| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2004-07-05 | implement "set nexthop blackhole" and "set nexthop reject" | Henning Brauer | |
| blackhole/reject routes will be entered to the kernel for matching ones. this is intended to be used with the Cymru Bogon Route Server Project (http://www.cymru.com/BGP/bogon-rs.html) and similar services, claudio ok | |||
| 2004-07-05 | fix a few KNF fallouts | Henning Brauer | |
| 2004-07-03 | Switch mrt dumping to fd passing. This gives some speed up when extensive | Claudio Jeker | |
| dumping is done. Acctually mrt dumps were broken because of the fd passing. The nice side effect is a much cleaner code, especially in the parent process. OK henning@ | |||
| 2004-06-25 | provide mask2prefixlen6() and prefixlen2mask6() | Henning Brauer | |
| 2004-06-23 | Support rfc 3765 which adds a new well known community NOPEER. OK henning@ | Claudio Jeker | |
| 2004-06-22 | Make the RDE IPv6 ready missing is the message handling. The internal | Claudio Jeker | |
| prefix tree changed form a hash table to a per AF RB tree. OK henning@ some ideas are from Brent Graveland. | |||
| 2004-06-22 | introduce kroute6, which will be used to build a seperate v6 table | Henning Brauer | |
| (smashing them into the v4 table would raise the memory requirements far too much), and make kroute_nexthop (where we are not under such memory pressure, you don't have a hundred thousand nexthops) v4/v6. change existing callers to use the v4 part, claudio ok | |||
| 2004-06-20 | at least somewhat consistently name the TAILQ_ENTRYs... this confused me | Henning Brauer | |
| more than once | |||
| 2004-06-20 | implement file descriptor passing in the imsg/msgbuf framework, and use | Henning Brauer | |
| it to let the main process to prepare new listening sockets (socket() and bind()) on behalf of the session engine, which of course cannot bind() to ports < 1024 any more once it dropped privileges. with some help from theo, claudio ok | |||
| 2004-06-06 | rework bgpd's handling of listening sockets. instead of one for each | Henning Brauer | |
| supported address familiy, keep a tailq of an arbitary number of them. the new struct listen_addr contains the sockaddr and the fd. this fixes quite some nasty behaviour which was a consequence of the previous model. looks right deraadt@, and discussed with claudio | |||
| 2004-05-21 | RFC 2796 bgp route reflector support. This is very useful in conjunction | Claudio Jeker | |
| with templates. looks good, go for it henning@ | |||
| 2004-05-21 | Add support for dynamic announcements. Usefule to annouce temporary | Claudio Jeker | |
| blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@ | |||
| 2004-05-17 | extend filter language to allow basic setting of COMMUNITIES attribute. | Damien Miller | |
| ok claudio@ | |||
| 2004-05-07 | add a filter option to dump prefixes learned in UPDATEs into a PF table, | Damien Miller | |
| intended for building realtime BGP blacklists (e.g. with spamd); ok claudio & henning | |||
| 2004-05-06 | we need a seperate field for the md5 key len, can't use strlen, noticed | Henning Brauer | |
| by markus some time ago | |||
| 2004-05-06 | scale socket buffer sizes (and thus window size) up to up to 64k, | Henning Brauer | |
| but only of tcp md5sig or ipsec is in use. excellent idea by ryan some time ago, claudio and theo agree | |||
| 2004-04-29 | sock -> fd; ok henning | Theo de Raadt | |
| 2004-04-28 | allow ah/esp spec with IKE, markus ok | Henning Brauer | |
| 2004-04-28 | Enable route refresh in the RDE. Now peer can request route refreshes. | Claudio Jeker | |
| OK henning@ | |||
| 2004-04-28 | spacing | Henning Brauer | |
| 2004-04-28 | prefix the auth related defines by AUTH_, we had a name clash, markus ok | Henning Brauer | |
| 2004-04-27 | rename the ipsec struct to auth, move all tcpmd5 related fields in there, and | Henning Brauer | |
| add a generic "method" field that expresses what method (none/md5sig/ipsec manual/ipsec ike) is in use markus ok | |||
| 2004-04-27 | parser parts for ipsec ike, markus ok | Henning Brauer | |
| 2004-04-27 | initial route refresh support per RFC2918 | Henning Brauer | |
| process incoming route refresh request and notify the RDE not advertised via capabilities yet, claudio ok | |||
| 2004-04-26 | need keylen too, markus | Henning Brauer | |
| 2004-04-26 | structs for ipsec, with markus | Henning Brauer | |
| 2004-04-25 | add "neighbor cloning", allowing you to specify a prefix and prefixlength | Henning Brauer | |
| instead of the neighbor's IP address. WHen a connection comes in matching that mask we clone the neighbor spec. IPv6 match code by itojun, rde feeding by claudio, ok claudio | |||
| 2004-04-24 | some rather boring windows talk at cansecwest made me hack initial support | Henning Brauer | |
| for IPv6 transport parts based on a diff from Brent Graveland ok itojun@ claudio@ | |||
| 2004-04-10 | move the API_* and SAFI_* defines to where they belong | Henning Brauer | |
| 2004-03-11 | Add basic support for communities. Currently it is only possible to filter | Claudio Jeker | |
| on communities, e.g match from any community 24640:* set localpref 666 OK henning@ | |||
| 2004-03-10 | implement framework to announce capabilities in the open messages we send. | Henning Brauer | |
| this includes handling "unsupported optional parameter" notifications from the peer and retrying without capability announcement. claudio ok | |||
| 2004-03-02 | flesh out the address and prefix parsing, include v6 code, but reject v6 | Henning Brauer | |
| upwards, claudio ok | |||
| 2004-03-02 | Framework for rib lookups by prefix. OK henning@ | Claudio Jeker | |
| 2004-03-01 | Make it possible to diable the decision process. This is a feature only useful | Claudio Jeker | |
| for route-collectors. OK henning@ | |||
| 2004-02-26 | show rib infrastructure. At least full dumps and per as dumps. Per prefix | Claudio Jeker | |
| dump need some more work. OK henning@ | |||
| 2004-02-26 | Implement "enforce neighbor-as yes|no" which is by default on for ebgp | Claudio Jeker | |
| neighbors. While doing that check also that the nexthop is valid (not class D or E and not in 127/8 range). Kill some TODO and XXX and rename the british neighbour to neighbor as used everywhere else. OK henning@ | |||
| 2004-02-26 | Add per netwok definition filter sets. So you can now use | Claudio Jeker | |
| network 10.0.0.0/8 set localpref 100 OK henning@ | |||
| 2004-02-24 | Enhance filters. prefixlen knows now 8-24 and 8><24. It is possible to use | Claudio Jeker | |
| prefix 10.0.0.0/8 prefixlen >= 8 and set localpref 100 can be set on a per neighbor basis. OK henning@ | |||
| 2004-02-16 | add scope_id for v6 to struct bgpd_addr | Henning Brauer | |
| ok itojun, grumbling ok claudio | |||
| 2004-02-16 | Extend imsg API so that messages can be composed on the fly. In the RDE it | Claudio Jeker | |
| happens often, that imsg consists of multiple objects. OK henning@ | |||
| 2004-02-16 | Make the path attribute handling more RFC conformant. Also move the | Claudio Jeker | |
| parser to rde_attr.c where it belongs. Still missing: better aspath loop detection (should be done afterwards) and some basic error checking for optional attributes. OK henning@ | |||
| 2004-02-10 | enforce config file secrecy (correct owner, no rights for group/world) | Henning Brauer | |
| help and ok theo | |||
| 2004-02-09 | make max_prefix an u_int32_t instead of an u_long and change its | Henning Brauer | |
| meaning as in 0 means no limit insytead of setting it to ULONG_MAX for no limit | |||
| 2004-02-07 | send filter rules to the RDE on reloads, help & ok claudio | Henning Brauer | |
| 2004-02-06 | initial cut at the filtering language. | Henning Brauer | |
| structs etc to describe a rule, filter rule list management parser groks filter defs now. claudio ok, discussion & help also jakob theo | |||
| 2004-02-05 | introduce group IDs. will be needed for filtering (or rather, ease things | Henning Brauer | |
| there) just assign them from the neighbor ID pool - fortunately, that is rather simple, we just have to make sure that all members of the group and (later) all filter rules pointing to the group agree on the ID, but it does not need to stay the same across config reloads. ok claudio@ | |||
| 2004-02-01 | Set sane default announce types according to the peer type. For IBGP use | Claudio Jeker | |
| announce all and for EBGP use announce self. OK henning@ | |||
| 2004-01-28 | implement | Henning Brauer | |
| tcp md5sig password so that the key can be given in ascii, what unfortunately limits the key space (cisco/juniper compat...) we keep the ability to specify the key in hex whithout these limits. help & ok markus | |||
| 2004-01-28 | -struct peer_auth to store the SPIs, linked into struct peer | Henning Brauer | |
| -add pfkey_auth_establish(), which sets up flows for both directions and stores the SPIs in above struct -add (yet dummy) pfkey_auth_remove() with markus, ok claudio markus | |||
| 2004-01-28 | pfkey_setkey: sockaddr -> bgpd_addr; ok claudio | Markus Friedl | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |