src - OpenBSD base system

Age	Commit message (Collapse)	Author
2010-01-12	when generating rdr rules, ensure the nat address is PF_ADDR_NONE to avoid	David Gwynne
	confusing pf.
2010-01-12	First pass at removing the 'pf_pool' mechanism for translation and routing	Ryan Thomas McBride
	actions. Allow interfaces to be specified in special table entries for the routing actions. Lists of addresses can now only be done using tables, which pfctl will generate automatically from the existing syntax. Functionally, this deprecates the use of multiple tables or dynamic interfaces in a single nat or rdr rule. ok henning dlg claudio
2010-01-11	add "log brief" and "log verbose" to change logging verbosity	Jonathan Gray
	like several other things in the tree. ok reyk@ looks fine claudio@
2009-12-02	log_warn() consistency.	Michael Knudsen
	`OK' claudio
2009-11-23	Unbreak tree, rs_num is now type and while there use PF_TRANS_RULESET instead	Claudio Jeker
	of the hardcoded 0. OK henning@
2009-11-22	style	Tobias Stoeckmann
	ok jmc
2009-11-11	don't leak memory in an error case.	Jonathan Gray
	found by parfait.
2009-11-03	reorder structure elements for struct netroute & router: static config	Reyk Floeter
	elements first (this matches all the other structures). no functional change.
2009-10-22	write UNIX-domain in a more consistent way; while here, replace a	Igor Sobrado
	few remaining ".Tn UNIX" macros with ".Ux" ones. pointed out by ratchov@, thanks! ok jmc@
2009-10-22	use the UNIX-related macros (.At and .Ux) where appropriate.	Igor Sobrado
	ok jmc@
2009-09-30	Bring in sync with the bgpd version of carp.c. This fixes a memory leak	Claudio Jeker
	in an error path.
2009-09-30	carp_demote_ioctl() can handle more then +/-1 steps so there is no need to	Claudio Jeker
	loop in the shutdown case. OK henning@ Fix an error message to include the correct function name.
2009-09-15	Enclose repeated buffer draining code in a new msgbuf_drain()	Jacek Masiulaniec
	function, which is additionally exported for use by others. It will be needed by smtpd's SSL module when the SMTP client code is changed to replace libevent's evbuffers with our msgbuf_* API. ok gilles@ henning@ guenther@ eric@
2009-09-01	sync with new pf	Reyk Floeter
	ok henning@
2009-08-27	lookup(n.) -> look up(v.)	Jason McIntyre

2009-08-27	allow to specify interface names as addresses, for example "listen on	Reyk Floeter
	em0". the implementation will lookup the first IPv4 address of an interface before any other IPv4 and IPv6 addresses. ok gilles@ (i got inspired by smtpd)
2009-08-17	also report routers and their host states in relayctl	Reyk Floeter
	ok pyr@, jmc@ for man bits
2009-08-14	do not timeout disabled hosts in the icmp checks	Reyk Floeter
	Thanks to Sebastian Benoit, closes pr6146
2009-08-13	add new 'router' functionality to dynamically add or remove routes	Reyk Floeter
	based on health check results, using the existing table syntax. this allows to maintain multiple (uplink) gateways to implement link balancing or WAN link failover if no routing protocol or other keepalive method is available. works fine with or without net.inet.ip.multipath enabled. ok pyr@, jmc@ for manpages
2009-08-08	Make imsg_clear close and free any fds in the received fd queue as well as	Nicholas Marriott
	freeing the msgbuf. While here also remove an unnecessary while loop. ok eric pyr
2009-08-07	get the default ttl via sysctl instead of using IPDEFTTL	Reyk Floeter

2009-08-07	rename 'struct session' to 'struct rsession' because it conflicts with	Reyk Floeter
	another 'struct session' in sys/sysctl.h.
2009-08-07	allow to modify the IP TTL value for host checks. this can be used to	Reyk Floeter
	check if the host is only n hops away and not re-routed over a longer path.
2009-08-07	add missing line	Reyk Floeter

2009-08-07	allow to specify host attributes in an arbitrary order (parent, retry) by	Reyk Floeter
	making the grammar a bit more flexible.
2009-08-07	cosmetic change - move address into an own element	Reyk Floeter

2009-08-05	prevent configuration of relays listening to a single addr:port tuple twice	Reyk Floeter

2009-08-05	support multiple 'listen on' lines in a single relay block	Reyk Floeter

2009-08-05	tables don't need pf if running in "l7" relay mode	Reyk Floeter

2009-07-23	make buf_write() behave like msgbuf_write(): send out only the	Eric Faurot
	bytes that were filled, not the whole buffer. ok pyr@ gilles@
2009-06-09	missing header file; bring things into scope	Theo de Raadt

2009-06-08	revert this change by eric@:	David Gwynne
	Make the imsg protocol network-safe. it might be network safe, but half the imsg based daemons on my firewalls dont run anymore.
2009-06-07	Change the way fds passed over a socket are retreived on the receiving side.	Eric Faurot
	Currently the receiver fetches an imsg via imsg_get() and if he expects an fd, he then calls imsg_get_fd() to fetch the next fd queued on the imsgbuf from which the imsg came. This changes hides the fd queueing mechanism to the API user. When closing an imsg with an fd, the message is flagged so that the receiving end knows it must dequeue the fd in imsg_get() and return it with the imsg structure. This way there is no (less) possible screw up from imsg_get_fd() not being called directly after imsg_get() by the user. The retreived imsg is self-contained. ok pyr@, "I like that" henning@
2009-06-07	Make the imsg protocol network-safe.	Eric Faurot
	ok pyr@
2009-06-06	change the imsg header fields a bit to prepare for upcoming changes.	Eric Faurot
	add a flag field, use u_int32_t for pid_t and extend type to 32 bits for padding. ok pyr@
2009-06-06	Get ready for including imsg.h from a lib, when it comes along.	Pierre-Yves Ritschard

2009-06-06	allocate the correct amount of memory	Eric Faurot
	ok pyr@
2009-06-06	remove unnecessary and scary pid check in imsg_init.	Pierre-Yves Ritschard
	ok eric@, claudio@
2009-06-05	didn't we just say we remove libevent from the imsg framework?	Eric Faurot
	ok pyr@
2009-06-05	4 handed diff with eric:	Pierre-Yves Ritschard
	Stop pushing event handling in the imsg framework. Instead, provide a small glue layer on top of both imsg and libevent. This finally clearly separates event handling and imsg construction. Sidetrack bonus: remove the mega-ugly hack of having a dummy imsg_event_add stub in relayctl. This will make bgpd (and thus henning) happy. Next up are smtpd and ospfd. ok eric@
2009-06-05	bring buf_write here as well.	Pierre-Yves Ritschard

2009-06-05	Add an unused data field, to allow smtpd and ypldap to work, all lib	Pierre-Yves Ritschard
	ready daemons have NULL diffs now for the imsg files. This field should eventually die a honorable death as it was a design screwup.
2009-06-05	bump MAX_IMSGSIZE here as well	Pierre-Yves Ritschard

2009-06-05	sync buffer.c with ospfd, send out buf->wpos and not buf->size.	Pierre-Yves Ritschard

2009-06-05	some KNF cleanup following the last sed.	Pierre-Yves Ritschard

2009-06-05	Make imsg completely async model agnostic by not requiring an	Pierre-Yves Ritschard
	imsg_event_add function to be provided (which ended up being a named callback). Instead provide a wrapper in the daemon and call that everywhere. Previsously discussed with the usual suspects, ok eric@ though not too happy about the function name (imsg_compose_event).
2009-06-04	move logging functions out of imsg.h, make imsg.c more library ready	Pierre-Yves Ritschard
	by not calling log_* or fatal and handle set errno when appropriate. discussed with a bunch of imsg conscious guys, ok eric@
2009-06-04	change imsg_close() return type to void. It never fails nor does it	Eric Faurot
	return any useful value. "ok now" pyr@
2009-06-04	- move message types enum back to relayd.h	Eric Faurot
	- use u_int16_t instead of enum imsg_type in imsg function prototypes requested by reyk@, ok pyr@
2009-06-04	revert previous commit for now since it won't play well with snmpd.	Eric Faurot
	ok pyr@