summaryrefslogtreecommitdiffstats
path: root/sys/netinet/libalias
Commit message (Collapse)AuthorAgeFilesLines
* In m_megapullup() instead of reserving some space at the end of packet,glebius2013-03-171-10/+6
| | | | | | m_align() it, reserving space to prepend data. Reviewed by: mav
* Functions m_getm2() and m_get2() have different order of arguments,glebius2013-03-121-1/+1
| | | | | | | and that can drive someone crazy. While m_get2() is young and not documented yet, change its order of arguments to match m_getm2(). Sorry for churn, but better now than later.
* Remove LIBALIAS_LOCK_ASSERT(), including a couple with an uninitialzedglebius2013-03-111-6/+1
| | | | | | | argument, in code that isn't compiled in kernel. PR: kern/176667 Sponsored by: Nginx, Inc.
* - Move AUTHORS and ACKNOWLEDGEMENTS to the end of the page.glebius2013-01-311-33/+35
| | | | - Add myself to list of authors.
* Utilize m_get2() to get mbuf of appropriate size.glebius2013-01-301-15/+1
|
* Mechanically substitute flags from historic mbuf allocator withglebius2012-12-051-2/+2
| | | | | | | | | malloc(9) flags within sys. Exceptions: - sys/contrib not touched - sys/mbuf.h edited manually
* Avoid potential bad pointer dereference.emaste2012-10-171-1/+1
| | | | | | | | Previously RuleAdd would leave entry->la unset for the first entry in the proxyList. Sponsored by: ADARA Networks MFC After: 1 week
* Fix typo: s/pakcet/packetkevlo2012-09-201-1/+1
|
* mdoc: avoid nested displays. Fixes mandoc warnings.joel2012-06-131-4/+2
|
* Fix style nit: don't use leading zero for dates in .Ddeadler2012-06-051-1/+1
| | | | | | Prompted by: brueffer Approved by: brueffer MFC after: 3 days
* Remove unused inclusion of curses.hmarcel2012-05-191-1/+0
|
* General mdoc(7) and typo fixes.gjb2012-05-111-3/+3
| | | | | | PR: 167734 Submitted by: Nobuyuki Koganemaru (kogane!jp.freebsd.org) MFC after: 3 days
* Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs.ed2011-11-071-2/+2
| | | | | | The SYSCTL_NODE macro defines a list that stores all child-elements of that node. If there's no SYSCTL_DECL macro anywhere else, there's no reason why it shouldn't be static.
* Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.ed2011-11-071-1/+1
| | | | This means that their use is restricted to a single C file.
* - General grammar and mdoc(7) fixes. [1] [2]gjb2011-07-041-65/+66
| | | | | | | | | | - While here, remove a paragraph about userspace operation that has been outdated for some time. [2] PR: 158623 Submitted by: Ben Kudak (kaduk % mit!edu) [1] Reviewed by: glebius [2] MFC after: 1 week
* Export AddLink() function from libalias. It can be used when customae2011-06-224-39/+127
| | | | | | | | | | | alias address needs to be specified. Add inbound handler to the alias_ftp module. It helps handle active FTP transfer mode for the case with external clients and FTP server behind NAT. Fix passive FTP transfer case for server behind NAT using redirect with external IP address different from NAT ip address. PR: kern/157957 Submitted by: Alexander V. Chernikov
* Document PKT_ALIAS_SKIP_GLOBAL option.ae2011-06-221-1/+11
| | | | Submitted by: Alexander V. Chernikov
* Implement "global" mode for ipfw nat. It is similar to natd(8)ae2011-06-141-0/+6
| | | | | | | | | | | | | | | | "globalport" option for multiple NAT instances. If ipfw rule contains "global" keyword instead of nat_number, then for each outgoing packet ipfw_nat looks up translation state in all configured nat instances. If an entry is found, packet aliased according to that entry, otherwise packet is passed unchanged. User can specify "skip_global" option in NAT configuration to exclude an instance from the lookup in global mode. PR: kern/157867 Submitted by: Alexander V. Chernikov (previous version) Tested by: Eugene Grosbein
* Sort alias mode flags in the increasing order.ae2011-06-141-11/+11
|
* Fix indentation.ae2011-06-071-4/+4
|
* LibAliasInit() should allocate memory with M_WAITOK flag. Modify itglebius2011-04-181-0/+5
| | | | and its callers.
* Fix typos - remove duplicate "the".brucec2011-02-211-1/+1
| | | | | | PR: bin/154928 Submitted by: Eitan Adler <lists at eitanadler.com> MFC after: 3 days
* Standardise all Swinburne related copyright/licence statements throughout thelstewart2010-11-122-22/+16
| | | | | tree in preparation for another large code import. Swinburne University is the legal entity that owns copyright and the 2-clause BSD licence is acceptable.
* The university does not require that its CRICOS number be included in sourcelstewart2010-11-122-4/+2
| | | | | | code. Remove all references from the tree. MFC after: 3 days
* Don't spam the console with loaded modules during boot and/or duringn_hibma2010-11-031-1/+0
| | | | | | | startup of ppp. Note: This cannot be hidden behind bootverbose as this file is included from lib/libalias as well.
* mdoc: drop even more redundant .Pp callsuqs2010-10-191-1/+0
| | | | | | No change in rendered output, less mandoc lint warnings. Tool provided by: Nobuyuki Koganemaru n-kogane at syd.odn.ne.jp
* Don't use struct timezone.ed2010-08-081-4/+2
| | | | | The timezone structure acquired by gettimeofday() is not used at all. Just remove it.
* machine/cpu.h isn't appropriate for this file,so remove itimp2010-07-161-1/+0
|
* Remove extraneous semicolons, no functional changes.mbr2010-01-072-2/+2
| | | | | Submitted by: Marc Balmer <marc@msys.ch> MFC after: 1 week
* (S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument.antoine2009-12-281-2/+2
| | | | | | | | | Fix some wrong usages. Note: this does not affect generated binaries as this argument is not used. PR: 137213 Submitted by: Eygene Ryabinkin (initial version) MFC after: 1 month
* Move inet_aton() (specular to inet_ntoa(), already present in libkern)attilio2009-11-121-104/+0
| | | | | | | | into libkern in order to made it usable by other modules than alias_proxy. Obtained from: Sandvine Incorporated Sponsored by: Sandvine Incorporated MFC: 1 week
* Close a stream file descriptor leak.brueffer2009-10-281-0/+1
| | | | | | PR: 138130 Submitted by: Patroklos Argyroudis <argp@census-labs.com> MFC after: 1 week
* What's the point of adjusting a checksum if we are going to toss thepiso2009-04-111-7/+4
| | | | packet? Anticipate the check/return code.
* Plug two bugs introduced with modules conversion:piso2009-04-112-7/+5
| | | | | | -UdpAliasIn(): correctly check return code after modules ran. -alias_nbt: in case of malformed packets (or some other unrecoverable error), toss the packet.
* Remove stale comments.piso2009-04-111-3/+0
|
* -don't pass down, to module's fingerprint function, unused data likepiso2009-04-0810-28/+34
| | | | | | a pointer to the ip header. -style -spacing
* This commit fixes the issue with alias_sctp.c. Norrs2009-02-141-2/+39
| | | | | | | | | | | | | | longer do we require SCTP to be in the kernel for the lib to be able to handle SCTP. We do this by moving the CRC32c checksum into libkern/crc32.c and then adjusting all routines to use the common methods. Note that this will improve the performance of iSCSI since they were using the old single 256 bit table lookup versus the slicing 8 algorithm (which gives a 4x speed up in CRC32c calculation :-D) Reviewed by:rwatson, gnn, scottl, paolo MFC after: 4 week? (assuming we MFC the alias_sctp changes)
* Add SCTP NAT support.piso2009-02-075-4/+2985
|\ | | | | | | Submitted by: CAIA (http://caia.swin.edu.au)
| * Import sctp nat support in ipfw obtained from CAIA - http://caia.swin.edu.au.piso2008-12-286-8/+3105
| |
* | Silent userland warnings about missing prototypes.piso2009-01-153-0/+3
|/ | | | Submitted by: Roman Divacky <rdivacky@freebsd.org>
* Conditionally compile out V_ globals while instantiating the appropriatezec2008-12-101-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | container structures, depending on VIMAGE_GLOBALS compile time option. Make VIMAGE_GLOBALS a new compile-time option, which by default will not be defined, resulting in instatiations of global variables selected for V_irtualization (enclosed in #ifdef VIMAGE_GLOBALS blocks) to be effectively compiled out. Instantiate new global container structures to hold V_irtualized variables: vnet_net_0, vnet_inet_0, vnet_inet6_0, vnet_ipsec_0, vnet_netgraph_0, and vnet_gif_0. Update the VSYM() macro so that depending on VIMAGE_GLOBALS the V_ macros resolve either to the original globals, or to fields inside container structures, i.e. effectively #ifdef VIMAGE_GLOBALS #define V_rt_tables rt_tables #else #define V_rt_tables vnet_net_0._rt_tables #endif Update SYSCTL_V_*() macros to operate either on globals or on fields inside container structs. Extend the internal kldsym() lookups with the ability to resolve selected fields inside the virtualization container structs. This applies only to the fields which are explicitly registered for kldsym() visibility via VNET_MOD_DECLARE() and vnet_mod_register(), currently this is done only in sys/net/if.c. Fix a few broken instances of MODULE_GLOBAL() macro use in SCTP code, and modify the MODULE_GLOBAL() macro to resolve to V_ macros, which in turn result in proper code being generated depending on VIMAGE_GLOBALS. De-virtualize local static variables in sys/contrib/pf/net/pf_subr.c which were prematurely V_irtualized by automated V_ prepending scripts during earlier merging steps. PF virtualization will be done separately, most probably after next PF import. Convert a few variable initializations at instantiation to initialization in init functions, most notably in ipfw. Also convert TUNABLE_INT() initializers for V_ variables to TUNABLE_FETCH_INT() in initializer functions. Discussed at: devsummit Strassburg Reviewed by: bz, julian Approved by: julian (mentor) Obtained from: //depot/projects/vimage-commit2/... X-MFC after: never Sponsored by: NLnet Foundation, The FreeBSD Foundation
* Improve the entropy of the source port randomization for network addresscsjp2008-08-301-6/+6
| | | | | | | | | translation. It turns out this is useful for applications which require source port randomization for security (i.e. dns servers). Discussed with: secteam Requested by: mlaier MFC after: 2 weeks
* Partially revert previous commit. DeleteLink() does not deletes permanentmav2008-06-221-1/+5
| | | | | links so we should be aware of it and try to delete every link only once or we will loop forever.
* Implement UDP transparent proxy support.mav2008-06-211-10/+76
| | | | | PR: bin/54274 Submitted by: Nicolai Petri <nicolai@petri.cc>
* Add support for PORT/EPRT FTP commands in lowercase.mav2008-06-211-96/+21
| | | | | | | Use strncasecmp() instead of huge local implementation to reduce code size. Check space presence after command/code. PR: kern/73034
* Increase LINK_TABLE_OUT_SIZE from 101 to 4001 like LINK_TABLE_IN_SIZEmav2008-06-012-70/+23
| | | | | | | | | | | | | to reduce performance degradation under heavy outgoing scan/flood. Scalability is now much more important then several kilobytes of RAM. Remove unneded TCP-specific expiration handeling. Before this connected TCP sessions could never expire. Now connected TCP sessions will expire after 24hours of inactivity. Simplify HouseKeeping() to avoid several mul/div-s per packet. Taking into account increased LINK_TABLE_OUT_SIZE, precision is still much more then required.
* Make m_megapullup() more intelligent:mav2008-06-011-12/+32
| | | | | | - to increase performance do not reallocate mbuf when possible, - to support up to 16K packets (was 2K max) use mbuf cluster of proper size. This change depends on recent ng_nat and ip_fw_nat changes.
* Fix packet fragmentation support broken by copy/paste error in rev.1.60.mav2008-06-011-2/+2
| | | | ip_id should be u_short, but not u_char.
* Fix build, together with a bit of style breakage.marck2008-05-021-1/+1
|
* Explicitate the newpacket size.piso2008-03-191-12/+13
| | | | | Bug pointed out by: many Pointy hat to: me :(
OpenPOWER on IntegriCloud