| Age | Commit message (Collapse) | Author |
|---|
|
pcb. the state key ptr in the pcb is the one that had to be used by pf
outbound. but by convention the state key pointer in the pkthdr is the one
used INbound, so pf follows its reverse pointer to find the sk to use,
and since a reverse doesn't exist for locally terminated connections the
reverse pointer is null and thus the whole game a noop.
note that this only affects packets FROM local udp/tcp sockets, for the
other direction everything works as expected.
|
|
ok markus, also tested david sthen
|
|
whilst we're here.
ok henning@ deraadt@
|
|
ok markus@
|
|
take a proc argument, theres no need for these, since
they are just wrappers.
OK claudio@
|
|
get hung in nfs_reconnect() because they do not have the proper
privilages to bind to a socket, by adding a struct proc * argument
to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind)
and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@.
"go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@).
Fixes PR5135 too.
|
|
|
|
for pf(4) diverted packets; based on patch by Scot Loach; ok beck@
|
|
makes transparent proxies much easier; ok beck@, feedback claudio@
|
|
get a timestamp of when the datagram was accepted (by udp(4), for
example) rather than having to take a timestamp with gettimeofday(2)
when recv(2) returns - possibly several hundreds of microseconds later.
May be of use to those interested in precision network timing schemes
or QoS for media applications. Tested on alpha, amd64, i386 and sparc64.
manpage suggestions from jmc, ok deraadt
|
|
change netstat to use them instead of accessing kvm for it. more
protocols will be added later.
discussed with deraadt@ claudio@ gilles@
ok deraadt@
|
|
not get build. the code looks at flags that used to be in mbuf tags, now
they are in the mbuf header, so we can check them unconditionally.
problem spotted by Daniel Roethlisberger <daniel@roe.ch>, ok ryan markus
|
|
|
|
the kernel still handles RFC2292 set/getsockopts, so that compiled binary
has no trouble running. userland sees RFC3542 symbols only on header file
so new code has to use RFC3542 API.
bump libc shlib minor for function additions.
tested on i386/amd64 by jmc, i386 by brad. checked by deraadt.
|
|
SO_REUSEADDR and multicast/broadcast comes into play. Model the ip_savecontrol
handling after the rip_input version which works.
Problem found by Simon Kelley. OK henning@ michele@
|
|
the INET6 code. With this it is possible to use e.g. IP_RECVIF to get the
incomming interface. SOCK_RAW is not affected by this.
Problem found and fixed by Michele 'mydecay' Marchetto. OK markus@
|
|
henning@ claudio@ ok
|
|
Additionally add the IP_RECVIF option which returns the interface a packet
was received on. OK markus@ norby@
|
|
need to save/restore it.
- inp->inp_laddr should be set _before_ calling pcb_disconnect().
otherwise pcb_disconnect() calls pcb_rehash() with the old laddr.
[ currently this is not a problem since the hash ignores laddr ]
tested by pedro
|
|
OK markus@, "looks good" hshoexer@
|
|
in the data part for the data from the previously distinct tags.
look up the tag early and carry a pointer to it around.
makes the code easier and saves some tag lookups and thus helps performance,
as proven by tests run by Schberle Dniel <Schoeberle.Daniel@aamtech.hu>
Initially hacked up somewhere over the atlantic ocean in an A330
early testing reyk and moritz, "put it in" theo
|
|
on the local network support them.
This adds a new socket option, SO_JUMBO, and a new route flag,
RTF_JUMBO. If _both_ the socket option is set and the route for the host
has RTF_JUMBO set, ip_output will fragment the packet to the largest
possible size for the link, ignoring the card's MTU.
The semantics of this feature will be evolving rapidly; talk to us
if you intend to use it.
ok deraadt@ marius@
|
|
ok krw@ canacar@
|
|
all connections; ok dhartmei, canacar, mcbride
|
|
|
|
|
|
report from Pyun via dhartmei@; ok mcbride@, dhartmei@
|
|
|
|
|
|
|
|
|
|
use the the presence of this tag to reverse the match order in
in{6}_pcblookup_listen(). Some daemons (such as portmap) do a double
bind, binding to both * and localhost in order to differentiate local
from non-local connections, and potentially granting more privilege to
local ones. This change ensures that redirected connections to localhost
do not appear local to such a daemon.
Bulk of changes from dhartmei@, some changes markus@
ok dhartmei@ deraadt@
|
|
ok deraadt@
|
|
with either in(6)_pcbhashlookup() or in(6)_pcblookup_listen();
in_pcblookup is now only used by bind(2); speeds up pcb lookup for
listening sockets; from Claudio Jeker
|
|
(please test, especially PF portion)
|
|
rescinded 22 July 1999. Proofed by myself and Theo.
|
|
|
|
markus & art ok
|
|
|
|
NULL to full 64 bits on a 64 bit address system. Soultion is to add a
(void *) cast before NULL. This makes a 64 bit MIPS kernel work and will
probably help future 64 bit ports as well.
OK from art@
|
|
|
|
This is a bullshit process. Test your shit before you toss it into the tree.
|
|
|
|
|
|
|
|
policy checking to a separate routine. Also, add missing checks for
multicast sockets, pointed out by sam@errno.com
|
|
|
|
|
|
|
|
the ANSI way.
|
