src - OpenBSD base system

Age	Commit message (Collapse)	Author
2004-05-29	carp_ioctl() happens after ifioctl(); check flags correctly so that	Ryan Thomas McBride
	'ifconfig carp0 down' and 'ifconfig carp0 up' work as expected.
2004-05-27	the tcp header might be in a different mbuf after pulldown();	Markus Friedl
	fixes tcp corruption on rl(4); ok itojun, cedric
2004-05-26	use sa_family not inp; netbsd merge error; ok dhartmei	Markus Friedl

2004-05-25	let sc_counter wrap automatically, ok mcbride@	Jolan Luff

2004-05-24	Check for sc->sc_ifp != NULL in carp_setroute(). Running dhclient on the	Ryan Thomas McBride
	carp interface won't work, but it doesn't mean we should panic the box!
2004-05-23	missing splx; andrushock@korovino.net	Theo de Raadt

2004-05-21	use 'mss' as lower limit, since 'ifp' might not be set; ok dhartmei@, henning@	Markus Friedl
	report and test by mpf@
2004-05-18	if_ether.h	Brad Smith
	add ETHER_MAX_LEN_JUMBO, ETHER_VLAN_ENCAP_LEN, ETHER_ALIGN, and ETHERMTU_JUMBO constants. if.h add a few more interface capabilities flags. Some from NetBSD, some from FreeBSD. ok markus@
2004-05-18	fix size argument to ovbcopy() in ip_pcbopts(), found by Andrei Iltchenko	Daniel Hartmeier
	(FreeBSD PR 66386), ok markus@, otto@
2004-05-16	When we back off due to problems with the physical interface, advertise	Ryan Thomas McBride
	the backoff immediately on all of the interfaces instead of waiting for the next scheduled advertisement.
2004-05-16	Remove useless test pointed out by Frank Denis <j@pureftpd.org>.	Ryan Thomas McBride

2004-05-13	Act like our advskew is 240 when receiving packets as well as sending if	Ryan Thomas McBride
	we're backing off. Makes the backoff actually work like it's supposed to instead of flip-flopping. Problem pointed out by ho@ and jakob@
2004-05-13	Add cloned interface destruction to carp (ifconfig carp0 destroy).	Ryan Thomas McBride
	ok deraadt@
2004-05-13	KNF	Ryan Thomas McBride

2004-05-10	Make sure advskew set correctly in advertisement when configured to a value	Ryan Thomas McBride
	greater than 240. From Frank Denis <j@pureftpd.org>, PR3774.
2004-05-08	If a carp interface has more than CARP_SENDAD_MAX_ERRORS failed	Ryan Thomas McBride
	advertisements in a row, back off all the other interfaces, until CARP_SENDAD_MIN_SUCCESS advertisements are successful. This makes carp deal better with ip output errors.
2004-05-07	Replace RSA-derived md5 code with code derived from Colin Plumb's PD version.	Todd C. Miller
	This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@
2004-05-05	Remove unused #define.	Ryan Thomas McBride

2004-05-04	The tcp specific routing metrics are almost never used so reduce the routing	Claudio Jeker
	table from these metrics. struct rt_msghdr used by the routing socket is not affected and so most userland apps don't need to be changed. some man page polishing by jmc@ OK henning@ markus@ theo@
2004-04-28	make return-rst work on pure bridges. ok dhartmei@ henning@ mcbride@	Cedric Berger

2004-04-28	carp stats cleanup:	Ryan Thomas McBride
	- convert counters to 64 bits - remove junk from netstat ok pb@
2004-04-28	Make carp(4) aware of its physical interface:	Ryan Thomas McBride
	- If the physical interface goes down or the link goes down, the carp interface goes down as well. - We treat this like the preemption holdoff with pfsync. So if one of the carp interfaces is known to be bad (because the physical interface it's associated with is bad), all the other carp interfaces back off: they won't preempt, and their advskew goes to 240. ok cedric@
2004-04-27	Require NULL oldp when dropping a connection.	Otto Moerbeek
	ok markus@
2004-04-26	change tcpdrop to require newp instead of oldp; suggested by otto	Markus Friedl

2004-04-26	- allow the user to force the TCP mss below the fail-safe 216 with a low	Mike Frantzen
	interface MTU. - break a tcp_output() -> tcp_mtudisc() -> tcp_output() infinite recursion when the TCP mss ends up larger than the interface MTU (when the if_mtu is smaller than the tcp header). connections will still stall feedback from itojun@, claudio@ and provos and testing from beck@
2004-04-26	hide nonstandard struct from userland	Jun-ichiro itojun Hagino

2004-04-26	minor cleanups	Theo de Raadt

2004-04-25	add TCPCTL_DROP; ok deraadt, cedric, grange, ...	Markus Friedl

2004-04-25	radix tree with multipath support. from kame. deraadt ok	Jun-ichiro itojun Hagino
	user visible changes: - you can add multiple routes with same key (route add A B then route add A C) - you have to specify gateway address if there are multiple entries on the table (route delete A B, instead of route delete A) kernel change: - radix_node_head has an extra entry - rnh_deladdr takes extra argument TODO: - actually take advantage of multipath (rtalloc -> rtalloc_mpath)
2004-04-20	add tcps_rcvacktooold; ok deraadt	Markus Friedl

2004-04-18	pass esp/ah/ipcmp to rawip if processing is disabled with sysctl;	Markus Friedl
	allows userland ipsec; tested by sturm@; ok deraadt@, ho@, hshoexer@
2004-04-15	Unbreak INET6less kernels.	Alexander Yurchenko
	ok markus
2004-04-15	allow TCP packet with IPv4 option (we have been dropping these).	Jun-ichiro itojun Hagino
	simplify some of the codepath by using IP6_EXTHDR_GET. markus ok
2004-04-14	syn_cache_get: send RST instead of RST+ACK in response to ACK; ok deraadt	Markus Friedl

2004-04-14	simpler ipsp_aux_match() API; ok henning, hshoexer	Markus Friedl

2004-04-14	with IPv6, udp checksum is mandatory. henning ok	Jun-ichiro itojun Hagino

2004-04-12	remove duplicate if. from pedro martelletto, ok markus@	Ted Unangst

2004-04-12	factor out dropafterack_ratelim code, use ratelimit	Markus Friedl
	for tcps_rcvacktoomuch, too; drop very old ACKs; ok deraadt@
2004-04-04	on in-window SYN, send back rate-limited ACK; ok dhartmei frantzen markus	Theo de Raadt

2004-03-31	in gettdbbysrcdst(), allow matching with either src or dst beeing a wildcard	Henning Brauer
	(emtpy) entry ok markus@
2004-03-28	memory leak fix; from pat, via tedu, ok dhartmei	Theo de Raadt

2004-03-26	don't use mbuf after free; ok mcbride, deraadt, cloder	Markus Friedl

2004-03-26	Also raise advskew to 240 while we wait for pfsync to get it's bulk update.	Ryan Thomas McBride
	This is to deal with situations where the network is not working during boot so we become master by default - the high advskew value allows other carp boxes to preempt us when the network finally comes up. ok deraadt@ beck@
2004-03-24	Correct size in error message. From mickey@	Ryan Thomas McBride
	ok deraadt@
2004-03-24	Disable net.inet.carp.log by default.	Ryan Thomas McBride
	ok deraadt@
2004-03-22	Support for best effort bulk transfers of states when pfsync syncif is	Ryan Thomas McBride
	configured. This this allows pfsync+carp clusters to come up gracefully without killing active connections. pfsync now prevents carp from preempting to become master until the state table has sync'd. ABI change, any application which use struct pf_state must be recompiled. Reminded about this by Christian Gut. Thanks to beck@ cedric@ and dhartmei@ for testing and comments. ok deraadt@
2004-03-22	spelling; jjy2+@pitt.edu	Theo de Raadt

2004-03-21	fix udp checksum verification if ip options are present;	Markus Friedl
	report from Pyun via dhartmei@; ok mcbride@, dhartmei@
2004-03-20	Unbreak routing change handling for state changes; count addresses differently	Ryan Thomas McBride
	depending on where we're calling carp_addrcount() from.
2004-03-18	Allow the state to be changed explicitly via the ioctl.	Ryan Thomas McBride
	ok markus@