summaryrefslogtreecommitdiff
path: root/sys/netinet
AgeCommit message (Collapse)Author
2014-03-13fix buffer overflows in icmp redirect handling introduced in rev 1.106Jonathan Gray
ok mpi@ millert@
2014-03-11lint is gone, and the 'lint' conditional was never in the implementationPhilip Guenther
namespace, so stop changing behavior when it's #defined ok beck@ krw@
2014-03-11Remove gratuitous differences between arp and nd6 rtrequests,Martin Pieuchot
no functional change. ok jca@
2014-03-11In case imcp_reflect() is called without a given source addressMartin Pieuchot
do not try to find a matching address by iterating over a global list and always use the routing table. Idea from claudio@, moral support from henning@, ok mikeb@
2014-03-10if_lladdr -> if_sadl, no functional change.Martin Pieuchot
ok mikeb@
2014-02-13When sending a neighbor advertisement, correctly use the carp macMartin Pieuchot
address and not the mac of the physical interface as target lladdr. This allows us to get rid of the hack adding and removing the route to loopback of a carp node when its status switch to master and backup respectively. Now the route entry will no longer be updated to use the mac address of the physical interface of the master node as gateway. While here send the ARP request through the carp interface for consistency. Analysed with and ok mikeb@, ok bluhm@
2014-02-07Make carp send IPv6 neighbour advertisements with the 'router' flagStefan Sperling
if we're acting as router. Otherwise clients lose the default route learned from router advertisements during carp failover. Patch by Ole Myhre; ok bluhm@
2014-01-25revert counter size changes. this breaks netstat. digging further, thereTheo de Raadt
are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
2014-01-24clearing the _CSUM_IN_OK flags is now utterly pointless, was only done forHenning Brauer
statistics sideeffects before. ok lteo naddy
2014-01-24make the udpstat counters u_int32_t, for consistency with tcpstatHenning Brauer
ok krw phessler
2014-01-23since the cksum rewrite the counters for hardware checksummed packetsHenning Brauer
are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
2014-01-23put the in{,6}_delayed_cksum() and in{,6}_proto_cksum_out() prototypesChristian Weisgerber
into consistent locations; ok henning@
2014-01-22Pass the receiving interface pointer to carp_input() instead of re-Martin Pieuchot
reading it from the packet header. While here makes carp_input() take the same arguments as ether_input(). ok bluhm@, mikeb@
2014-01-22Remove genmask support from the kernel. rtmsgs with RTA_GENMASK set willClaudio Jeker
now cause a EINVAL. The RTA_GENMASK and RTAX_GENMASK defines are kept for compatibility reasons. OK benno@ and agreed by dlg@
2014-01-21Do not clean the multicast records of an interface when it is destroyedMartin Pieuchot
(unplugged). Even if it makes no sense to keep them around if the interface is no more, we cannot safely remove them since pcb multicast options might keep a pointer to them. Fixes a user after free introduced by the multicast address linking rewrite and reported by Alexey Suslikov, thanks! ok claudio@
2014-01-19Start counting droped icmp errors because the rate limit is exceeded.Claudio Jeker
OK benno@ deraadt@
2014-01-18There was an awkward behaviour after a connection had been divertedAlexander Bluhm
to a socket. When the application removed the socket, the pf state would persist. A new connection did not hit the divert rule as the state still grabed the packet. The solution is to unlink the associated divert state when the socket gets destroyed. This is possible as both are linked together and a divert state without socket does not make sense. OK mikeb@
2014-01-13Call all local valiables of type struct in6_ifaddr "ia6". This isAlexander Bluhm
consistent with struct ifaddr "ifa" and struct in_ifaddr "ia". OK mpi@
2014-01-13Iterate over the per interface address list instead of the global oneMartin Pieuchot
in IFP_TO_IA(). ok bluhm@, henning@, mikeb@
2014-01-10replace the rest of the obsolete radix macrosTed Unangst
sprinkle 0 -> NULL where obvious ok millert mpi
2014-01-09replace Bcopy macro with memmove and memcpy. ok mpiTed Unangst
2014-01-09bzero/bcmp -> memset/memcmp. ok matthewTed Unangst
2014-01-07Propagate an rdomain number to the nd6_lookup independently fromMike Belopuhov
the ifp pointer which can be NULL. This prevents a crash reported by David Hill <dhill at mindcry ! org>. OK bluhm
2013-12-31bcopy -> memcpy. reviewed with one fix from matthewTed Unangst
2013-12-20Switch inpt_queue from CIRCLEQ to TAILQ. Thus ending use of CIRCLEQKenneth R Westerback
in the base. Ports fixes to follow shortly for the two ports (gkrellm and net-snmp) affected. ok zhuk@ millert@
2013-12-17Change ip_output()'s non-optional arguments to be standard argumentsMatthew Dempsky
instead of variable arguments. Allows stricter type checking by the compiler at call sites and also saves a bit of code size on some platforms (e.g., ~200 bytes on amd64). ok mikeb
2013-12-04ifp must be initialized in ip_setmoptions; from oga via mpi, ok mpiMike Belopuhov
2013-11-29move in_multi definition into kernel-onlyTheo de Raadt
2013-11-28Change the way protocol multicast addresses are linked to an interface.Martin Pieuchot
Instead of linking multicast records to the first configured address of the corresponding protocol, making this address and its position in the global list special, add them to a new list directly linked to the interface descriptor. This new multicast address list is similar to the address list, all its elements contain a protocol agnostic part. This design allows us to be able to join a multicast group without necessarily having a configured address. That means IPv6 multicast kludges are no longer needed. Another benefit is to be able to add and remove an IP address from an interface without worrying about multicast records. That means that the global IPv4 list is no longer needed since the first configured address of an interface is no longer special. This new list might also be extended in the future to contain the link-layer addresses used to configure hardware filters. Tested by sthen@ and weerd@, ok mikeb@
2013-11-28Use the local variable referencing the receiving interface instead ofMartin Pieuchot
dereferencing the mbuf various times. No functional change. ok mpf@, bluhm@
2013-11-27Since r1.106 we have a local variable referencing the receiving interface,Martin Pieuchot
use it instead of dereferencing the mbuf once again. No functional change.
2013-11-27Replace INADDR_TO_IFP() by in_iawithaddr() and kill the macro.Martin Pieuchot
ok mikeb@, ports@, henning@
2013-11-27Let's call a rtableid a rtableid.Martin Pieuchot
ok mikeb@, henning@, claudio@
2013-11-26instead of calculating the icmp checksum here, just set the flag thatHenning Brauer
it is needed and the lower parts of the stack will take care of it. fixes a cksum bug in a rather constructed case and is just the right thing to do now. ok mpi naddy
2013-11-22Remove unused proc argument in in6_control().Martin Pieuchot
ok henning@, mikeb@
2013-11-21hide a bunch of structures (namely arpcom, llinfo_arp, ethernetMike Belopuhov
multicast macros and in_ifaddr) that reference ifnet in some way; looked over by deraadt, ok mpi
2013-11-21Remove unneeded include.Martin Pieuchot
ok deraadt@
2013-11-21Replace the last usage of IA_SIN() and kill this macro.Martin Pieuchot
ok henning@, sthen@, mikeb@, deraadt@
2013-11-17Instead of stripping the IP options manually in icmp_reflect(),Alexander Bluhm
just call ip_stripoptions(). Remove an unneeded parameter and adjust the ip length in ip_stripoptions(). from FreeBSD; OK deraadt@ henninh@ lteo@
2013-11-15Rename the struct pf_divert variable in divert_packet() andLawrence Teo
divert6_packet() from "pd" to "divert" to match the rest of the source. I think "pd" was not a good name for a struct pf_divert because "pd" usually refers to a pf_pdesc. No object file change. OK benno@ bluhm@ henning@
2013-11-11Replace most of our formating functions to convert IPv4/6 addresses fromMartin Pieuchot
network to presentation format to inet_ntop(). The few remaining functions will be soon converted. ok mikeb@, deraadt@ and moral support from henning@
2013-11-06See previous commit. This is the next step in the process. The code nowTheo de Raadt
accepts either format, but we start using the IETF bits. Hopefully we get a mail later again from David Dahlberg reminding us to remove the legacy acceptance.
2013-10-31Convert the route expire timestamp in kernel and routing messageAlexander Bluhm
to 64 bit. Increase the routing message version from 4 to 5. Add a small compatibility layer that allows to set routes with old user land and new kernel. Old kernel with new user land does not work. The compatibility layer ist not perfect, but it allows to configure addresses with old ifconfig and new kernel. Route get also works in this setup. dhclient hangs as messages for interface address changes with old version are not generated. OK claudio@
2013-10-28tedu FDDI support and the 3 flavors the driver for DEC devices, evenMartin Pieuchot
miod@ cannot find two boards using the same media. With precious punctuation review from guenther@, thanks! ok deraadt@, henning@
2013-10-27delete UPCALL_TIMING debug code from a the dark agesTheo de Raadt
2013-10-25Don't let in_proto_cksum_out() assume that the ICMP checksum field isLawrence Teo
always in the first mbuf of an mbuf chain. Thanks to henning@ and bluhm@ for their work on checksums at b2k13, which allowed this fix to be very straightforward compared to earlier versions. help/feedback bluhm@ henning@ OK henning@ naddy@
2013-10-24ippseudo is kernel-only; checked in ports by sthenTheo de Raadt
2013-10-24Remove the number of in6_var.h inclusions by moving some functions andMartin Pieuchot
global variables to in6.h. ok deraadt@
2013-10-24Significant namespace cleanup of netinet6 symbols.Theo de Raadt
One worrying bit is in icmp6.h where some htols() and htonl() are added, which may affect compatibility down the line. This component can be reverted if issues show up. Ports tree greps indicate no issue. ok claudio mpi etc
2013-10-24Move obvious kernel prototypes (and structure's with kernel pointers,Theo de Raadt
obviously only used in the kernel) behind #ifdef _KERNEL This is a more substantial change than the others commited minutes ago, so it is seperate. More structs get hidden. ok various