summaryrefslogtreecommitdiff
path: root/sys/netinet
AgeCommit message (Collapse)Author
2004-04-15Unbreak INET6less kernels.Alexander Yurchenko
ok markus
2004-04-15allow TCP packet with IPv4 option (we have been dropping these).Jun-ichiro itojun Hagino
simplify some of the codepath by using IP6_EXTHDR_GET. markus ok
2004-04-14syn_cache_get: send RST instead of RST+ACK in response to ACK; ok deraadtMarkus Friedl
2004-04-14simpler ipsp_aux_match() API; ok henning, hshoexerMarkus Friedl
2004-04-14with IPv6, udp checksum is mandatory. henning okJun-ichiro itojun Hagino
2004-04-12remove duplicate if. from pedro martelletto, ok markus@Ted Unangst
2004-04-12factor out dropafterack_ratelim code, use ratelimitMarkus Friedl
for tcps_rcvacktoomuch, too; drop very old ACKs; ok deraadt@
2004-04-04on in-window SYN, send back rate-limited ACK; ok dhartmei frantzen markusTheo de Raadt
2004-03-31in gettdbbysrcdst(), allow matching with either src or dst beeing a wildcardHenning Brauer
(emtpy) entry ok markus@
2004-03-28memory leak fix; from pat, via tedu, ok dhartmeiTheo de Raadt
2004-03-26don't use mbuf after free; ok mcbride, deraadt, cloderMarkus Friedl
2004-03-26Also raise advskew to 240 while we wait for pfsync to get it's bulk update.Ryan Thomas McBride
This is to deal with situations where the network is not working during boot so we become master by default - the high advskew value allows other carp boxes to preempt us when the network finally comes up. ok deraadt@ beck@
2004-03-24Correct size in error message. From mickey@Ryan Thomas McBride
ok deraadt@
2004-03-24Disable net.inet.carp.log by default.Ryan Thomas McBride
ok deraadt@
2004-03-22Support for best effort bulk transfers of states when pfsync syncif isRyan Thomas McBride
configured. This this allows pfsync+carp clusters to come up gracefully without killing active connections. pfsync now prevents carp from preempting to become master until the state table has sync'd. ABI change, any application which use struct pf_state must be recompiled. Reminded about this by Christian Gut. Thanks to beck@ cedric@ and dhartmei@ for testing and comments. ok deraadt@
2004-03-22spelling; jjy2+@pitt.eduTheo de Raadt
2004-03-21fix udp checksum verification if ip options are present;Markus Friedl
report from Pyun via dhartmei@; ok mcbride@, dhartmei@
2004-03-20Unbreak routing change handling for state changes; count addresses differentlyRyan Thomas McBride
depending on where we're calling carp_addrcount() from.
2004-03-18Allow the state to be changed explicitly via the ioctl.Ryan Thomas McBride
ok markus@
2004-03-17typo in comment (fragment->segment); ok itojun@Markus Friedl
2004-03-15strncpy -> strlcpy. ok markus@ "(this is even unused crap, i think)"Ted Unangst
from Patrick Latifi
2004-03-12Fix rtentry leak in in_losing(). The rtentry needs to be freed in anycase.Claudio Jeker
Found by Greg Wooledge. A lot of debugging and help by dhartmei@ markus@ cedric@. OK dhartmei@ markus@ deraadt@
2004-03-10Don't permit a negative index. Pointed out by Patrick Latifi.Ryan Thomas McBride
2004-03-05Only send route add or delete messages if it's the first identicalRyan Thomas McBride
address being added or the last identical address being removed, respectively. Part of a larger diff approved by markus@ and dhartmei@, API changes held back for now.
2004-03-02limit total number of queued out-of-order packets to NMBCLUSTERS/2; ok mcbrideMarkus Friedl
2004-02-27implement tcp_drain() similar to ip_drain(); ok mcbride@Markus Friedl
2004-02-27API change; counter for upcoming tcp_drain(); ok deraadtMarkus Friedl
2004-02-17switch to sysctl_int_arr(); ok henning, deraadtMarkus Friedl
2004-02-16don't allocate a cluster if the header fits into a mbuf;Markus Friedl
ok itojun@, henning@, mcbride@
2004-02-15check TDBF_INVALID for TCP MD5 SA lookups; ok mcbride, henningMarkus Friedl
2004-02-15switch to sysctl_int_arr(); ok itojun, henning, miod, deraadtMarkus Friedl
2004-02-13typo, lenght -> lengthBrad Smith
2004-02-11make mss signed; avoids large mss if ifp==NULL; ok itojun@Markus Friedl
2004-02-10plug mbuf leak (ip_fragment() always free mbuf on error). tested by cedric,Jun-ichiro itojun Hagino
dhartmei ok
2004-02-10check TF_SIGNATURE when calculating the mss; add TCPOLEN_SIGLEN andMarkus Friedl
avoid magic constants; ok henning@
2004-02-05take RFC2460 section 5 last paragraph into consideration when we compute MSSJun-ichiro itojun Hagino
(if path MTU < 1280, use 1280 as packet size and attach fragment header). markus ok
2004-01-31rename tcp sockopt TCP_SIGNATURE_ENABLE to TCP_MD5SIGHenning Brauer
requested by theo ok markus@ hshoexer@
2004-01-31!sack_disable -> sack_enable; ok deraadt@Markus Friedl
2004-01-30add support for getsockopt(..., TCP_SIGNATURE_ENABLEHenning Brauer
so you can check wether a just accept()ed connection is md5sig'd ok deraadt@ markus@
2004-01-29reset TCPT_KEEP to tcp_keepidle when switching to ESTABLISHED;Markus Friedl
ok henning, deraadt
2004-01-29turn off TF_SIGNATURE on the listen socket if there is no matching SA.Markus Friedl
allows using a single listen socket for both tcpmd5 and plain tcp. ok aaron, henning.
2004-01-29support for RFC3390 (Increasing TCP's Initial Window); ok deraadt, itojunMarkus Friedl
2004-01-29don't increase the cwnd on syn-ack; ok itojun@, deraadt@Markus Friedl
2004-01-27in gettdbbysrcdst(): hash by SRC and lookup SA in the tdbsrc[] hash tableMarkus Friedl
with hshoexer@
2004-01-22add gettdbbysrcdst(), just like gettdb(), but compares tdb_src as well; ok ↵Markus Friedl
mcbride@
2004-01-18send RTM_IFINFO on carp state changes; with mpf@; ok mcbride@, mpf@Markus Friedl
2004-01-15es tanzt das KNFMarkus Friedl
2004-01-15missing #ifdef INET6, ok henning@Daniel Hartmeier
2004-01-15move call to tcp_mss_update() from syn_cache_add() to syn_cache_get(),Markus Friedl
when the 3-way handshake completes (and not on the listen pcb). ok itojun, dhartmei
2004-01-14syncache+ipv6 support for TCP_SIGNATURE; with itojun; ok deraadtMarkus Friedl
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-21 16:17:40 +0000