summaryrefslogtreecommitdiffstats
path: root/sys/netinet/ip_input.c
Commit message (Collapse)AuthorAgeFilesLines
* Lock down the network interface queues. The queue mutex must be obtainedjlemon2000-11-251-4/+2
| | | | | | | | | | | | | | before adding/removing packets from the queue. Also, the if_obytes and if_omcasts fields should only be manipulated under protection of the mutex. IF_ENQUEUE, IF_PREPEND, and IF_DEQUEUE perform all necessary locking on the queue. An IF_LOCK macro is provided, as well as the old (mutex-less) versions of the macros in the form _IF_ENQUEUE, _IF_QFULL, for code which needs them, but their use is discouraged. Two new macros are introduced: IF_DRAIN() to drain a queue, and IF_HANDOFF, which takes care of locking/enqueue, and also statistics updating/start if necessary.
* Wrong checksum used for certain reassembled IP packets before diverting.ru2000-11-011-1/+4
|
* Convert all users of fldoff() to offsetof(). fldoff() is badphk2000-10-271-2/+0
| | | | | | | | | | | | | | | | | | | | | | | because it only takes a struct tag which makes it impossible to use unions, typedefs etc. Define __offsetof() in <machine/ansi.h> Define offsetof() in terms of __offsetof() in <stddef.h> and <sys/types.h> Remove myriad of local offsetof() definitions. Remove includes of <stddef.h> in kernel code. NB: Kernelcode should *never* include from /usr/include ! Make <sys/queue.h> include <machine/ansi.h> to avoid polluting the API. Deprecate <struct.h> with a warning. The warning turns into an error on 01-12-2000 and the file gets removed entirely on 01-01-2001. Paritials reviews by: various. Significant brucifications by: bde
* RFC 791 says that IP_RF bit should always be zero, but nothingru2000-10-261-52/+29
| | | | | | | | in the code enforces this. So, do not check for and attempt a false reassembly if only IP_RF is set. Also, removed the dead code, since we no longer use dtom() on return from ip_reass().
* Wrong header length used for certain reassembled IP packets.ru2000-10-261-2/+2
| | | | | | This was first fixed in rev 1.82 but then broken in rev 1.125. PR: 6177
* Augment the 'ifaddr' structure with a 'struct if_data' to keepjoe2000-10-191-1/+6
| | | | | | | | | | | statistics on a per network address basis. Teach the IPv4 and IPv6 input/output routines to log packets/bytes against the network address connected to the flow. Teach netstat to display the per-address stats for IP protocols when 'netstat -i' is evoked, instead of displaying the per-interface stats.
* Backout my wrong attempt to fix the compilation warning in ip_input.cru2000-10-121-1/+1
| | | | | | | | | | and instead reapply the revision 1.49 of mbuf.h, i.e. Fixed regression of the type of the `header' member of struct pkthdr from `void *' to caddr_t in rev.1.51. This mainly caused an annoying warning for compiling ip_input.c. Requested by: bde
* Fix the compilation warning.ru2000-10-121-1/+1
|
* m_cat() can free its second argument, so collect the checksum informationjlemon2000-09-141-1/+1
| | | | from the fragment before calling m_cat().
* Follow BSD/OS and NetBSD, keep the ip_id field in network order all the time.ru2000-09-141-4/+0
| | | | Requested by: wollman
* Fixed broken ICMP error generation, unified conversion of IP headerru2000-09-011-9/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fields between host and network byte order. The details: o icmp_error() now does not add IP header length. This fixes the problem when icmp_error() is called from ip_forward(). In this case the ip_len of the original IP datagram returned with ICMP error was wrong. o icmp_error() expects all three fields, ip_len, ip_id and ip_off in host byte order, so DTRT and convert these fields back to network byte order before sending a message. This fixes the problem described in PR 16240 and PR 20877 (ip_id field was returned in host byte order). o ip_ttl decrement operation in ip_forward() was moved down to make sure that it does not corrupt the copy of original IP datagram passed later to icmp_error(). o A copy of original IP datagram in ip_forward() was made a read-write, independent copy. This fixes the problem I first reported to Garrett Wollman and Bill Fenner and later put in audit trail of PR 16240: ip_output() (not always) converts fields of original datagram to network byte order, but because copy (mcopy) and its original (m) most likely share the same mbuf cluster, ip_output()'s manipulations on original also corrupted the copy. o ip_output() now expects all three fields, ip_len, ip_off and (what is significant) ip_id in host byte order. It was a headache for years that ip_id was handled differently. The only compatibility issue here is the raw IP socket interface with IP_HDRINCL socket option set and a non-zero ip_id field, but ip.4 manual page was unclear on whether in this case ip_id field should be in host or network byte order.
* Nonexistent <sys/pfil.h> -> <net/pfil.h>ache2000-07-311-1/+1
| | | | Kernel 'make depend' fails otherwise
* activate pfil_hooks and covert ipfilter to use itdarrenr2000-07-311-10/+28
|
* sync with kame tree as of july00. tons of bug fixes/improvements.itojun2000-07-041-5/+0
| | | | | | | API changes: - additional IPv6 ioctls - IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8). (also syntax change)
* Add boundary checks against IP options.jlemon2000-06-021-1/+5
| | | | Obtained from: OpenBSD
* Cast sizeof() calls to be of type (int) when they appear in a signedjlemon2000-05-171-3/+4
| | | | | | | integer expression. Otherwise the sizeof() call will force the expression to be evaluated as unsigned, which is not the intended behavior. Obtained from: NetBSD (in a different form)
* Do not call icmp_error() if ipfirewall(4) denied packet.ru2000-05-151-0/+4
| | | | PR: kern/10747, kern/18382
* correct more out-of-bounds memory access, if cnt == 1 and optlen > 1.itojun2000-05-101-0/+4
| | | | similar to recent fix to sys/netinet/ipf.c (by darren).
* Add support for offloading IP/TCP/UDP checksums to NIC hardware whichjlemon2000-03-271-3/+14
| | | | supports them.
* Remove option IPFILTER_KLD. In case you wanted to kldload ipfilter,guido2000-02-231-4/+0
| | | | | | the module would only work in kernels built with this option. Approved by: jkh
* Clean up some loose ends in the network code, including the X.25 and ISOpeter2000-02-131-2/+2
| | | | | | | #ifdefs. Clean out unused netisr's and leftover netisr linker set gunk. Tested on x86 and alpha, including world. Approved by: jkh
* Move definition of fw_enable from ip_fw.c to ip_input.cluigi2000-02-101-0/+1
| | | | | | | so we can compile kernels without IPFIREWALL . Reported-by: Robert Watson Approved-by: jordan
* Support the net.inet.ip.fw.enable variable, part ofluigi2000-02-101-1/+1
| | | | | | the recent ipfw modifications. Approved-by: jordan
* Move the *intrq variables into net/intrq.c and unconditionallybrian2000-01-241-1/+2
| | | | | | | | | | | include this in all kernels. Declare some const *intrq_present variables that can be checked by a module prior to using *intrq to queue data. Make the if_tun module capable of processing atm, ip, ip6, ipx, natm and netatalk packets when TUNSIFHEAD is ioctl()d on. Review not required by: freebsd-hackers
* IPSEC support in the kernel.shin1999-12-221-19/+123
| | | | | | | | pr_input() routines prototype is also changed to support IPSEC and IPV6 chained protocol headers. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* Revive mlfk_ipl here. This version is slightly changed fromguido1999-12-061-5/+0
| | | | | | | | | | | | | the old one: an unnecessary define (KLD_MODULE) has been deleted and the initialisation of the module is done after domaininit was called to be sure inet is running. Some slight changed were made to ip_auth.c and ip_state.c in order to assure including of sys/systm.h in case we make a kld Make sure ip_fil does nmot include osreldate in kernel mode Remove mlfk_ipl.c from here: no sources allowed in these directories!
* Miscellaneous fixes/cleanups relating to ipfw and divert(4):archie1999-12-061-73/+100
| | | | | | | | | | | | | - Implement 'ipfw tee' (finally) - Divert packets by calling new function divert_packet() directly instead of going through protosw[]. - Replace kludgey global variable 'ip_divert_port' with a function parameter to divert_packet() - Replace kludgey global variable 'frag_divert_port' with a function parameter to ip_reass() - style(9) fixes Reviewed by: julian, green
* Include the correct header for the IPSTEALTH option.des1999-08-291-0/+1
|
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* Made net.inet.ip.intr_queue_maxlen writeable.dg1999-05-271-2/+2
|
* Free the dummynet descriptor in ip_dummynet, not in the calledluigi1999-05-041-3/+1
| | | | | | | routines. The descriptor contains parameters which could be used within those routines (eg. ip_output() ). On passing, add IPPROTO_PGM entry to netinet/in.h
* Add sysctl descriptions to many SYSCTL_XXXsbillf1999-05-031-11/+12
| | | | | | | PR: kern/11197 Submitted by: Adrian Chadd <adrian@FreeBSD.org> Reviewed by: billf(spelling/style/minor nits) Looked at by: bde(style)
* Tidy up some stray / unused stuff in the IPFW package and friends.peter1999-04-201-35/+1
| | | | | | | | - unifdef -DCOMPAT_IPFW (this was on by default already) - remove traces of in-kernel ip_nat package, it was never committed. - Make IPFW and DUMMYNET initialize themselves rather than depend on compiled-in hooks in ip_init(). This means they initialize the same way both in-kernel and as kld modules. (IPFW initializes now :-)
* Fix the 'fwd' option to ipfw when asked to divert to another machine.julian1999-03-121-7/+24
| | | | | | also rely less on other modules clearing static values, and clear them in a few cases we missed before. Submitted by: Matthew Reimer <mreimer@vpop.net>
* Add support for stealth forwarding (forwarding packets without touchingdes1999-02-221-5/+18
| | | | | | | | | | | their ttl). This can be used - in combination with the proper ipfw incantations - to make a firewall or router invisible to traceroute and other exploration tools. This behaviour is controlled by a sysctl variable (net.inet.ip.stealth) and hidden behind a kernel option (IPSTEALTH). Reviewed by: eivind, bde
* After wading in the cesspool of ip_input for an hour, I have managed towollman1999-02-091-10/+8
| | | | | | | | convince myself that nothing will break if we permit IP input while interface addresses are unconfigured. (At worst, they will hit some ULP's PCB scan and fail if nobody is listening.) So, remove the restriction that addresses must be configured before packets can be input. Assume that any unicast packet we receive while unconfigured is potentially ours.
* Fix warnings in preparation for adding -Wall -Wcast-qual to thedillon1999-01-271-2/+2
| | | | kernel compile
* Don't forward unicast packets received via link-layer multicast.wollman1999-01-221-2/+2
| | | | | Suggested by: fenner Original complaint: Shiva Shenoy <Shiva.Shenoy@yagosys.com>
* Add #ifdef's to avoid unused label warning in some cases.eivind1999-01-121-1/+3
|
* Recover from previous dummynet screwupluigi1998-12-211-28/+19
|
* Last bits (i think) of dummynet for -current.luigi1998-12-141-35/+94
|
* The "easy" fixes for compiling the kernel -Wunused: remove unreferenced staticarchie1998-12-071-2/+1
| | | | and local variables, goto labels, and functions declared but not defined.
* Make the previous fix more portable.dfr1998-11-161-4/+4
| | | | Requested by: bde
* Fix printf format errors on alpha.dfr1998-11-151-4/+4
|
* Be sure to pullup entire IP header when dealing with fragment packets.dg1998-11-111-2/+2
|
* Some optimisations to the fragment reassembly code.dfr1998-10-271-19/+14
| | | | Submitted by: Don Lewis <Don.Lewis@tsc.tdk.com>
* Fix a bug in the new fragment reassembly code which was tickled by recievingdfr1998-10-271-2/+2
| | | | | | a fragment which wholly overlapped one or more existing fragments. Submitted by: Don Lewis <Don.Lewis@tsc.tdk.com>
* *gulp*. Jordan specifically OK'ed this..peter1998-10-161-4/+1
| | | | | | | | This is the bulk of the support for doing kld modules. Two linker_sets were replaced by SYSINIT()'s. VFS's and exec handlers are self registered. kld is now a superset of lkm. I have converted most of them, they will follow as a seperate commit as samples. This all still works as a static a.out kernel using LKM's.
* Ensure that m_nextpkt is set to NULL after reassembling fragments.dfr1998-09-101-1/+3
|
* Re-implement tcp and ip fragment reassembly to not store pointers in thedfr1998-08-241-90/+80
| | | | | | ip header which can't work on alpha since pointers are too big. Reviewed by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
OpenPOWER on IntegriCloud