summaryrefslogtreecommitdiff
path: root/sys/netinet
AgeCommit message (Collapse)Author
2008-05-24Remove {tcp/udp}6_usrreq(); Since the normal ones nowThordur I. Bjornsson
take a proc argument, theres no need for these, since they are just wrappers. OK claudio@
2008-05-23Deal with the situation when TCP nfs mounts timeout and processesThordur I. Bjornsson
get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect. OK markus@, blambert@. "go ahead" deraadt@. Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
2008-05-19Unbreak builds for kernels that have atm interfaces. Found the hard way byClaudio Jeker
Theo on an alpha ramdisk. OK deraadt@
2008-05-15divert for ipv6; ok henning, pyrMarkus Friedl
2008-05-11Try harder to avoid corrupting the mbuf pool. Stuff any mbuf chain inKenneth R Westerback
ln_hold or la_hold into temporary storage and null ln_hold or la_hold before manually processing the mbuf chain. Discard the mbuf chain if it is put back in the hold area. ok claudio@ markus@
2008-05-09more rtrequest() to rtrequest1() replacement.Claudio Jeker
OK henning@
2008-05-09arp entries in the routing table should have priority RTF_CONNECTEDHenning Brauer
ok claudio theo
2008-05-09should check for null pointers; from henning@Markus Friedl
2008-05-09IP_RECVDSTPORT, allows you to get the destination port of UDP datagramsMarkus Friedl
for pf(4) diverted packets; based on patch by Scot Loach; ok beck@
2008-05-09Add SO_BINDANY socket option from BSD/OS.Markus Friedl
The option allows a socket to be bound to addresses which are not local to the machine. In order to receive packets for these addresses SO_BINDANY needs to be combined with matching outgoing pf(4) divert rules, see pf.conf(5). ok beck@
2008-05-09divert packets to local socket without modifying the ip header;Markus Friedl
makes transparent proxies much easier; ok beck@, feedback claudio@
2008-05-07Implement routing priorities. Every route inserted has a priority assignedClaudio Jeker
and the one route with the lowest number wins. This will be used by the routing daemons to resolve the synchronisations issue in case of conflicts. The nasty bits of this are in the multipath code. If no priority is specified the kernel will choose an appropriate priority. Looked at by a few people at n2k8 code is much older
2008-05-06Use the standard syslog levels on CARP logging messages instead ofRyan Thomas McBride
simple on/off, allowing more control over how verbose the logging is. This also allows you to do a further level of filtering in syslog.conf if you need to. Also add logging of state changes, inspired by diff provided by Brian A. Seklecki in PR 5513. These messages are logged by default. ok henning mpf deraadt
2008-05-06remove tcp_drain code since it's not longer used; ok henning, feedback thibMarkus Friedl
2008-05-02Make the SO_TIMESTAMP sockopt work. When set, this allows the user toChris Kuethe
get a timestamp of when the datagram was accepted (by udp(4), for example) rather than having to take a timestamp with gettimeofday(2) when recv(2) returns - possibly several hundreds of microseconds later. May be of use to those interested in precision network timing schemes or QoS for media applications. Tested on alpha, amd64, i386 and sparc64. manpage suggestions from jmc, ok deraadt
2008-04-24the softnet intr handlers check if the input queue has packets onDavid Gwynne
it by reading the queues head pointer. if that pointer is not null then it takes splnet and dequeues a packet for handling. this is bad because the ifqueue head is modified at splnet and the sofnet handlers read it without holding splnet. this removes that check of the head pointer and simply checks if the dequeue gave us a packet or not before proceeding. found while reading mpls code. discussed with norby@ and henning@ ok mcbride@ henning@
2008-04-18extend the if_ethersubr.c crc functions to support updating a runningDamien Miller
crc in addition to the existing "oneshot" mode and use them to replace ieee80211_crc_update() with the new ether_crc32_le_update(). Saves 1k kernel bss + some code. Mark the new ether_crc32_[lb]e_update functions as __pure for a ~25x speedup (on my i386 at least). feedback and ok damien@
2008-04-18use arc4random_uniform() for random number requests that are not aDamien Miller
power of two. use arc4random_bytes() when requesting more than a word of PRNG output. ok deraadt@
2008-03-15revert - I'm a dumbfuck who doesn't know his own APIDamien Miller
2008-03-15off by one at end of arrayDamien Miller
2008-03-15Because the ip_id code initialisation is a specific case of shufflingDamien Miller
a set of incrementing integers (and not an arbitrary set of values) it is possible to populate the array as we shuffle it in a single forward pass. Clever optimisation from didickman AT gmail.com; ok deraadt@ mcbride@
2008-03-02because arc4random_uniform is being used, the modulo bias is taken care ofTheo de Raadt
2008-03-02Add a arc4random_uniform() that returns a uniformly distributed numberDamien Miller
in the range 0 <= x < upper_bound Please use this new API instead of "arc4random() % upper_bound", as it avoids the "modulo bias" that favours small results when upper_bound is not a power of two. feedback deraadt@ mcbride@; ok deraadt@
2008-02-29replacement algorithm. initialize a 64K-short buffer using DurstenfeldTheo de Raadt
shuffle. Upon allocation, swap-permute the new value to a random slot in the 0..32K-1 th entry of the buffer as we move forward, ensuring randomness but also satisfying the non-repeating property we need. Also avoid the value of 0, since IP ID's of 0 are special. Inspired by Dillon's implementation. We believe this is easier to read though, initializes with less bias, handles the ID of 0 properly, and wins speed tests. Thanks a lot to mcbride and djm for doing a bunch of statistical and speed analysis, and comments from nordin ok mcbride djm
2008-02-20Add my copyright.Marco Pfatschbacher
OK mcbride@, mickey@
2008-02-20remove old unused TCP isn code; ok henning, dhartmei, mcbrideMarkus Friedl
2008-02-20when creating a response, use the correct TCP header instead ofMarkus Friedl
relying on the mbuf chain layout; with claudio@ and krw@; ok henning@
2008-02-11The TCP server has to recalculate the client's window size takenAlexander Bluhm
from the first ACK packet. Otherwise the server would use the unscaled window size for the fist data it is sending. ok markus@ dhartmei@
2008-02-05Move carp load balancing (ARP/IP) to a simpler configuration scheme.Marco Pfatschbacher
Instead of using the same IP on multiple interfaces, carp has to be configured with the new "carpnodes" and "balancing" options. # ifconfig carp0 carpnodes 1:0,2:100,3:100 balancing ip carpdev sis0 192.168.5.50 Please note, that this is a flag day for anyone using carp balancing. You'll need to adjust your configuration accordingly. Addititionally this diff adds IPv6 NDP balancing support. Tested and OK mcbride@, reyk@. Manpage help by jmc@.
2008-01-02return with ENOTTY instead of EINVAL for unknown ioctl requests.Brad Smith
ok claudio@ krw@ dlg@
2007-12-30A struct rt_addrinfo is needed for rt_missmsg() so we can use rtrequest1()Claudio Jeker
directly instead of takeing the detour via rtrequest(). OK henning@ markus@
2007-12-14add sysctl entry points into various network layers, in particular toTheo de Raadt
provide netstat(1) with data it needs; ok claudio reyk
2007-12-13Add missing license. This file is 4.4BSD-derived with WIDE changes.Todd C. Miller
OK deraadt@
2007-12-13implement sysctls to report IP, TCP, UDP, and ICMP statistics andReyk Floeter
change netstat to use them instead of accessing kvm for it. more protocols will be added later. discussed with deraadt@ claudio@ gilles@ ok deraadt@
2007-11-27TCP_COMPAT_42 was last used in 1997. Kill it.Theo de Raadt
ok millert
2007-11-27typos; ok jmc@Martynas Venckus
sys/dev/pci/pciide.c from naddy@
2007-11-27Make carp(4) behave more like a ethernet interface by initalizing theClaudio Jeker
IPv4 interface address similar to arp_ifinit(). The main difference is that we do not send out a gracious arp as the carp(4) is not ready to send at that moment. This will make backup interface show up like the master ones. OK mpf@ earlier version OK henning@ mcbride@
2007-11-26MALLOC -> malloc and M_ZERO changeCharles Longeau
ok mpf@ henning@
2007-11-26typos; ok jmc@Martynas Venckus
sys/netinet/in_pcb.c and sys/net/bridgestp.c ok henning@ sys/dev/pci/bktr/* ok jakemsr@
2007-11-24some spelling fixes from Martynas VenckusJason McIntyre
2007-11-22pass the carp ifp to rt_missmsg() when generating the RTM_ADD messagesHenning Brauer
so the resulting messages have ifindex set and the routing daemons can correctly indentify that route as connected. ok mcbride
2007-11-22Factor out the virtual host portion of carp into a separate structMarco Pfatschbacher
that is kept in a list per carp interface. This is the huge first step necessary to make carp load balancing nice and easy. One carp interface can now contain up to 32 virtual host instances. This doesn't do anything useful yet, but here is how an ifconfig for multiple entries now looks like: # ifconfig carp2 carpnodes 5:0,6:100 192.168.5.88 carp2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 lladdr 00:00:5e:00:01:05 carp: carpdev sis0 advbase 1 state MASTER vhid 5 advskew 0 state BACKUP vhid 6 advskew 100 groups: carp inet 192.168.5.88 netmask 0xffffff00 broadcast 192.168.5.255 OK mcbride@
2007-11-19Remove the #define ENCDEBUG that slipped through somehow.Marco Pfatschbacher
OK hshoexer@
2007-11-16in the strange/unnatural/ridiculous situation where a non-blockingTheo de Raadt
connect() which has completed and failed.. if connect() is called again.. return the so_error instead of EINVAL; from Alexey Vatchenko matches what other systems do now ok millert henning
2007-11-16use arc4random_bytes() instead of multiple arc4random() calls;Damien Miller
ok deraadt@ dlg@ henric@ mcbride@
2007-11-06Do not panic in arpintr() if IF_DEQUEUE returns NULL, this is perfectly legalMiod Vallat
and can happen on slow mp systems under a lot of network load; ok kettenis@
2007-10-29MALLOC/FREE -> malloc/freeCharles Longeau
ok krw@
2007-10-27Replace the replay protection counter with a cookie.Marco Pfatschbacher
It is unlikely we will ever get a working replay protection, so better keep it simple and robust. The cookie allows us to detect our own advertisements, thus it is now easy to deal with network loops and non-simplex interfaces. Zero feedback by the people who wanted this fixed. OK henning@, markus@
2007-10-17Convert MALLOC/FREE to malloc/free.Hans-Joerg Hoexer
ok gilles@
2007-10-09MALLOC+bzero -> malloc+M_ZERO. Don't forget FREE->free this time.Kenneth R Westerback
As with many of the last commits, looked at by chl@ in an earlier version.