| Age | Commit message (Collapse) | Author |
|---|
|
ifpp - XXX: just for statistics
ifpp is always NULL in all callers so that statistic confirms ifpp is
dying
OK mpi@
|
|
In all but two calls NULL is passed and in the other 2 cases the ifp
is only used to maybe feed it to in6_selecthlim() to select the hoplimit
for the link. Since in6_embedscope() only works on link-local addresses
it does not matter what hop limit we select since the destination is
directly reachable.
OK florian@ mpi@
|
|
the 3rd argument of in6_recoverscope() and make it return void.
OK dlg@ mikeb@
|
|
The SIOCGIFSTAT_ICMP6 is no longer supported.
ok dlg@, mikeb@, claudio@
|
|
We do not export those per-ifp statistics and they will soon all die.
"We're putting inet6 on a diet" claudio@
ok dlg@, mikeb@, claudio@
|
|
divert->addr means that the rule has a divert-reply option. With
divert-to the divert->addr is always set. The divert-reply rules
should compare the original packet with the socket addresses. So
skip the step that compares the inp->inp_laddr with the empty
divert->addr.
OK mikeb@
|
|
packets with a different ICMP ID are sent over the same raw socket,
multiple states should be created. Put a similar check into
rip6_output() like in the IPv4 case.
OK mikeb@
|
|
ok stsp mpi
|
|
compatibility with 4.3BSD in September 1989.
*Pick your own definition for "temporary".
ok bluhm@, claudio@, dlg@
|
|
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
|
|
|
is to clear the damn embedded scope.
At this point the receiving interface should not matter and will in the
future be cleared to prevent such layer violations.
This prevent exporting addresses with embedded scope to userland.
Found the hardway by and ok florian@
|
|
before <net/pfvar.h> or <net/if_pflog.h>. The kernel files can be
cleaned up next. Some sockaddr_union steps make it into here as well.
ok naddy
|
|
ok mikeb@, krw@, bluhm@, tedu@
|
|
pf the state has to vanish immediately when the relay closes the
socket. To make this work reliably, the linkage between state and
socket must be established with the first packet. This packet could
be incomming or outgoing.
Link the pf state in the socket layer earlier. This makes all tests
in /usr/src/regress/sys/net/pf_divert pass.
OK henning@
|
|
you don't have a physical interface on your machine, so why rawip should
be more clever^Wparanoid than the others?
ok henning@, mikeb@
|
|
|
|
after discussions with beck deraadt kettenis.
|
|
error code and pass the resulting source address back to the caller
through a pointer, as suggested by chrisz. This gives us more readable
code, and eases the deletion of useless checks in the callers' error path.
Add a bunch of "0 -> NULL" conversions, while here.
ok chrisz@ mpi@
|
|
Avoid the confusion by using an appropriate name for the variable.
Note that since routing domain IDs are a subset of the set of routing
table IDs, the following idiom is correct:
rtableid = rdomain
But to get the routing domain ID corresponding to a given routing table
ID, you must call rtable_l2(9).
claudio@ likes it, ok mikeb@
|
|
OK mikeb@
|
|
in the base. Ports fixes to follow shortly for the two ports (gkrellm
and net-snmp) affected.
ok zhuk@ millert@
|
|
ok henning@, mikeb@
|
|
stack (factoid: by a bunch of people in my living room), some compatibility
#define's were created to shim incompatible inpcb access methods. There
was an understanding they would eventually be removed. Since they are
error prone, and 1999 is a long time ago, now they die.
ok mikeb claudio mpi
|
|
Still some important missing pieces, and this is not yet enabled.
OK bluhm@
|
|
created a bunch of useless dependencies. Remove this implicit
inclusion and do an explicit #include <netinet6/in6_var.h> when it
is needed.
OK mpi@ henning@
|
|
OK henning@ markus@
|
|
OK claudio@
|
|
with sin6tosa() or satosin6() inline functions. This allows the
compiler to check the types more strictly.
OK mpi@
|
|
allow the assingment of &sa6_any. But rip6_ctlinput() could not
guarantee that as it casted away the const attribute when it passes
the pointer to in6_pcbnotify(). Replace sockaddr with const
sockaddr_in6 in the in6_pcbnotify() parameters. This reduces the
number of casts. Also adjust in6_pcbhashlookup() to handle the
const attribute correctly.
Input and OK claudio@
|
|
ok deraadt@, tedu@ (implicit)
|
|
OK markus@
|
|
No binary change.
OK claudio@
|
|
three different ways. Use the same code in udp_usrreq() and
rip_usrreq() and rip6_usrreq(). This also fixes a pcb and socket
leak in udp_usrreq() in case soreserve() fails. Put an splsoftassert()
into in_pcballoc() for safety.
OK mpi@
|
|
OK deraadt@ guenther@
|
|
|
|
ifatoia6 macros do not check the source type. They just cast
anything. Remove needless casts and do not use those macros if the
source type does not match. Remove duplicate defines.
No binary change. OK kettenis@ krw@
|
|
dhill.
ok krw@, mikeb@, tedu@ (implicit)
|
|
No binary change.
OK claudio@
|
|
which packets (as in direction) of the traffic will be diverted
through the divert socket.
ok claudio@, henning@
|
|
ok mikeb
|
|
at least krw@, pirofti@ and todd@ have been seeing panics (todd and krw
with xxxterm not sure about pirofti) involving pool corruption while
using this commit.
krw and todd confirm that this backout fixes the problem.
ok blambert@ krw@, todd@ henning@ and kettenis@
Double link between pf states and sockets. Henning has
already implemented half of it. The additional part is: -
The pf state lookup for outgoing packets is optimized by
using mbuf->inp->state.
- For incomming tcp, udp, raw, raw6 packets the socket
lookup always is optimized by using mbuf->state->inp.
- All protocols establish the link for incomming packets.
- All protocols set the inp in the mbuf for outgoing packets.
This allows the linkage beginning with the first packet
for outgoing connections.
- In case of divert states, delete the state when the socket
closes. Otherwise new connections could match on old
states instead of being diverted to the listen socket.
ok henning@
|
|
implemented half of it. The additional part is:
- The pf state lookup for outgoing packets is optimized by using
mbuf->inp->state.
- For incomming tcp, udp, raw, raw6 packets the socket lookup always
is optimized by using mbuf->state->inp.
- All protocols establish the link for incomming packets.
- All protocols set the inp in the mbuf for outgoing packets.
This allows the linkage beginning with the first packet for
outgoing connections.
- In case of divert states, delete the state when the socket closes.
Otherwise new connections could match on old states instead of
being diverted to the listen socket.
ok henning@
|
|
functions. OK blambert@
|
|
sysctl.h was reliant on this particular include, and many drivers included
sysctl.h unnecessarily. remove sysctl.h or add proc.h as needed.
ok deraadt
|
|
alternate routing table and separate them from other interfaces in distinct
routing tables. The same network can now be used in any doamin at the same
time without causing conflicts.
This diff is mostly mechanical and adds the necessary rdomain checks accross
net and netinet. L2 and IPv4 are mostly covered still missing pf and IPv6.
input and tested by jsg@, phessler@ and reyk@. "put it in" deraadt@
|
|
Before accessing a ro_rt make sure the route is either freshly allocated or
RTF_UP is set. If not ro_rt should be freed and reallocated or at least no
info from the ro_rt should be considered valid.
This seems to solve the crashes seen by Felipe Alfaro Solana.
some sort of OK dlg@
|
|
Found by LLVM/Clang Static Analyzer.
ok henning@ mpf@
|
|
ok todd deraadt naddy bluhm
|
|
provide netstat(1) with data it needs; ok claudio reyk
|
