| Age | Commit message (Collapse) | Author |
|---|
|
Debug informations can already be accessed via mrtstat and pimstat.
|
|
ip_input().
Note that ipmforwarding is not enabled by default.
ok deraadt@, phessler@
|
|
|
|
|
|
its descriptor. Get rid of a if_ref().
ok dlg@
|
|
|
|
|
|
Even pimd(8) no longer support them.
|
|
|
|
later failed.
|
|
descriptor.
Allow to get rid of two if_ref() in the output paths.
ok dlg@
|
|
Get rid of an if_ref()/if_put() dance.
ok dlg@
|
|
This allows more flexible configurations with vlan(4) and bridge(4) on
top of the same physical interface. In particular it allows to not feed
VLAN tagget packets into a bridge(4).
Fix regression reported by Armin Wolfermann on bugs@, ok dlg@
|
|
the sender address is a local IP. The arplookup() does this route
lookup anyway, so just check its result.
OK mpi@
|
|
While here remove unused argument and convert the route check to
rtisvalid(9).
ok bluhm@
|
|
with route lookups. Check wether ARP sender or target protocol
address is a local IP address. Remove the loop that checks wether
any IPv4 address is configured on the receiving interface.
input, test, OK mpi@
|
|
this is an interesting change because the loops have to decrement
the global hold count too. they looked like this:
while ((mh = ml_dequeue(&la->la_ml)) != NULL) {
la_hold_total--;
m_freem(mh);
}
because ml_purge returns how many mbufs were freed, we can do this:
la_hold_total -= ml_purge(&la->la_ml);
ok mpi@ bluhm@
|
|
IP options or if an IPv6 packet contains header extensions.
Required by cnmac(4) and a sensible precautionary measure in general.
ok visa@, mikeb@
|
|
ok naddy
|
|
Pointed by and ok reyk@
|
|
One of the keys of our MP work relies on making OpenBSD's kernel simpler!
In this case turning ARP processing MP-safe is quite complicated due to
the way carp(4) is hooked in arpinput() and nowadays you'd better run
kitchensinkd(9) anyway :)
ok bluhm@, claudio@, reyk@
|
|
the other arp variables and nd6. Convert a hand-crafted loop to
LIST_FOREACH_SAFE.
OK mpi@
|
|
OK mpi@
|
|
OK mpi@
|
|
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@
|
|
|
|
the lifetime of an ``ifa'' is tied to a route entry, so it might no
longer be valid after calling rtfree(9).
While here put a KERNEL_LOCK() around the per-ifp address list iteration.
ok bluhm@
|
|
ok bluhm@
|
|
ok bluhm@
|
|
L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.
Discussed with bluhm@, ok claudio@
|
|
function to take an interface index.
discussed with mpi@; OK claudio@
|
|
Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.
Imputs from bluhm@, ok phessler@, florian@, bluhm@
|
|
ok claudio@
|
|
ok claudio@
|
|
|
|
entry is attached to this entry.
ok phessler@, bluhm@
|
|
Instead of casts they check wether the incoming object has the
expected type. So introduce satosdl() and sdltosa() in the kernel.
OK mpi@
|
|
ok claudio@, bluhm@, jsg@
|
|
|
|
this can be used as an alternative to sysctl net.inet.ip.ttl, in
programs that use pledge().
ok reyk@, "Like this" deraadt@
|
|
socket(). Without pledge, all other socket behaviours become permitted,
except this one case: connect/send* only works to *:53. In pledge mode,
a very few are further restricted. Some backwards compatibility for
the dnssocket/dnsconnect calls will remain in the tree temporarily so
that people can build through the transition.
ok tedu guenther semarie
|
|
While here add a missing ``rtableid'' check in in_selectsrc().
ok bluhm@
|
|
net/ip_input.c
|
|
ifa are refcounted to ensure that rt_ifa is always valid.
|
|
ok mpi@
|
|
SS_DNS tagged socket which has limited functionality (for example, you
cannot accept on them...) The libc resolver will switch to using these,
therefore pledge can identify a DNS transaction better.
ok tedu guenther kettenis beck and others
|
|
and mpi believe could be used uninitialised.
ok mpi@
|
|
configured addressses.
ok mikeb@
|
|
ARP entries with an expired timeout are now removed from the tree even
if they are cached somehwere else. This also reduces differences with
NDP.
ok bluhm@
|
|
Note that after calling rtalloc(9) we only check if a route has been
returned or not and do not check for its validity. This cannot be
improved without a massive refactoring.
The kernel currently *do* use !RTF_UP route due to a mismatch between
the value of ifp->if_link_state and the IFF_UP|IFF_RUNNING code.
I'd explain the RTF_UP flag as follow:
. If a cached route entry w/o RTF_UP is passed to ip{6,}_output(),
. call rtalloc(9) to see if a better entry is present in the tree.
This is enough to support MPATH and route cache invalidation.
ok bluhm@
|
