Age | Commit message (Collapse) | Author |
|
Found while comparing IPv4 and IPv6 versions.
ok naddy@
|
|
Reported by jsg@, ok deraadt@
|
|
As a side effect there's no need to run if_attachdomain() after the
list of domains has been built.
ok claudio@, reyk@
|
|
|
|
AUTOCONF'd addresses.
This prevent the kernel from removing connected (/64) routes as soon as
it configures an AUTOCONF'd address based on a RA.
Tested by sebastia@, ok sthen@
|
|
rtrequest1(9).
This simplifies rtfree(9) dances and will prevent another CPU to free
the entry before we're done with it as soon as routing functions can
be executed in parallel.
ok bluhm@, mikeb@
|
|
IN6_IFF_NODAD pseudo-flag not being set.
This was just a flag for spaghetti code that should not exist in the
first place.
Tested by sebastia@, ok sthen@
|
|
everywhere to avoid passing around pointers to uninitialized stack
memory. While there, fix the call to in6_recoverscope() in
fill_drlist().
OK deraadt@ mpi@
|
|
variables to handle the "packed" binary format passed out to userland
when querying the prefix/router list. From NetBSD (Martin Husemann).
ok mpi@
|
|
The pathlist is a whitelist of dirs and files; anything else returns ENOENT.
Recommendation is to use a narrowly defined list. Also add TAME_FATTR, which
permits explicit change operations against "struct stat" fields. Some
other TAME_ flags are refined slightly.
Not cranking libc now, since nothing commited in base uses this and the
timing is uncomfortable for others. Discussed with many; thanks for a
few bug fixes from semarie, doug, guenther.
ok guenther
|
|
into a common pattern. In the man page clarify the usage of the
returned route.
OK mpi@ mikeb@ jmc@
|
|
propagated.
|
|
decrementing rt_refcnt just after rtrequest1(9).
While here reduce the differences with rt_ifa_add(9). There's still
an ambiguity about rtrequest1(9)'s return value, but bluhm@ will
address that in a different diff.
Discussed with and ok bluhm@
|
|
Prodded by and ok bluhm@
|
|
|
|
some grep output noise.
|
|
reject SIOCAIFADDR_IN6 ioctl(2) where it is set.
ok jca@, bluhm@
|
|
divert->addr means that the rule has a divert-reply option. With
divert-to the divert->addr is always set. The divert-reply rules
should compare the original packet with the socket addresses. So
skip the step that compares the inp->inp_laddr with the empty
divert->addr.
OK mikeb@
|
|
packets with a different ICMP ID are sent over the same raw socket,
multiple states should be created. Put a similar check into
rip6_output() like in the IPv4 case.
OK mikeb@
|
|
operating model". This is the kernel component; various changes should
proceed in-tree for a while before userland programs start using it.
ok miod, discussions and help from many
|
|
Code abusing the radix internals for the routing table should now
includes <net/rtable.h> and only deal with "struct rtentry".
Code using a radix tree for another purpose can still include
<net/radix.h>.
Inputs from and ok claudio@, mikeb@
|
|
structures into a function.
ok florian@
|
|
There is no need to handle managed/other flags for router
advertisments in the kernel according to the rfcs.
Remove stale todo comment; we do handle the on-link bit.
OK mpi
|
|
This pseudo-option is a hack to support return-rst on bridge(4). It
passes Ethernet information via a "struct route" through ip_output().
"struct route" is slowly dying...
ok claudio@, benno@
|
|
ok guenther@, henning@
|
|
Tweak and ok florian@
|
|
ok phessler@
|
|
ok stsp mpi
|
|
Fix a regression introduced when carp(4) left ether_output() found the
hardway by florian@ and phessler@.
ok benno@
|
|
|
|
ok claudio@
|
|
ok millert@
|
|
Recent changes to support multiple interface routes broke the
assumption made by all our userland routing daemons concerning
interface routes. Historically such routes had a "gateway"
sockaddr of type AF_LINK. But to be able to support multiple
interface routes as any other multipath routes, they now have
a unique "gateway" sockaddr containing their corresponding IP
address.
This self-describing flag should avoid ambiguity when dealing
with interface routes.
Issue reported by <mxb AT alumni DOT chalmers DOT se> and benno@
ok claudio@, benno@
|
|
ok deraadt@, millert@
|
|
compatibility with 4.3BSD in September 1989.
*Pick your own definition for "temporary".
ok bluhm@, claudio@, dlg@
|
|
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
|
|
|
routes.
Since such routes are also flagged with RTF_LLINFO various code path
assume correctly that they contain valid ARP or ND information.
This fixes the "arpresolve: unresolved and rt_expire == 0" issue
reported on tech@ by mxb <mxb AT alumni DOT chalmers DOT se>.
ok claudio@, phessler@
|
|
|
|
of RTF_CLONING and RTF_BROASCAST routes to not create MPATH conflicts
when IP address aliases are used.
This change makes it possible to have multiple RTF_CLONING routes with
the same priority. Note that any of the existing RTF_CLONING route
might be used by the kernel to create a RTF_CLONED route which should
not be a problem with aliases since they are attached to the same ifp.
This unbreak address aliases since the kernel supports multiple connected
routes for a subnet.
Found the hardway by djm@, ok claudio@
|
|
|
|
Use the existing multipath code. Switch away from using the ifa address
when making the cloning route and instead put a dummy sockaddr_dl route
in. With this it is possible to use the same network on multiple interfaces
at the same time. So if wireless and ethernet share the same network
the system will use the wired connection as long as there is link.
Still missing is builtin proxy-arp for the other interface IPs to allow
hitless failover.
OK mpi@
|
|
ok krw@ miod@
|
|
bridge.
|
|
interface.
Fix a use after free introduced in r1.98 of netinet6/in6.c and recently
exposed by a crazy pool/malloc damage finder being currently refined by
dlg@ and deraadt@.
ok mikeb@, henning@
|
|
one route to "::1".
Due to a clever BSD trick, the `ifa_dstaddr` field of addresses on
IFF_LOOPBACK ifps is set to the same value that `ifa_addr`. That's
why filtering for broadcast addresses is so complicated, because
guess what, `ifa_broadaddr` is the same as `ifa_dstaddr`!
Sadly our IPv6 code was "only" checking for `ifa_dstaddr` without
looking if the ifa was attached to a IFF_POINTOTPOINT interface.
So it always tried to create two routes to "::1" and, with the
recent RTF_LOCAL work, succeed.
You should now have only one local route to "::1".
::1 ::1 UHl 14 0 32768 1 lo0
-::1 ::1 UH 0 0 32768 4 lo0
ok henning@
|
|
The routing layer already check for the correct ifa when asked
to delete a local route, so do not try to be clever here.
This change also prevent having a NULL ifp pointer in your routing
table when you delete loopback interfaces having the same address.
ok henning@
|
|
No objection from reyk@, OK markus, hshoexer
|
|
ok mikeb
|
|
|