| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-07-13 | output the no-longer-so-new AS operators when printing the | Sebastian Benoit | |
| configuration noticed by and diff from Denis Fondras, thanks! ok phessler@ sthen@ | |||
| 2016-06-28 | Use IPV6_MINHOPCOUNT to finish implementing ttl-security for IPv6. | Jeremie Courreges-Anglas | |
| ok renato@ deraadt@ | |||
| 2016-06-21 | do not allow whitespace in macro names, i.e. "this is" = "a variable". | Sebastian Benoit | |
| change this in all config parsers in our tree that support macros. problem reported by sven falempin. feedback from henning@, stsp@, deraadt@ ok florian@ mikeb@ | |||
| 2016-06-20 | change the "nexthop 1.2.3.4 now valid: via 192.168.0.1" message to log_debug() | Sebastian Benoit | |
| ok deraadt@ florian@ stsp@ phessler@ | |||
| 2016-06-11 | Fixed "then" vs "than" typo. | Tobias Stoeckmann | |
| ok jmc | |||
| 2016-06-06 | Add format attributes to the proper functions and then fix the warning in | Sebastian Benoit | |
| session.c ok mpi@ | |||
| 2016-06-03 | grammar fix; | Jason McIntyre | |
| 2016-06-03 | Add operators =, !=, - (range), >< (exclsive range) to the as-path | Sebastian Benoit | |
| filters (AS, peer-as, source-as, transit-as). Add a use case (block illegal AS numbers) to the bgpd.conf example. feedback from claudio, sthen, florian, ok florian@ phessler@ | |||
| 2016-04-08 | When bgp receives an RTM_CHANGE message for an RTF_MPATH route[1], and | Peter Hessler | |
| it finds it actually on an interface, bgpd can get confused. In this case, just log it and treat it as an RTM_ADD so bgpd doesn't suicide. [1] includes all ospfd installed routes, btw. OK benno@ sthen@ | |||
| 2016-03-22 | Connected routes are no longer identified by a AF_LINK gateway so adjust | Claudio Jeker | |
| dispatch_rtmsg_addr() similar to the way fetchtable() was fixed long ago. This should fix various issues with bad gateways being picked up by bgpd. Problem identified and initial fix provided by phessler@ but commiting my version which is more conservative. OK phessler@ | |||
| 2016-02-02 | Remove setproctitle() for the parent process. Because rc.d(8) uses process | Stuart Henderson | |
| titles (including flags) to distinguish between daemons, this makes it possible to manage multiple copies of a daemon using the normal infrastructure by symlinking rc.d scripts to a new name. ok jung@ ajacoutot@, smtpd ok gilles@ | |||
| 2016-01-26 | typos | mmcc | |
| 2016-01-07 | If transparent-as is set to no AS paths are prepended with the local | Florian Obser | |
| AS not "their" AS. Which would be silly, the peer would just reject the prefix because the AS path contains its own AS. Pointed out by Colin Petrie cpetrie AT ripe DOT net, thanks! OK phessler, sthen, benno, jmc | |||
| 2015-12-30 | now that ibuf_free() checks for null, we can remove the check here. | Sebastian Benoit | |
| ok mmcc@ millert@ tb@ claudio@ | |||
| 2015-12-23 | Remove NULL-checks before free(). I think I've almost scrubbed the | mmcc | |
| entire tree of these... | |||
| 2015-12-22 | commited -> committed | mmcc | |
| 2015-12-05 | cleanup some log messages with wrong function names etc. | Sebastian Benoit | |
| ok henning,claudio | |||
| 2015-12-05 | EAGAIN handling for imsg_read. OK henning@ benno@ | Claudio Jeker | |
| 2015-12-03 | claudio questioned the need for pledge(unix) in the rde, and i think | Sebastian Benoit | |
| he is right. ok claudio@ | |||
| 2015-12-01 | It is not a network hackathon without a bgpd commit. So here we go. | Claudio Jeker | |
| Fix rdomain setups that got broken some time ago when I refactored the config loading to exec the rde and se on startup. Works for me and I think I'm the only user. | |||
| 2015-11-27 | Imporve error messages for the imsg handler code. OK sthen@ | Claudio Jeker | |
| 2015-11-20 | bgpd has been naughty. It tries to play with AF_UNIX sockets without | Florian Obser | |
| pledging "unix". Move control_listen up to the main process which already has pledge("unix"). accept(2) was already allowed. (Technically no longer necessary since listen(2) is now allowed, too, but this moves it to the right place.) OK claudio@, deraadt@ | |||
| 2015-11-17 | pledge() esposes a design issue in bgpd that will take a moment to | Sebastian Benoit | |
| get right, so disable the pledge() call in bgpd (parent process) for now. ok deraadt@ | |||
| 2015-11-17 | in the SE, loosing the pipe to the main process can be handled with a | Sebastian Benoit | |
| normal shutdown of sessions and exit. no need for fatal(). ok henning@ phessler@ florian@ happy deraadt@ | |||
| 2015-11-12 | pledge the bgpd main process. Some of the promises can be improved upon | Sebastian Benoit | |
| with a bit of rework, so comment why they are needed. ok deraadt@ | |||
| 2015-11-06 | Radically improve the performance of bgpd filters. Based on PF's skip | Peter Hessler | |
| steps (and uses much of the same code). In a torture test of ~600k prefix filters and 65k prefixes, convergance time goes from 35 minutes to 30 seconds. Many thanks to LONAP for providing a base configuration for torture testing. many discussions with claudio@, benno@, sthen@ and the rest of the bgpd crowd OK sthen@ benno@ | |||
| 2015-10-27 | calloc -> malloc when the memory is immediately overwritten with memcpy. | mmcc | |
| ok claudio@ | |||
| 2015-10-25 | Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and | Claudio Jeker | |
| imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes | |||
| 2015-10-25 | Only run the rib_dump_runner() if there is something pending and the | Claudio Jeker | |
| control socket has not many messages queued. | |||
| 2015-10-24 | "bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument | Sebastian Benoit | |
| to work. send an error if none is given. ok claudio@ | |||
| 2015-10-24 | Introduce msgtypenames to print bgp msg types (which will be used by bgpctl) | Claudio Jeker | |
| 2015-10-24 | In all other cases of rde_filter_match() we ensure that asp is valid so | Claudio Jeker | |
| do it here as well. | |||
| 2015-10-24 | seg_type is only set but never used. So remove it. Someone reported this | Claudio Jeker | |
| long time ago. | |||
| 2015-10-22 | Revert revision 1.282: | Reyk Floeter | |
| "Allow for empty blocks for peers. While this is bad style for permant use, this is very nice to temporarily disable a peer option." This broke the grammar by introducing shift/reduce errors. OK phessler@ | |||
| 2015-10-22 | If we receive an empty route message, log it and ignore it. Happens | Peter Hessler | |
| occasionally on FreeBSD. from Melissa Jenkins OK claudio@, florian@, benno@ | |||
| 2015-10-17 | Do no accept fds on the control socket; including the restricted socket. | Reyk Floeter | |
| OK gilles@ eric@ | |||
| 2015-10-11 | standardize a community that has been independently created by nearly | Peter Hessler | |
| every single AS on the planet: the blackhole OK benno@, claudio@, sthen@ | |||
| 2015-10-11 | some peers are following an expired draft RFC and are sending "unknown" | Peter Hessler | |
| error codes to OPEN messages. make them "known", and show them. OK benno@, claudio@, sthen@ | |||
| 2015-10-09 | Change all tame callers to namechange to pledge(2). | Theo de Raadt | |
| 2015-10-07 | In theory, bgpd should be happy with tame "stdio unix route recvfd". | Theo de Raadt | |
| Let's hear from people's experiences by commiting it. | |||
| 2015-10-07 | use fatal() instead of err(); from benno | Theo de Raadt | |
| 2015-10-06 | Move from tame "cmsg" to tame "sendfd" or "recvfd", depending on which | Theo de Raadt | |
| way the process moves fd's. | |||
| 2015-10-05 | tame "stdio inet cmsg" should work well in the session engine. | Theo de Raadt | |
| ok benno | |||
| 2015-09-21 | sort; | Jason McIntyre | |
| 2015-09-21 | Let us log all updates sent from an individual peer. Since this can be | Peter Hessler | |
| applied to a group, also let us disable logging on a sub-member of the group. Very handy for debugging naughty peers on a router with multiple peers. OK benno@ | |||
| 2015-09-21 | Allow for empty blocks for peers. While this is bad style for permant | Peter Hessler | |
| use, this is very nice to temporarily disable a peer option. OK sthen@ benno@ | |||
| 2015-09-19 | Use correct function name in error message | Claudio Jeker | |
| 2015-09-16 | Another ifmedia64 fix, this time for bgpd's ift2ifm(). | Stefan Sperling | |
| And rename struct kif's media_type to if_type to avoid confusion with ifmedia's media type. Same rename in other daemons will follow. ok claudio henning benno | |||
| 2015-09-13 | explicit_bzero() from Michael McConville, thanks! | Florian Obser | |
| OK claudio | |||
| 2015-08-30 | rename a variable "err" to "error" | Theo de Raadt | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |