Age | Commit message (Collapse) | Author |
|
|
|
Instead of passing around u_char[4], introduce struct ipsec_level
that contains 4 ipsec levels. This provides better type safety.
The embedding struct inpcb is globally visible for netstat(1), so
put struct ipsec_level outside of #ifdef _KERNEL.
OK deraadt@ mvs@
|
|
Use a common struct route for both inet and inet6. Unfortunately
struct sockaddr is shorter than sockaddr_in6, so netinet/in.h has
to be exposed from net/route.h. Struct route has to be bsd visible
for userland as netstat kvm code inspects inp_route. Internet PCB
and TCP SYN cache can use a plain struct route now. All specific
sockaddr types for inet and inet6 are embeded there.
OK claudio@
|
|
To optimize route caching, count cache hits and misses. This is
shown in netstat -s for both inet and inet6. Reuse the old IPv6
forward cache counter. Sort ip6s_wrongif consistently. For now
only IPv4 cache counter has been implemented.
OK mvs@
|
|
OK bluhm@
|
|
TCP syn cache variable scs_use is basically counting packet insertions
into syn cache. Prefer type long to exclude overflow on fast
machines. Due to counting downwards from a limit, it can become
negative. Copy it out as tcps_sc_uses_left via sysctl, and print
it as signed long long integer.
OK mvs@
|
|
revert the previous that the mbstat is located on the stack.
ok claudio
|
|
ok blumn mvs
|
|
ok blumn
|
|
If tcplro is activated on lo(4), ignore the MTU with TCP packets.
They are passed along with the information that they have to be
chopped in case they are forwarded later. New netstat(1) counter
shows that software LRO is in effect. The feature is currently
turned off by default.
tested by jan@; OK claudio@ jan@
|
|
With tweaks from patrick@ and bluhm@.
OK bluhm@
|
|
meant as a fallback if network hardware does not support TSO. Driver
support is still work in progress. TCP output generates large
packets. In IP output the packet is chopped to TCP maximum segment
size. This reduces the CPU cycles used by pf. The regular output
could be assisted by hardware later, but pf route-to and IPsec needs
the software fallback in general.
For performance comparison or to workaround possible bugs, sysctl
net.inet.tcp.tso=0 disables the feature. netstat -s -p tcp shows
TSO counter with chopped and generated packets.
based on work from jan@
tested by jmc@ jan@ Hrvoje Popovski
OK jan@ claudio@
|
|
ok miod@ millert@
|
|
|
|
pointed out by pguemther
ok pguenther kn claudio
|
|
diff from paul tagliamonte, who was surprised to find them not documented
in route(8);
claudio agreed placement was not ideal;
deraadt confirmed users better served by route(8) than netstat(1);
i've tweaked some of the spacing and text so it displays better,
and removed some macros incorrectly associated with the "nameserver"
list item, which was messing up the formatting. should display better
now
|
|
getopt(3) returns '?' when it encounters a flag not present in the in
the optstring or if a flag is missing its option argument. We can
handle this case with the "default" failure case with no loss of
legibility. Hence, remove all the redundant "case '?':" lines.
Prompted by dlg@. With help from dlg@ and millert@.
Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2
ok naddy@ millert@ dlg@
|
|
It has been annoying me for too long that fully specififed GUAs
(2001:0db8:3333:4444:5555:6666:7777:8888) mess up alignment.
systat(1)'s netstat is the only view that has a big enough limit and thus
never misaligns.
Unify ndp(8), route(8) and netstat(1) views to always align nicely.
Feedback OK claudio
|
|
"Make if.c kvm free by fetching the interface stats via sysctl ..."
if.c r1.56 in 2008 neutered the -d and -t flags.
-d functionality was eventually restored with if.c r1.76 in 2015.
-t has been printing zeroes for over fourteen now; this cannot have been
useful to anyone and noone complained about a wrong watchdog timer values.
Remove -t entirely without printing a warning; `netstat -t ...' now fails.
Feedback jsg
OK jsg bluhm
|
|
Obsolete since if.c r1.56 (2008)
"Make if.c kvm free by fetching the interface stats via sysctl [...]".
|
|
to out of memory. Use a generic idropped counter for those.
OK mvs@
|
|
found by otto@ the hard way
|
|
It is now set on all routes (and before it was never set).
OK tb@ anton@
|
|
jmc@ dislikes a comma before "then" in a conditional, so leave those
untouched.
ok jmc@
|
|
via netinet/in.h and sys/time.h, which I must say surprises me a bit
|
|
|
|
userland the TDBs which exceeded hard limit.
Also the `ipsec_notdb' counter description in header doesn't math to
netstat(1) description. We never count `ipsec_notdb' and the netstat(1)
description looks more appropriate so it's used to avoid confusion with
the new counter.
ok bluhm@
|
|
the routing table. Define _KERNEL around the net/route.h include.
OK florian@
|
|
indent_globs.h to indent.c, and (2) changing all the same decls in
indent_globs.h to be extern
ok mortimer
|
|
|
|
OK claudio
|
|
OK mpi@ as part of a larger diff
|
|
is not initalized. Do not reset the scope_id if it was already set.
OK bluhm@ florian@
|
|
While here, trim pointless quoting and one excessive column width.
|
|
netstat(1) is where the mapping between letters and flags is documented,
but searching for them ("man -k any=RTF_" or "man -k -i any=blackhole")
would only list route(4) and route(8).
Markup preprocessor defines as such.
OK schwarze
|
|
before accessing anything in ifa_addr.
ok claudio@
|
|
OK claudio@ sthen@
|
|
sufficient space to display v4 addresses cleanly, but which truncate v6
addresses. The -n flag on each already provides additional column width
for IPv6 addresses. Make this formatting the default.
OK phessler kn
|
|
use of -f; remove that too;
pointed out by guenther
|
|
was ever added;
the text was added 21 years ago when ip6 support was added;
marfabastewart noticed it, and guenther tracked down the commit responsible;
this commit removes that text;
|
|
and rework the man text to reflect this;
guenther supplied the details on the various modes;
deraadt suggested __progname be banished from usage();
|
|
noticed by jmc@
|
|
reminded by jmc@
|
|
My first version also displayed the number of routes per table. But
duming all routing tables to count the entries in userland is expensive.
Once the kernel can export these counters the numbers can be added to the
output of -R.
OK benno@ previous version
OK sthen@
|
|
Breakage reported by espie@, ok bluhm@
|
|
where such packet is bound to. This check is enforced if and only
IP forwarding is disabled.
Change discussed with bluhm@, claudio@, deraadt@, markus@, tobhe@
OK bluhm@, claudio@, tobhe@
|
|
format.
OK mpi@
|
|
limits. Convert kernel variables and calculations for mbuf memory
into long to allow larger values on 64 bit machines. Put a range
check into the kernel sysctl. For the interface itself int is still
sufficient. In netstat -m cast all multiplications to unsigned
long to hold the product of two unsigned int.
input and OK visa@
|
|
sack hole list length or pool limit.
OK claudio@
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|