summaryrefslogtreecommitdiff
path: root/sys/netinet
AgeCommit message (Collapse)Author
1997-02-21Removed no longer necessary cautionary comment.Angelos D. Keromytis
1997-02-21Couple of missing ifdefs.Angelos D. Keromytis
1997-02-21-nostdinc and big endian cleanupNiklas Hallqvist
1997-02-21Fixed error introduced with last patch.Angelos D. Keromytis
1997-02-21Removed some of the ugliness in ipsp_kern().Angelos D. Keromytis
1997-02-20DES library for IPSEC; Eric Young (eay@mincom.oz.au)Theo de Raadt
1997-02-20IPSEC package by John Ioannidis and Angelos D. Keromytis. Written inTheo de Raadt
Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz
1997-02-16udp packets less than min udp packet length are bad; davem@jenolan.rutgers.eduTheo de Raadt
1997-02-13prevent free()ed object from being referencedkstailey
1997-02-13off-by-one-slot for IP timestamp option data inserts, PR#103, ↵Theo de Raadt
andreas.gunnarsson@emw.ericsson.se
1997-02-13back out prev. changekstailey
1997-02-13make SPLNET() do splsoftnet()kstailey
1997-02-12protect ip_natexpirekstailey
1997-02-11IPF 1.3.7kstailey
1997-02-11ensure ipt->ipt_ptr is right; pr#96, andreas.gunnarsson@emw.ericsson.seTheo de Raadt
1997-02-05use arc4random()Theo de Raadt
1997-02-05#define ICMP_UNREACH_FILTER -> ICMP_UNREACH_FILTER_PROHIB to match ↵kstailey
tcpdump/print_icmp.c which had it first
1997-02-04changed comment to reflect RFC-1812kstailey
1997-02-04Changed ICMP "unreachable" code #defines to match the ones inkstailey
tcpdump/print-icmp.c since they were in BSD first.
1997-01-30for IP_HDRINCL option, use ip_len/ip_off in network order; lidl@va.pubnix.comTheo de Raadt
1997-01-30Added ICMP Destination Unreachable codes from RFC-1812:kstailey
14 = Host Precedence Violation. Sent by the first hop router to a host to indicate that a requested precedence is not permitted for the particular combination of source/destination host or 15 = Precedence cutoff in effect. The network operators have imposed a minimum level of precedence required for operation, the datagram was sent with a precedence below this level;
1997-01-30added #define for Communication Administratively Prohibitedkstailey
as in RFC-1812 Section 5.2.7.1 Destination Unreachable
1997-01-26Make ip_len and ip_off unsigned values; don't transmit or accept packetsThorsten Lockert
larger than the maximum IP packet size. From NetBSD.
1997-01-18syslog.h -> sys/syslog.hJason Downs
THIS IS THE KERNEL, DAMNIT.
1997-01-15prevent warning:kstailey
in_pcb.c:182: warning: `old' might be used uninitialized in this function
1996-10-27record route is not a problem; thanks bitbltTheo de Raadt
1996-10-24<sys/dir.h> is for use as a compatibility interface only. Warn ifThorsten Lockert
included by kernel modules, and also remove use from any modules that currently attempt to use it.
1996-10-18Do not run IP defragmentation routines unneccecarily; NetBSD PR# 2772Thorsten Lockert
1996-10-08Prototype & Stylistic fixes for high -W gcc levelsNiklas Hallqvist
1996-09-30handle openbsd casesTheo de Raadt
1996-09-25Drop unused variableNiklas Hallqvist
1996-09-23fix tuba after synbomb fixesTheo de Raadt
1996-09-20`solve' the syn bomb problem as well as currently known; add sysctl's forTheo de Raadt
SOMAXCONN (kern.somaxconn), SOMINCONN (kern.sominconn), and TCPTV_KEEP_INIT (net.inet.tcp.keepinittime). when this is not enough (ie. overfull), start doing tail drop, but slightly prefer the same port.
1996-09-12Close TCP receive window when we cannot receive data; suggested by DarrenThorsten Lockert
Reed. Also make a conditional easier to read.
1996-09-12TCP Persist handling; from 4.4BSD Lite2 (via NetBSD PR 2335)Thorsten Lockert
1996-09-12Don't assume other subnets than our own are local to us; from Luigi RizzoThorsten Lockert
by way of Jason Downs & Theo de Raadt. Can be overridden in the kernel configuration file by using "option SUBNETSARELOCAL=1"
1996-09-02Don't drain the protocol queues at interrupt level.dm
1996-08-24change to so_uid, also fix a missing credential found by dmTheo de Raadt
1996-08-14restrict some raw ip packets that may crash ip_output(); from freebsdTheo de Raadt
1996-08-14ipaddrs are int; like many other things found after spotting a similar ↵Theo de Raadt
netbsd commit...
1996-08-07Partial protection from TCP SYN attacksThorsten Lockert
1996-08-05stupid typo, going to bed in penanceTheo de Raadt
1996-08-05only check for takeover permission if non-rootTheo de Raadt
1996-08-05struct socket gets so_ucred; permit only same uid or root to do port takeover.Theo de Raadt
1996-08-02ICMP Router Discovery definitions; from FreeBSDThorsten Lockert
1996-08-02Allow viewing of net.inet.ip.sourceroute in secure modeThorsten Lockert
1996-07-29Remove random() prototype, as it's not needed. Besides it was wrong for the ↵Niklas Hallqvist
alpha :-)
1996-07-29Fix stupid logic error in bind().Jason Downs
1996-07-29Make TCP ISS increment by random amountsThorsten Lockert
1996-07-29Make 600, instead of 512, the lower limit for reserved ports.Jason Downs