Age | Commit message (Collapse) | Author |
|
ok mpi@ millert@
|
|
namespace, so stop changing behavior when it's #defined
ok beck@ krw@
|
|
no functional change.
ok jca@
|
|
do not try to find a matching address by iterating over a global
list and always use the routing table.
Idea from claudio@, moral support from henning@, ok mikeb@
|
|
ok mikeb@
|
|
address and not the mac of the physical interface as target lladdr.
This allows us to get rid of the hack adding and removing the route to
loopback of a carp node when its status switch to master and backup
respectively. Now the route entry will no longer be updated to use the
mac address of the physical interface of the master node as gateway.
While here send the ARP request through the carp interface for consistency.
Analysed with and ok mikeb@, ok bluhm@
|
|
if we're acting as router. Otherwise clients lose the default route
learned from router advertisements during carp failover.
Patch by Ole Myhre; ok bluhm@
|
|
are so many inconsistancies, that moving one deck chair is pointless.
more thought required.
ok claudio
|
|
statistics sideeffects before. ok lteo naddy
|
|
ok krw phessler
|
|
are are lie, since the software engine emulates hardware offloading
and that is later indistinguishable. so kill the hw cksummed counters.
introduce software checksummed packet counters instead.
tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum.
as before we still have a miscounting bug for inbound with pf on, to be
fixed in the next step.
found by, prodding & ok naddy
|
|
into consistent locations; ok henning@
|
|
reading it from the packet header. While here makes carp_input()
take the same arguments as ether_input().
ok bluhm@, mikeb@
|
|
now cause a EINVAL. The RTA_GENMASK and RTAX_GENMASK defines are kept for
compatibility reasons.
OK benno@ and agreed by dlg@
|
|
(unplugged). Even if it makes no sense to keep them around if the
interface is no more, we cannot safely remove them since pcb multicast
options might keep a pointer to them.
Fixes a user after free introduced by the multicast address linking
rewrite and reported by Alexey Suslikov, thanks!
ok claudio@
|
|
OK benno@ deraadt@
|
|
to a socket. When the application removed the socket, the pf state
would persist. A new connection did not hit the divert rule as the
state still grabed the packet. The solution is to unlink the
associated divert state when the socket gets destroyed. This is
possible as both are linked together and a divert state without
socket does not make sense.
OK mikeb@
|
|
consistent with struct ifaddr "ifa" and struct in_ifaddr "ia".
OK mpi@
|
|
in IFP_TO_IA().
ok bluhm@, henning@, mikeb@
|
|
sprinkle 0 -> NULL where obvious
ok millert mpi
|
|
|
|
|
|
the ifp pointer which can be NULL. This prevents a crash reported
by David Hill <dhill at mindcry ! org>. OK bluhm
|
|
|
|
in the base. Ports fixes to follow shortly for the two ports (gkrellm
and net-snmp) affected.
ok zhuk@ millert@
|
|
instead of variable arguments.
Allows stricter type checking by the compiler at call sites and also
saves a bit of code size on some platforms (e.g., ~200 bytes on
amd64).
ok mikeb
|
|
|
|
|
|
Instead of linking multicast records to the first configured address of
the corresponding protocol, making this address and its position in the
global list special, add them to a new list directly linked to the
interface descriptor.
This new multicast address list is similar to the address list, all its
elements contain a protocol agnostic part. This design allows us to
be able to join a multicast group without necessarily having a configured
address. That means IPv6 multicast kludges are no longer needed.
Another benefit is to be able to add and remove an IP address from an
interface without worrying about multicast records. That means that the
global IPv4 list is no longer needed since the first configured address
of an interface is no longer special.
This new list might also be extended in the future to contain the
link-layer addresses used to configure hardware filters.
Tested by sthen@ and weerd@, ok mikeb@
|
|
dereferencing the mbuf various times. No functional change.
ok mpf@, bluhm@
|
|
use it instead of dereferencing the mbuf once again. No functional change.
|
|
ok mikeb@, ports@, henning@
|
|
ok mikeb@, henning@, claudio@
|
|
it is needed and the lower parts of the stack will take care of it.
fixes a cksum bug in a rather constructed case and is just the right thing
to do now. ok mpi naddy
|
|
ok henning@, mikeb@
|
|
multicast macros and in_ifaddr) that reference ifnet in some way;
looked over by deraadt, ok mpi
|
|
ok deraadt@
|
|
ok henning@, sthen@, mikeb@, deraadt@
|
|
just call ip_stripoptions(). Remove an unneeded parameter and
adjust the ip length in ip_stripoptions().
from FreeBSD; OK deraadt@ henninh@ lteo@
|
|
divert6_packet() from "pd" to "divert" to match the rest of the source.
I think "pd" was not a good name for a struct pf_divert because "pd"
usually refers to a pf_pdesc.
No object file change.
OK benno@ bluhm@ henning@
|
|
network to presentation format to inet_ntop().
The few remaining functions will be soon converted.
ok mikeb@, deraadt@ and moral support from henning@
|
|
accepts either format, but we start using the IETF bits. Hopefully we
get a mail later again from David Dahlberg reminding us to remove the
legacy acceptance.
|
|
to 64 bit. Increase the routing message version from 4 to 5. Add
a small compatibility layer that allows to set routes with old user
land and new kernel. Old kernel with new user land does not work.
The compatibility layer ist not perfect, but it allows to configure
addresses with old ifconfig and new kernel. Route get also works
in this setup. dhclient hangs as messages for interface address
changes with old version are not generated.
OK claudio@
|
|
miod@ cannot find two boards using the same media.
With precious punctuation review from guenther@, thanks!
ok deraadt@, henning@
|
|
|
|
always in the first mbuf of an mbuf chain.
Thanks to henning@ and bluhm@ for their work on checksums at b2k13,
which allowed this fix to be very straightforward compared to earlier
versions.
help/feedback bluhm@ henning@
OK henning@ naddy@
|
|
|
|
global variables to in6.h.
ok deraadt@
|
|
One worrying bit is in icmp6.h where some htols() and htonl() are
added, which may affect compatibility down the line. This component
can be reverted if issues show up. Ports tree greps indicate no issue.
ok claudio mpi etc
|
|
obviously only used in the kernel) behind #ifdef _KERNEL
This is a more substantial change than the others commited minutes ago,
so it is seperate. More structs get hidden.
ok various
|