| Age | Commit message (Collapse) | Author |
|---|
|
ok fries, hshoexer, claudio
|
|
Before accessing a ro_rt make sure the route is either freshly allocated or
RTF_UP is set. If not ro_rt should be freed and reallocated or at least no
info from the ro_rt should be considered valid.
This seems to solve the crashes seen by Felipe Alfaro Solana.
some sort of OK dlg@
|
|
M_ANYCAST6 was only used to signal tcp6_input() that it should drop the
packet and send back icmp error. This can be done in ip6_input() without
the need for a mbuf flag. Gives us back one slot in m_flags for possible
future need. Looked at and some input by naddy@ and henning@. OK dlg@
|
|
ok bluhm, fries, mpf; fixes pr 4188
|
|
This should take care of the simpler ones (i.e., timeout values of
integer multiples of hz).
ok krw@, art@
|
|
recycle mbufs. Based on an initial diff by henning@, also tested by todd@.
ok henning@
|
|
that the source address matches one of the interfaces address prefixes.
From NetBSD, tested by todd@ and naddy@
|
|
to prevent state key mismatches.
ok henning@
|
|
Found by LLVM/Clang Static Analyzer.
ok henning@ mpf@
|
|
pf_pkt_addr_changed to clear the recorded pf state information in the hdr
claudio ok
|
|
OK deraadt@, henning@
|
|
been moved to the protocol layer from ip_output at 2002/05/31. The
IPv6 part has been forgotten so packets could get encrypted
unintentionally.
ok hshoexer markus
|
|
every field individually.
ok claudio@ markus@ henning@ deraadt@
|
|
code. This fixes in6_ifloop_request warnings seen on carp interfaces.
OK henning@, found and tested by david@
|
|
ok todd deraadt naddy bluhm
|
|
ok mpf naddy
|
|
near maximal (2^32) cycle times. These are useful for network
IDs in cases where there are negative consequences to ID prediction
and/or reuse.
Use the idgen32() functions to generate IPv6 IDs and NFS client/server
XIDs.
Pseudorandom permutation code in crypto/idgen.c based on public
domain skip32.c from Greg Rose.
feedback & ok thib@ deraadt@
|
|
take a proc argument, theres no need for these, since
they are just wrappers.
OK claudio@
|
|
get hung in nfs_reconnect() because they do not have the proper
privilages to bind to a socket, by adding a struct proc * argument
to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind)
and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@.
"go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@).
Fixes PR5135 too.
|
|
|
|
|
|
be left over. OK henning@
|
|
ln_hold or la_hold into temporary storage and null ln_hold or
la_hold before manually processing the mbuf chain. Discard the mbuf chain
if it is put back in the hold area.
ok claudio@ markus@
|
|
and the one route with the lowest number wins. This will be used by the
routing daemons to resolve the synchronisations issue in case of conflicts.
The nasty bits of this are in the multipath code. If no priority is specified
the kernel will choose an appropriate priority.
Looked at by a few people at n2k8 code is much older
|
|
|
|
it by reading the queues head pointer. if that pointer is not null
then it takes splnet and dequeues a packet for handling. this is
bad because the ifqueue head is modified at splnet and the sofnet
handlers read it without holding splnet.
this removes that check of the head pointer and simply checks if
the dequeue gave us a packet or not before proceeding.
found while reading mpls code.
discussed with norby@ and henning@
ok mcbride@ henning@
|
|
power of two.
use arc4random_bytes() when requesting more than a word of PRNG
output.
ok deraadt@
|
|
cmsg's, including alignments, ie. the sum of CMSG_SPACE()'s. any other
interpretation would be in violation of various unix specifications.
RFC3542 section 20.2 is totally and completely wrong -- it is not
allowed to over-ride the specification of msg_controllen, since the
intent is that one could mix-and-match various types of cmsg's and an
exact match is therefore required. ok kettenis, tested by many
|
|
ok jsing@
|
|
hostname starts with a digit. ok mcbride
|
|
the current route, so make sure RTF_LLINFO is still set; fixes pr 5711;
with krw@ and claudio@; ok jsing@
|
|
m_copydata() on it.
Bug report and fix from Todd Carson.
|
|
Instead of using the same IP on multiple interfaces, carp has to be
configured with the new "carpnodes" and "balancing" options.
# ifconfig carp0 carpnodes 1:0,2:100,3:100 balancing ip carpdev sis0 192.168.5.50
Please note, that this is a flag day for anyone using carp balancing.
You'll need to adjust your configuration accordingly.
Addititionally this diff adds IPv6 NDP balancing support.
Tested and OK mcbride@, reyk@.
Manpage help by jmc@.
|
|
ok claudio@ krw@ dlg@
|
|
provide netstat(1) with data it needs; ok claudio reyk
|
|
ok claudio gilles
|
|
sys/dev/pci/pciide.c from naddy@
|
|
sys/netinet/in_pcb.c and sys/net/bridgestp.c ok henning@
sys/dev/pci/bktr/* ok jakemsr@
|
|
ok krw@
|
|
where obvious.
|
|
- if we have curly braces within #if directive, we will have problem with
matching using vi "%" command
- without curly braces it becomes ambiguous which statement is within which
effect of which "if" statement
ok mcbride@
|
|
some I found afterwards, ok dlg
|
|
we need a pointer to the inpcb to decide, which was not previously
passed to ip6_output, so this diff is a little bigger.
from itojun, ok ryan
|
|
from itojun@
|
|
|
|
many assumptions were made about the way the various list types are
implemented.
lots of suggestions and help from otto and miod.
ok otto@
|
|
boring details:
pf used to use an mbuf tag to keep track of route-to etc, altq, tags,
routing table IDs, packets redirected to localhost etc. so each and every
packet going through pf got an mbuf tag. mbuf tags use malloc'd memory,
and that is knda slow.
instead, stuff the information into the mbuf header directly.
bridging soekris with just "pass" as ruleset went from 29 MBit/s to
58 MBit/s with that (before ryan's randomness fix, now it is even betterer)
thanks to chris for the test setup!
ok ryan ryan ckuethe reyk
|
|
headers, regardless of forwarding path. It's the sane thing to do.
ip6_check_rthdr0() function from claudio@
ok deraadt@ claudio@ henning@
|
|
more then 10 headers nested.
OK deraadt@ henning@ mcbride@
|
|
|
