summaryrefslogtreecommitdiff
path: root/sys/netinet
AgeCommit message (Expand)Author
1999-05-24instead of dropping out of window SYNs, send an ACK and drop afterwards.Niels Provos
1999-05-23SA hash table resizingNiklas Hallqvist
1999-05-20Fix a bug where the ordered expiration list could get out of order. AddNiklas Hallqvist
1999-05-16Don't judge locally generated tunnel packets as spoof attempts. indent.Niklas Hallqvist
1999-05-16spltdb introduced, protection for tdb lists and related structures, soNiklas Hallqvist
1999-05-16Add support for static ARP entries that cannot be overwritten.Hakan Olsson
1999-05-14A new scalable IPsec SA expiration model.Niklas Hallqvist
1999-05-12Obvious pastoNiklas Hallqvist
1999-05-12Follow local indentation style.Hakan Olsson
1999-05-12Fix problem with data corruption for retransmitted TCP packetsHakan Olsson
1999-05-11Remove cruft that wasted space en masse in the IPsec subsystemNiklas Hallqvist
1999-04-28zap the newhashinit hack.Artur Grabowski
1999-04-23dont accept packets with the destination address of a down interface;Niels Provos
1999-04-22Heh, this was definitely not tested. cpp sytax errors.Niklas Hallqvist
1999-04-21From Tom Henderson <tomh@cs.berkeley.edu>:Niels Provos
1999-04-20messup, learn to test *all* variants of compile options whenNiklas Hallqvist
1999-04-20use open() with O_EXCL.. but also move to /var/run to avoid the 2nd-level /tm...Theo de Raadt
1999-04-20Merge MROUTING and IPSEC wrt handling of IP-in-IP tunnelled packets.Niklas Hallqvist
1999-04-16fix ipf return-rst panic bug; beckTheo de Raadt
1999-04-12move encdebug to a useful placeTheo de Raadt
1999-04-11Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default.Niklas Hallqvist
1999-04-09The kernel parts of a sysctl that can switch on/off IP-in-IP (protocol 4)Niklas Hallqvist
1999-04-09Make the tdbi handling more robust, removes a panic caseNiklas Hallqvist
1999-04-09Check for local address spoofing on encapsulated packets.Angelos D. Keromytis
1999-04-04fix tunnelling; provosTheo de Raadt
1999-03-27add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoingNiels Provos
1999-03-24Implement lifetime expiration notifications. Fix some typos. Remove statics.Niklas Hallqvist
1999-03-24Reworked udp_output() to minimize the number of if() statements needed to getcmetz
1999-03-24Removed inclusion of netinet6/in6.h. This was an artifact of when the corecmetz
1999-03-24Removed old NRL convention in6a_words virtual-field from struct in6_addr.cmetz
1999-03-24Replace 'in6a_words' (old NRL convention) with 's6_addr32' (new BSDI et al.cmetz
1999-03-13indentTheo de Raadt
1999-03-06Update IP pointer, when doing multiple transforms.Angelos D. Keromytis
1999-03-04be more careful with freeing TDBsTheo de Raadt
1999-03-04more paranoid maintenanceTheo de Raadt
1999-02-25Prettier reporting, report number of flows in use per SA.Angelos D. Keromytis
1999-02-25Skipjack key bzero'ing case.Angelos D. Keromytis
1999-02-25Print more information in /kern/ipsecAngelos D. Keromytis
1999-02-25Bzero key information before free'ing it, just for paranoia's sake.Angelos D. Keromytis
1999-02-25Use M_XDATA for the key schedule, instead of M_TEMP.Angelos D. Keromytis
1999-02-25Clear the DF bit, so packets don't get dropped inside a tunnel.Angelos D. Keromytis
1999-02-25Be a bit more paranoid before free'ing memory.Angelos D. Keromytis
1999-02-25Move union sockaddr_union to ip_ipsp.hAngelos D. Keromytis
1999-02-24Update copyright; remove a few annoying debugging printfs.Angelos D. Keromytis
1999-02-24add skipjack support backTheo de Raadt
1999-02-24Remove encap.h include; saner debugging printfs; fix buglets; work withAngelos D. Keromytis
1999-02-24Added in.h definitions required by IPv6 Basic API and Advanced API specs, andcmetz
1999-02-23Forgot this.Angelos D. Keromytis
1999-02-23This one seems to work, at least in the direction Sparc->i386.Angelos D. Keromytis
1999-02-23Turns out the patch didn't fix the problem. Reverting to old code.Angelos D. Keromytis