summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Rebranddevel-11Timothy Pearson2017-10-054-0/+243
|
* Fix the build, define the boottime variable before use it.Luiz Souza2017-07-241-2/+5
|
* Fix the match timestamp when the table lookup command is used.Luiz Souza2017-07-221-0/+2
| | | | Reported by: garga
* Replace the hardcoded NULL. No functional changes.Luiz Souza2017-07-201-3/+3
|
* Remove a duplicate definition.Luiz Souza2017-07-201-1/+1
|
* Add the missing change from the last commit.Luiz Souza2017-07-201-0/+1
|
* Add support for the classic pfSense 'mixed' tables.Luiz Souza2017-07-207-36/+76
| | | | The mixed tables are used to match against the IP[4|6] and the MAC address of the peer.
* Shorten initial menu textjim-p2017-07-191-2/+2
|
* Prepare installer files for "Recover config.xml" option. Issue #7708jim-p2017-07-183-11/+48
| | | | The actual script will be in the pfSense repo under tools/installer
* style(9) fixes.Luiz Otavio O Souza2017-07-171-50/+50
| | | | | | No functional changes. (cherry picked from commit 149c98cc6bcd55e12dab57b7ea5f7a27aceadba0)
* Fix the variable name, use an existing variable.Luiz Otavio O Souza2017-07-171-3/+3
| | | | (cherry picked from commit 2ede8a241662d3c07773cb25ece6be513e741b60)
* While we always store the interface in the every state, we do not do strict ↵Luiz Otavio O Souza2017-07-171-1/+2
| | | | | | | | searches based on interface as this will cause issues with multi-wan setups. Ticket #6986 (cherry picked from commit 114dc4a89011a560c32421ca842ca73f5b29d449)
* Apply the previous dummynet fixes on v6 version of the code.Luiz Otavio O Souza2017-07-171-7/+8
| | | | (cherry picked from commit c5118da571b9ef9e22fd40b1cab8dec097e9fd7d)
* Always return PF_PASS for packets processed by dummynet, even if dummynet ↵Luiz Otavio O Souza2017-07-171-4/+3
| | | | | | | | drop the packet. While it even works for forwarded packets it will close the connection for a local bound sockets. Ticket #7050 (cherry picked from commit 4c908ee9021b280805f8f240274e7cb06bba80db)
* Packets redirected to ourselves should be flagged with M_FASTFWD_OURS and ↵Luiz Otavio O Souza2017-07-171-2/+2
| | | | | | | | not M_SKIP_FIREWALL. Ticket #7050 (cherry picked from commit 994e779f035e9ed49909936d5773f930adfc4075)
* Always remove the correct tag, find it by its cookie instead of relying on ↵Luiz Otavio O Souza2017-07-171-1/+3
| | | | | | | | m_tag_first() to do the right thing. Ticket #7050 (cherry picked from commit 3eb3c59dd40ec6da4e6c3f46946fdc89ddfb5a11)
* Revert this change from the previous commit, it actually breaks the nat ↵Luiz Otavio O Souza2017-07-171-4/+2
| | | | | | undo/redo. (cherry picked from commit 3af193c1cec01f6188c35021a07e3f43201f105f)
* Better support for dummynet (limiters) with binat and rdr rules.Luiz Otavio O Souza2017-07-171-3/+39
| | | | | | Ticket #7050 (cherry picked from commit bf80603857ea4d11cb666429c1ec7917bbac9bf0)
* Revert this unnecessary change.Luiz Otavio O Souza2017-07-171-1/+1
| | | | (cherry picked from commit e32688857d7d7435fa62dd2bc0079f51cabefeca)
* Remove duplicate code and fix undo NAT and redo NAT.Luiz Otavio O Souza2017-07-171-112/+42
| | | | | | Tested with dummynet rules (limiters). (cherry picked from commit 1d722dd06892ee05b1117ba6b3454baeec5f2690)
* Set the dnflow fields after parse the protocol headers.Luiz Otavio O Souza2017-07-171-14/+10
| | | | (cherry picked from commit 4a13836be57e438f8e088ecd478441dc132db3f9)
* Rererefix the build...Luiz Otavio O Souza2017-07-171-1/+1
| | | | (cherry picked from commit 3109c027bc0d10653af18b6463929abbbea8afaf)
* Fix the build.Luiz Otavio O Souza2017-07-171-5/+1
| | | | (cherry picked from commit da345171c852e8ab229591c46daef6bf3c0c676e)
* Fix the build, remove the extra brackets.Luiz Otavio O Souza2017-07-171-1/+1
| | | | (cherry picked from commit 201ab78f020c884be5c1e5b69e5f40e4a57eef89)
* Clean the code, fix some mistakes we did when the code was ported from ↵Luiz Otavio O Souza2017-07-171-40/+40
| | | | | | | | FreeBSD 8. Fix IPv6 code too. (cherry picked from commit 4e68aed43a934b9b166c017fb6fbd2dc9f45b193)
* Fix a typo, check the return code from ipfw_dn_io() and simplify the code.Luiz Otavio O Souza2017-07-171-12/+10
| | | | (cherry picked from commit 53775034bf00702f6c0a512bc44c72bff049060f)
* Import pfSense patch if_vlan_altq.diffLuiz Otavio O Souza2017-07-171-87/+92
| | | | | | Ticket #7219 (cherry picked from commit 5c1daa5ea1098b67d4c331d5e21b39178d616031)
* Persistently store NIC's hardware MAC address, and add a way to retrive itrpokala2017-07-171-1/+0
| | | | | | | | | | | | | | | | jhb pointed out that (struct ifnet) is part of the network driver KBI, and thus the offsets of internal fields must not change. Therefore, move the new "if_hw_addr" field to the end, and consume one of the "if_pspare"s; that's what they're there for. The new field replaces the *last* element of that array; that way, offsetof(if_pspare) and offsetof(if_ispare) are unchanged compared to before r318397. PR: 194386 Reviewed by: jhb Pointyhat to: rpokala Sponsored by: Panasas (cherry picked from commit 53168a58b2d5e27ea918b00e0398e6629c91864c)
* Fix the structure padding to work on 32bits platforms.Luiz Otavio O Souza2017-07-171-2/+4
| | | | | | Ticket #7026 (cherry picked from commit aa25003286b43c3710fe1a98b09b15385b736944)
* Round up the struct pfloghdr size to the next byte boundary.Luiz Otavio O Souza2017-07-171-1/+1
| | | | | | | | Fixes the tcpdump decoding on pflog interface. Reported as a secondary bug in Ticket #4723 (cherry picked from commit 58df8b93be71a46ae8829e57ca1bfd94c4179e59)
* MFC 305177sephe2017-07-171-1/+1
| | | | | | | | | | net/vlan: Shift for pri is 13 (pri mask 0xe000) not 1. Reviewed by: araujo, hps Sponsored by: Microsoft Differential Revision: https://reviews.freebsd.org/D7710 (cherry picked from commit 860932ee33fe82330891c9acc939827c05f20999)
* Fix a bug where existing CARP alias addresses cannot be changed.Luiz Otavio O Souza2017-07-175-14/+16
| | | | | | | | When a existent address is delete with carp_detach() if it is the last address for that CARP vhid, the CARP vhid will be destroyed and the subsequent carp_attach() to add the new IP will fail. Ticket #6892 (cherry picked from commit 77805aa5fa51dbd2ed0b6c363c6235c892caee76)
* Revert this change now that the structure size is fixed.Luiz Otavio O Souza2017-07-171-1/+1
| | | | (cherry picked from commit 848f3f9df0ed02b8f112f77b4fa6530d91ba6735)
* pf: Fix possible shutdown racekp2017-07-173-11/+18
| | | | | | | | | | | | | | | Prevent possible races in the pf_unload() / pf_purge_thread() shutdown code. Lock the pf_purge_thread() with the new pf_end_lock to prevent these races. Use a shared/exclusive lock, as we need to also acquire another sx lock (VNET_LIST_RLOCK). It's fine for both pf_purge_thread() and pf_unload() to sleep, Pointed out by: eri, glebius, jhb Differential Revision: https://reviews.freebsd.org/D10026 (cherry picked from commit 6f8b05d841a4f034b227995ff8e33cbe42c9cd30)
* Do not run the pf purge thread while the VNET variables are not initialized, ↵Luiz Otavio O Souza2017-07-171-0/+6
| | | | | | | | this can cause a divide by zero (if the VNET initialization takes to long to complete). Found while debugging Ticker #7124 (cherry picked from commit 5eb28c4fe8597d2b7a5ace3de98ba4b762b2e1a8)
* pf: Do not lose the VNET lock when ending the purge threadkp2017-07-171-5/+6
| | | | | | | | When the pf_purge_thread() exits it must make sure to release the VNET_LIST_RLOCK it still holds. kproc_exit() does not return. (cherry picked from commit e68f488f373abc3c59a19200bb1779762c3f9e03)
* Add a fix for the KSZ9031RNX errata 5.Luiz Otavio O Souza2017-07-171-0/+7
| | | | | | Fixes the Auto-Negotiation link-up failure / long link-up time with some partners. (cherry picked from commit 3f54ce3814dc86a8d0ad44192db7939fd6f5eff3)
* pf: Fix incorrect rw_sleep() in pf_unload()kp2017-07-172-4/+2
| | | | | | | | | | | When we unload we don't hold the pf_rules_lock, so we cannot call rw_sleep() with it, because it would release a lock we do not hold. There's no need for the lock either, so we can just tsleep(). While here also make the same change in pf_purge_thread(), because it explicitly takes the lock before rw_sleep() and then immediately releases it afterwards. (cherry picked from commit 3f3708722474b9af976e8fc216ef7284b86215aa)
* Fix the build.Luiz Otavio O Souza2017-07-171-3/+3
| | | | | | Spell VMXNET3_LEGACY_TX correctly. (cherry picked from commit 1752d602d65d9d043b75f7155217edc85c87b82b)
* Enable the VMXNET3_LEGACY_TX support when the kernel is built with ALTQ support.Luiz Otavio O Souza2017-07-171-0/+4
| | | | | | Ticket #7066 (cherry picked from commit 91384809a74dc98ef0d2a173718bd79bd77c13bb)
* Update the interface name before return and fix the kernel panic when pf is ↵Luiz Otavio O Souza2017-07-171-1/+20
| | | | | | | | loaded and the stf interface is created without the unit number: Ticket #7124 (cherry picked from commit c050d42a2646d2e582c46cc6f61531150ffb6cb9)
* Do not run the pf purge thread while the VNET variables are not initialized, ↵Luiz Otavio O Souza2017-07-171-0/+8
| | | | | | | | this can cause a divide by zero (if the VNET initialization takes to long to complete). Found while debugging Ticker #7124 (cherry picked from commit 5eb28c4fe8597d2b7a5ace3de98ba4b762b2e1a8)
* pf: Fix memory leak on vnet shutdown or unloadkp2017-07-171-2/+2
| | | | | | | | | | | Rules are unlinked in shutdown_pf(), so we must call pf_unload_vnet_purge(), which frees unlinked rules, after that, not before. Reviewed by: eri, bz Differential Revision: https://reviews.freebsd.org/D10040 (cherry picked from commit de11bb5bbebf0d952add4eb58f826f8e0de73671)
* pf: port extended DSCP support from OpenBSDkp2017-07-174-13/+81
| | | | | | | | | | | | Ignore the ECN bits on 'tos' and 'set-tos' and allow to use DCSP names instead of having to embed their TOS equivalents as plain numbers. Obtained from: OpenBSD Sponsored by: OPNsense Differential Revision: https://reviews.freebsd.org/D8165 (cherry picked from commit 3fbefcb2d1d30bf4f987d8ce451572c6722f0601)
* Add l2 support to ipfw fwd.Luiz Otavio O Souza2017-07-173-71/+79
| | | | (cherry picked from commit e384dd50b923cdb01b401f4ab943cec5d61fbd7d)
* Reduce the console spam. Only print this warning when boot verbose is enabled.Luiz Otavio O Souza2017-07-171-1/+1
| | | | | | | | | | | | This can get pretty annoying (and useless) in some systems. Ticket #4219 (cherry picked from commit 3469b6e4cbedf6789ee84a4ad5ce13a9286c971e) Ticket #7117 (cherry picked from commit c941deabf9dd3d86632ccfdade9dd6752e61978e)
* Make the probe routine fail when no compatible is found.Luiz Souza2017-07-171-0/+2
| | | | (cherry picked from commit c3d78dab701406f5bc46cfc1267df5f24ed4ad7a)
* Add initial support to is31fl319x RGB LED driver.Luiz Souza2017-07-173-0/+436
| | | | (cherry picked from commit 981956f70fd72dfecf42adf4377e2acace4cfdd2)
* Add support for the PCA9552 16-bit LED driver with programmable blink rates.Luiz Souza2017-07-173-0/+457
| | | | (cherry picked from commit cb5fdc6a7263db6b05ee95456e847e413fed13e2)
* Always ignore the START and STOP bits whenever the control register isloos2017-07-171-4/+8
| | | | | | | | | | | | | | being overwritten, they are set only bits (cleared by hardware). Disable the Acknowledge of the controller slave address. The slave mode is not supported. Make sure the interrupt flag bit is being cleared as recommended, add a delay() _after_ clear the interrupt bit. Sponsored by: Rubicon Communications, LLC (Netgate) (cherry picked from commit a514510c057d6d853efa9c9558112f91760688ad)
OpenPOWER on IntegriCloud