summaryrefslogtreecommitdiffstats
path: root/sys/contrib
Commit message (Collapse)AuthorAgeFilesLines
* This commit was generated by cvs2svn to compensate for changes in r146539,harti2005-05-233-4/+5
|\ | | | | | | which included commits to RCS files with non-trunk default branches.
| * Virgin import of NgATM kernel part 1.2harti2005-05-233-4/+5
| |
* | Enable building /sbin/ipf (but not the rescue version) with the ability todarrenr2005-05-161-0/+4
| | | | | | | | parse bpf strings for filter rules in ipf.conf
* | Enable IPFilter to correctly determine if BPF has been optioned into thedarrenr2005-05-151-2/+2
| | | | | | | | | | kernel it is being compiled against and subsequently enable using BPF for packet matching in ipf rules.
* | if_mtu not ifp_mtu.mlaier2005-05-041-1/+1
| |
* | Bring back fix from rev. 1.28 which was lost during the import.mlaier2005-05-041-2/+2
| |
* | Combine rev. 1.29 and 1.30 to something that will make sense for futuremlaier2005-05-041-1/+6
| | | | | | | | imports.
* | Make LINT happy.mlaier2005-05-042-9/+9
| |
* | Pass icmp_error() the MTU argument directly instead ofandre2005-05-041-6/+2
| | | | | | | | | | an interface pointer. This simplifies a couple of uses and removes some XXX workarounds.
* | Resolve conflicts created during the import of pf 3.7 Some features aremlaier2005-05-0311-1333/+2541
| | | | | | | | | | | | | | | | missing and will be implemented in a second step. This is functional as is. Tested by: freebsd-pf, pfsense.org Obtained from: OpenBSD X-MFC after: never (breaks API/ABI)
* | Fix the following warnings on amd64:ru2005-04-291-2/+2
| | | | | | | | | | | | | | /usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c: In function `fr_ipid_newfrag': /usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c:397: warning: cast to pointer from integer of different size /usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c: In function `fr_ipid_knownfrag': /usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c:582: warning: cast from pointer to integer of different size
* | Don't use quad_t on FreeBSD (deprecated) so use "long long" instead.darrenr2005-04-281-3/+3
| | | | | | | | | | Someday this should be converted to uint64_t and printstate.c changed to use those horrid PRiud64 things.
* | The current H.323 proxy source has a license that isn't suitable for inclusiondarrenr2005-04-271-1/+3
| | | | | | | | with FreeBSD so we shouldn't be trying to include it here.
* | - Comment out duplicate rcsid strings in *.c filesdarrenr2005-04-276-11/+18
| | | | | | | | | | - Move SIOCPROXY from ip_nat.h to ip_proxy.h and fix ip_proxy.h so that it can be easily compiled into kdump, et al.
* | Add an include for netinet/ip_compat.h directly so that we don't need todarrenr2005-04-261-0/+2
| | | | | | | | add another special file in the creation of ioctls.c for kdump.
* | Merge the changes from 3.4.35 to 4.1.8 into the kernel source treedarrenr2005-04-2520-9332/+17345
| |
* | This commit was generated by cvs2svn to compensate for changes in r145516,darrenr2005-04-2518-111/+8348
|\ \ | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | import ipfilter 4.1.8 into the kernel source treedarrenr2005-04-2538-7136/+25763
| | |
| * | Import ipfilter 3.4.35 (destinated for RELENG_4) to vendor branchdarrenr2004-06-2116-414/+736
| | |
* | | Fix error in synproxy connection completion. Source andglebius2005-04-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | destination windows were confused, one instead of other. This error was masked, because first segment of just established connection is usually smaller than initially announced window, and it was successfully passed. First window reannouncement corrected erroneous 'seqhi' value. The error showed up when client connected to synproxy with zero initial window, and reannounced it after session establishment. In collaboration with: dhartmei [we came to same patch independtly] Reviewed by: mlaier Sponsored by: Rambler MFC after: 3 days
* | | Modify the alq(9) alq_open() API to accept a file creation mode, ratherrwatson2005-04-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | than defaulting the cmode argument to vn_open() to 0. Supply a default argument of ALQ_DEFAULT_CMODE (0600) in current callers. Discussed with/pointed out by: hmp Reveiwed by: jeff, hmp MFC after: 3 days
* | | Fix mss byte order, only affects synproxy code path.glebius2005-04-131-0/+2
| | | | | | | | | | | | | | | | | | | | | Submitted by: John L. Scarfone via OpenBSD Reviewed by: mlaier Obtained from: OpenBSD, rev. 1.483 MFC after: 2 days
* | | This commit was generated by cvs2svn to compensate for changes in r143439,obrien2005-03-127-0/+1975
|\ \ \ | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Import the nForce MCP NIC bits. This is version 1.0-0301.obrien2005-03-127-0/+1975
| / / | | | | | | | | | | | | Demanded by: DES Encouraged by: scottl
* | | Move all of the hptmv files to /sys/dev/hptmv so that they won't be mistakenscottl2005-03-0213-6520/+0
| | | | | | | | | | | | for being on a CVS vendor branch. The files were moved via a repo-copy.
* | | Add FreeBSD ID.obrien2005-02-281-0/+2
| | |
* | | Use dynamic major number allocation.phk2005-02-271-2/+0
| | |
* | | avoid sneaky double freesam2005-02-251-1/+5
| | | | | | | | | | | | | | | Noticed by: Coverity Prevent analysis tool Reviewed by: scottl
* | | Do not fail to initialize callouts (on SMP only) -- it leads to crashing.green2005-02-221-3/+4
| | |
* | | Fix a terrible braino in pfi_maybe_destroy() and unbreak "$pfctl -Fall" withmlaier2005-02-211-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | renamed interfaces. PR: kern/77645 Reported by: Harald Schmalzbauer <harryNOschmalzbauerSPAMde> Reviewed by: yongari MFC after: 3 days
* | | Don't use the static CALLOUT_INITIALIZER for __FreeBSD_version >= 600000. Itmlaier2005-02-212-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | was a bad idea, but since it is done like this in the vendor source we keep it around for older versions. As a safe guard against future misuse we don't even define CALLOUT_INITIALIZER anymore. This fixes ALTQ after callout_init_mtx() and takes altq_var.h off the vendor branch. Submitted by: Divacky Roman <xdivac02NOstud.fit.vutbrSPAMcz> (w/ changes)
* | | Fix inteface clear time. pf printed "Thu Jan 1 09:00:01 1970"yongari2005-02-171-1/+8
| | | | | | | | | | | | | | | | | | in "pfctl -vvsI" output when pf was statically linked to kernel. Discussed with: mlaier
* | | Access softc embedded struct ifnet via function macro to make it easier tomlaier2005-02-093-26/+54
| | | | | | | | | | | | | | | | | | untangle struct ifnet and softc/arpcom in the future. Requested by: brooks
* | | - Split out PCI support.mdodd2005-02-034-306/+744
| | | | | | | | | | | | | | | | | | - Add previously removed ISA support. Submitted by: David S. Madole <david AT madole.net>
* | | Use the packet's address family instead of the rule's when selecting adhartmei2005-01-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | replacement address for an rdr rule. Some rdr rules have no address family (when the replacement is a table and no other criterion implies one AF). In this case, pf would fail to select a replacement address and drop the packet due to translation failure. Found by: Gustavo A. Baratto
* | | Prohibit ruleset changes at securelevel > 2, not > 1. It's documenteddhartmei2005-01-191-1/+1
| | | | | | | | | | | | | | | | | | | | | like this in init(8), but the code didn't match the documentation. Submitted by: Juraj Lutter <otis at sk dot FreeBSD dot org> Agrees: mlaier
* | | This commit was generated by cvs2svn to compensate for changes in r140216,njl2005-01-141-0/+7
|\ \ \ | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Clean up a small memory leak introduced with the previous commit tonjl2005-01-141-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | dsutils.c. We need to GC the implicitly-returned object. Submitted by: Robert.Moore at Intel MFC after: 1 day
* | | | This commit was generated by cvs2svn to compensate for changes in r140094,njl2005-01-121-1/+2
|\ \ \ \ | |/ / / | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Fix handling of the implicit return case for methods called from annjl2005-01-121-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | external source (i.e., _STA). The previous case only handled calls occurring within AML. This should fix Toshibas, among others. Thanks to Robert Moore of Intel for the fix. MFC after: 2 days
* | | | Elminate 1 LOR (actually a recursive mutex grab) involving ipfilter wheredarrenr2005-01-081-25/+2
| | | | | | | | | | | | | | | | | | | | we loop through all the list of NICs (struct ifnet), holding the lock on it and then do a name lookup with ifunit() whilst holding it.
* | | | * Remove some code that's in a #ifndef FreeBSD that's no longer used.darrenr2004-12-261-5/+0
| | | |
* | | | * The #ifdef's to cause mutex's for freebsd to be declared were meant to pickdarrenr2004-12-262-19/+4
| | | | | | | | | | | | | | | | | | | | up on USE_MUTEX being defined, but this patch * Remove some code that's in a #ifndef FreeBSD that's no longer used.
* | | | Darnit, through a maze of twisty passages, ipfilter needs to have PFIL_HOOKSscottl2004-12-251-1/+1
| | | | | | | | | | | | | | | | defined. Revert part of the previous commit to fix this.
* | | | Sprinkle in some __FreeBSD_version checks so that this compiles again. Don'tscottl2004-12-253-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | define PFIL_HOOKS anymore. Submitted by: keramida
* | | | Enable fine grained locking within IPFilter, using mtx(9) and sx(9) allowingdarrenr2004-12-249-27/+81
| | | | | | | | | | | | | | | | the the "needs giant" flag to be removed from the driver.
* | | | Initialise init_addr in pf_map_addr() in the PF_POOL_ROUNDROBIN,dhartmei2004-12-191-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | prevents a possible endless loop in pf_get_sport() with 'static-port' ICMP state entries use the ICMP ID as port for the unique state key. When checking for a usable key, construct the key in the same way. Otherwise, a colliding key might be missed or a state insertion might be refused even though it could be inserted. The second case triggers the endless loop, possibly allowing a NATed LAN client to lock up the kernel. PR: kern/74930 Reported and tested by: Hugo Silva, Srebrenko Sehic MFC after: 3 days
* | | | Make ip_nat compile again. Should read #if->n<-def LARGE_NAT as in ipf 4.xmlaier2004-12-181-1/+1
| | | |
* | | | Move two variables that are unused if LARGE_NAT is defined inside an #ifdefdarrenr2004-12-171-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | to keep them out of harms way when compiling. PR: 72783
* | | | Allow ipnat redirect rules to work for non-TCP/UDP packets.darrenr2004-12-171-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | PR: 70038 Submitted by: fming@borderware.com Reviewed by: darrenr Obtained from: fming@borderware.com
OpenPOWER on IntegriCloud