only for outgoing connections at the moment, incoming packets are not yet checked against the selected socket policy. | |||
1998-02-28 | Another shot at disallowing TCP connections to 255.255.255.255, | Angelos D. Keromytis | |
0.0.0.0 and any local broadcast addresses. Tested. | |||
1998-02-25 | patch could not have been tested. panics machine on boot | Theo de Raadt | |
1998-02-25 | please indent as the file is currently indented | Theo de Raadt | |
1998-02-25 | Disallow TCP connects to 255.255.255.255 or local broadcast addresses. | Angelos D. Keromytis | |
1998-01-24 | sysctl for def sizes for tcp/udp send/recv queues | Michael Shalayeff | |
1998-01-20 | s/(cast)0/NYLL/g | Michael Shalayeff | |
1998-01-06 | so_linger is in seconds | Theo de Raadt | |
1998-01-03 | ignore PRU_SHUTDOWN if socket is already shutdown | Theo de Raadt | |
1997-08-09 | The list of tcp/udp ports not to allocate dynamically is now | Todd C. Miller | |
a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc. | |||
1997-07-24 | cmd is a u_long | Theo de Raadt | |
1997-06-14 | TCP/IP Illustrated Vol. 2, pg 1010. excessive testing in PRU_DETACH case; | Theo de Raadt | |
frueauf@ira.uka.de; confirmed by Andreas.Gunnarsson@emw.ericsson.se | |||
1997-06-06 | add net.inet.tcp.{keepidle,keepintvl,slowhz}; mouse@Rodents.Montreal.QC.CA | Theo de Raadt | |
1997-02-05 | use arc4random() | Theo de Raadt | |
1996-09-20 | `solve' the syn bomb problem as well as currently known; add sysctl's for | Theo de Raadt | |
SOMAXCONN (kern.somaxconn), SOMINCONN (kern.sominconn), and TCPTV_KEEP_INIT (net.inet.tcp.keepinittime). when this is not enough (ie. overfull), start doing tail drop, but slightly prefer the same port. | |||
1996-07-29 | Remove random() prototype, as it's not needed. Besides it was wrong for the ↵ | Niklas Hallqvist | |
alpha :-) | |||
1996-07-29 | Make TCP ISS increment by random amounts | Thorsten Lockert | |
1996-07-25 | SS_CONNECTOUT indicates socket was connect()ed at this end, accept()ed at ↵ | Theo de Raadt | |
other end |