| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
|
|
|
|
|
| |
and FragmentOut.
-Axe the old PacketAlias API: it has been deprecated since 5.x.
|
|
|
|
|
|
| |
restrict the utilization of direct pointers to the content of
ip packet. These modifications are functionally nop()s thus
can be merged with no side effects.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
PR: kern/108211
Submitted by: Yong Tang
MFC after: 2 weeks
|
|
|
|
|
|
|
|
|
|
| |
StartMediaTx message before an OpnRcvChnAck message was received.
Reviewed by: glebius
Approved by: glebius (mentor)
MFC after: 3 days
Found with: Coverity Prevent(tm)
CID: 498
|
|
|
|
|
|
|
| |
Reviewed by: glebius
Approved by: glebius (mentor)
MFC after: 3 days
CID: 538
|
| |
|
|
|
|
| |
prototypes.
|
| |
|
|
|
|
|
|
|
|
| |
o fixed a comment
o made in kernel libalias a bit less verbose (disabled automatic
logging everytime a new link is added or deleted)
Approved by: glebius (mentor)
|
|
|
|
|
|
|
|
| |
This closes PR kern/106112.
While here, add mbuf's #includes i forgot in the previous commit.
Approved by: gleb
|
|
|
|
| |
Approved by: gleb
|
|
|
|
|
|
| |
are done.
Reviewed by: piso
|
| |
|
|
|
|
|
| |
Approved by: glebius
Reviewed by: glebius, ru
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the first part of my previous Summer of Code work, we get:
-made libalias modular:
-support for 'particular' protocols (like ftp/irc/etcetc) is no more
hardcoded inside libalias, but it's available through external
modules loadable at runtime
-modules are available both in kernel (/boot/kernel/alias_*.ko) and
user land (/lib/libalias_*)
-protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp,
skinny and smedia
-added logging support for kernel side
-cleanup
After a buildworld, do a 'mergemaster -i' to install the file libalias.conf
in /etc or manually copy it.
During startup (and after every HUP signal) user land applications running
the new libalias will try to read a file in /etc called libalias.conf:
that file contains the list of modules to load.
User land applications affected by this commit are ppp and natd:
if libalias.conf is present in /etc you won't notice any difference.
The only kernel land bit affected by this commit is ng_nat:
if you are using ng_nat, and it doesn't correctly handle
ftp/irc/etcetc sessions anymore, remember to kldload
the correspondent module (i.e. kldload alias_ftp).
General information and details about the inner working are available
in the libalias man page under the section 'MODULAR ARCHITECTURE
(AND ipfw(4) SUPPORT)'.
NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat
support will be part of the next libalias-related commit.
Approved by: glebius
Reviewed by: glebius, ru
|
|
|
|
|
| |
Spotted by: ru.unix.bsd activists
MFC after: 1 week
|
| |
|
|
|
|
| |
for timeouts.
|
|
|
|
|
|
|
| |
socket: it should only look for existing translation entries,
not create new ones (no matter how it got the idea).
Approved by: re(scottl)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kernel module. LibAlias is not aware about checksum offloading,
so the caller should provide checksum calculation. (The only
current consumer is ng_nat(4)). When TCP packet internals has
been changed and it requires checksum recalculation, a cookie
is set in th_x2 field of TCP packet, to inform caller that it
needs to recalculate checksum. This ugly hack would be removed
when LibAlias is made more kernel friendly.
Incremental checksum updates are left as is, since they don't
conflict with offloading.
Approved by: re (scottl)
|
|
|
|
|
|
|
| |
possibility to compile libalias without legacy support.
- Use correct way to mark variable as unused.
Approved by: re (dwhite)
|
|
|
|
| |
temporary variable, check it and then cast to in_addr_t.
|
|
|
|
| |
not supported for kernel build.
|
|
|
|
|
| |
- copy inet_aton() from libc
- disable getservbyname() lookup and accept only numeric port
|
| |
|
| |
|
|
|
|
|
| |
Noticed by: njl
Pointy hat to: glebius
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- kernel module declarations and handler.
- macros to map malloc(3) calls to malloc(9) ones.
- malloc(9) declarations.
- call finishoff() from module handler MOD_UNLOAD case
instead of atexit(3).
- use panic(9) instead of abort(3)
- take time from time_second instead of gettimeofday(2)
- define INADDR_NONE
|
| |
|
| |
|
|
|
|
| |
library and kernel module.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libalias.
In /usr/src/lib/libalias/alias.c, the functions LibAliasIn and
LibAliasOutTry call the legacy PacketAliasIn/PacketAliasOut instead
of LibAliasIn/LibAliasOut when the PKT_ALIAS_REVERSE option is set.
In this case, the context variable "la" gets lost because the legacy
compatibility routines expect "la" to be global. This was obviously
an oversight when rewriting the PacketAlias* functions to the
LibAlias* functions.
The fix (as shown in the patch below) is to remove the legacy
subroutine calls and replace with the new ones using the "la" struct
as the first arg.
Submitted by: Gil Kloepfer <fgil@kloepfer.org>
Confirmed by: <nicolai@catpipe.net>
PR: 76839
MFC after: 3 days
|
|
|
|
|
|
|
|
|
| |
a libalias application (e.g. natd, ppp, etc.) to crash. Note: Skinny support
is not enabled in natd or ppp by default.
Approved by: secteam (nectar)
MFC after: 1 day
Secuiryt: This fixes a remote DoS exploit
|
| |
|
|
|
|
| |
MFC after: 3 days
|
|
|
|
| |
any fake value.
|
| |
|
|
|
|
|
|
|
|
|
| |
functions. Basically, the ip_next() function was used to get the PPTP and
Skinny headers when tcp_next() should have been used instead. Symptoms of
this included a segfault in natd when trying to process a PPTP or Skinny
packet.
Approved by: des
|
|
|
|
| |
open where people can see them and hopefully fix them.
|
|
|
|
|
|
|
| |
{ip,udp,tcp} header and return a void * pointing to the payload (i.e. the
first byte past the end of the header and any required padding). Use them
consistently throughout libalias to a) reduce code duplication, b) improve
code legibility, c) get rid of a bunch of alignment warnings.
|
|
|
|
|
|
| |
a short pointer. The previous implementation seems to be in a gray zone
of the C standard, and GCC generates incorrect code for it at -O2 or
higher on some platforms.
|