summaryrefslogtreecommitdiffstats
path: root/sys/netinet
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix a bug with syncookies; previously, the syncache's MSS size was notsilby2003-01-291-2/+2
| | | | | | | | initialized until after a syncookie was generated. As a result, all connections resulting from a returned cookie would end up using a MSS of ~512 bytes. Now larger packets will be used where possible. MFC after: 5 days
* Check bounds for index before dereferencing memory past end of array.phk2003-01-281-1/+1
| | | | Found by: FlexeLint
* Avoid lock order reversal by expanding the scope of thehsu2003-01-281-15/+5
| | | | AF_INET radix tree lock to cover the ARP data structures.
* A few fixes to rev 1.221silby2003-01-281-9/+17
| | | | | | | | | - Honor the previous behavior of maxfragpackets = 0 or -1 - Take a better stab at fragment statistics - Move / correct a comment Suggested by: maxim@ MFC after: 7 days
* Merge the best parts of maxfragpackets and maxnipq together. (Bothsilby2003-01-261-13/+5
| | | | | | | | | | | functions implemented approximately the same limits on fragment memory usage, but in different fashions.) End user visible changes: - Fragment reassembly queues are freed in a FIFO manner when maxfragpackets has been reached, rather than all reassembly stopping. MFC after: 5 days
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.alfred2003-01-2119-43/+43
| | | | Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
* De-anonymity a couple of messages I missed in a previous sweep.maxim2003-01-201-2/+2
| | | | | | Move one of them under DEB macro. Noticed by: Wiktor Niesiobedzki <w@evip.pl>
* If the first action is O_LOG adjust a pointer to the real one, unbreaksmaxim2003-01-201-0/+2
| | | | | | | skipto + log rules. Reported by: Wiktor Niesiobedzki <w@evip.pl> MFC after: 1 week
* Optimize away call to bzero() in the common case by directly checkinghsu2003-01-181-6/+3
| | | | if a connection has any cached TAO information.
* Fix long-standing bug predating FreeBSD where calling connect() twicehsu2003-01-181-1/+3
| | | | on a raw ip socket will crash the system with a null-dereference.
* SMP locking for ARP.hsu2003-01-171-6/+21
|
* Introduce the ability to flag a sysctl for operation at secure level 2 or 3dillon2003-01-141-3/+3
| | | | | | | | | | | | in addition to secure level 1. The mask supports up to a secure level of 8 but only add defines through CTLFLAG_SECURE3 for now. As per the missif in the log entry for 1.11 of ip_fw2.c which added the secure flag to the IPFW sysctl's in the first place, change the secure level requirement from 1 to 3 now that we have support for it. Reviewed by: imp With Design Suggestions by: imp
* Fix NewReno.hsu2003-01-135-89/+94
| | | | Reviewed by: Tom Henderson <thomas.r.henderson@boeing.com>
* Clear the target hardware address field when generating an ARP request.tmm2003-01-101-0/+1
| | | | | Reviewed by: nectar MFC after: 1 week
* Validate inp before de-referencing it.hsu2003-01-051-1/+1
| | | | Submitted by: pb
* Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,schweikh2003-01-015-5/+5
| | | | especially in troff files.
* Correct mbuf packet header propagation. Previously, packet headerssam2002-12-301-1/+10
| | | | | | | | | | | | | | | | | | | | | | were sometimes propagated using M_COPY_PKTHDR which actually did something between a "move" and a "copy" operation. This is replaced by M_MOVE_PKTHDR (which copies the pkthdr contents and "removes" it from the source mbuf) and m_dup_pkthdr which copies the packet header contents including any m_tag chain. This corrects numerous problems whereby mbuf tags could be lost during packet manipulations. These changes also introduce arguments to m_tag_copy and m_tag_copy_chain to specify if the tag copy work should potentially block. This introduces an incompatibility with openbsd which we may want to revisit. Note that move/dup of packet headers does not handle target mbufs that have a cluster bound to them. We may want to support this; for now we watch for it with an assert. Finally, M_COPYFLAGS was updated to include M_FIRSTFRAG|M_LASTFRAG. Supported by: Vernier Networks Reviewed by: Robert Watson <rwatson@FreeBSD.org>
* Remove the PAWS ack-on-ack debugging printf().dillon2002-12-302-10/+4
| | | | | | | | | | Note that the original RFC 1323 (PAWS) says in 4.2.1 that the out of order / reverse-time-indexed packet should be acknowledged as specified in RFC-793 page 69 then dropped. The original PAWS code in FreeBSD (1994) simply acknowledged the segment unconditionally, which is incorrect, and was fixed in 1.183 (2002). At the moment we do not do checks for SYN or FIN in addition to (tlen != 0), which may or may not be correct, but the worst that ought to happen should be a retry by the sender.
* correct style bogonssam2002-12-301-4/+2
|
* Bridged packets are supplied to the firewall with their IP headeriedowse2002-12-272-3/+14
| | | | | | | | | | in network byte order, but icmp_error() expects the IP header to be in host order and the code here did not perform the necessary swapping for the bridged case. This bug causes an "icmp_error: bad length" panic when certain length IP packets (e.g. ip_len == 0x100) are rejected by the firewall with an ICMP response. MFC after: 3 days
* Validate inp to prevent an use after free.hsu2002-12-243-2/+29
|
* o De-anonymity dummynet(4) and ipfw(4) messages, prepend themmaxim2002-12-242-45/+47
| | | | | | by 'dummynet: ' and 'ipfw: ' prefixes. PR: kern/41609
* SMP locking for radix nodes.hsu2002-12-241-0/+8
|
* Remove forgotten INP_UNLOCK(inp) in my previous commit.pb2002-12-221-1/+0
| | | | Reported by: hsu
* In syncache_timer(), don't attempt to lock the inpcb structurepb2002-12-211-2/+0
| | | | | | | | | associated with the syncache entry: in case tcp_close() has been called on the corresponding listening socket, the lock has been destroyed as a side effect of in_pcbdetach(), causing a panic when we attempt to lock on it. Reviewed by: hsu
* replace the special-purpose rate-limiting code with the general facilitysam2002-12-211-38/+28
| | | | | just added; this tries to maintain the same behaviour vis a vis printing the rate-limiting messages but need tweaking
* Eliminate a goto.hsu2002-12-201-39/+36
| | | | Fix some line breaks.
* Unravel a nested conditional.hsu2002-12-202-42/+24
| | | | Remove an unneeded local variable.
* Expand scope of TCP protocol lock to cover syncache data structures.hsu2002-12-201-2/+3
|
* o Untangle the confusion with the malloc flags {M_WAITOK, M_NOWAIT} andbmilekic2002-12-192-3/+3
| | | | | | | | | | the mbuf allocator flags {M_TRYWAIT, M_DONTWAIT}. o Fix a bpf_compat issue where malloc() was defined to just call bpf_alloc() and pass the 'canwait' flag(s) along. It's been changed to call bpf_alloc() but pass the corresponding M_TRYWAIT or M_DONTWAIT flag (and only one of those two). Submitted by: Hiten Pandya <hiten@unixdaemons.com> (hiten->commit_count++)
* Lock up ifaddr reference counts.hsu2002-12-181-3/+5
|
* Remove unused and incorrectly maintained variable "in_interfaces"phk2002-12-171-4/+0
|
* Fix syntax in last commit.dillon2002-12-172-6/+6
|
* o Trim EOL whitespaces.maxim2002-12-152-24/+24
| | | | MFC after: 1 week
* o s/if_name[16]/if_name[IFNAMSIZ]/maxim2002-12-151-1/+1
| | | | | Reviewed by: luigi MFC after: 1 week
* o M_DONTWAIT is mbuf(9) flag: malloc(M_DONTWAIT) -> malloc(M_NOWAIT).maxim2002-12-151-7/+7
| | | | | | | The bug does not affect anything because M_NOWAIT == M_DONTWAIT. Reviewed by: luigi MFC after: 1 week
* o Fix byte order logging issue: sa.sin_port is already in host byte order.maxim2002-12-151-1/+1
| | | | | | | PR: kern/45964 Submitted by: Sascha Blank <sblank@tiscali.de> Reviewed by: luigi MFC after: 1 week
* Change tcp.inflight_min from 1024 to a production default of 6144. Createdillon2002-12-142-8/+28
| | | | | | | a sysctl for the stabilization value for the bandwidth delay product (inflight) algorithm and document it. MFC after: 3 days
* Bruce forwarded this tidbit from an analysis Van Jacobson did on andillon2002-12-142-2/+12
| | | | | | | | | | apparent ack-on-ack problem with FreeBSD. Prof. Jacobson noticed a case in our TCP stack which would acknowledge a received ack-only packet, which is not legal in TCP. Submitted by: Van Jacobson <van@packetdesign.com>, bmah@packetdesign.com (Bruce A. Mah) MFC after: 7 days
* MFS: recognize gre packets used in the WCCP protocol.sobomax2002-12-071-1/+2
| | | | Approved by: re
* Move fw_one_pass from ip_fw2.c to ip_input.c so that neitherluigi2002-11-202-1/+1
| | | | | | | | | bridge.c nor if_ethersubr.c depend on IPFIREWALL. Restore the use of fw_one_pass in if_ethersubr.c ipfw.8 will be updated with a separate commit. Approved by: re
* Back out some style changes. They are not urgent,luigi2002-11-203-76/+95
| | | | | | | I will put them back in after 5.0 is out. Requested by: sam Approved by: re
* Back out the ip_fragment() code -- it is not urgent to have it in now,luigi2002-11-202-170/+143
| | | | | | | I will put it back in in a better form after 5.0 is out. Requested by: sam, rwatson, luigi (on second thought) Approved by: re
* Add a sysctl to control the generation of source quench packets,silby2002-11-191-2/+20
| | | | | | | | and set it to 0 by default. Partially obtained from: NetBSD Suggested by: David Gilbert MFC after: 5 days
* Fix function headers and remove 'register' variable declarations.luigi2002-11-171-29/+23
|
* Move the ip_fragment code from ip_output() to a separate function,luigi2002-11-172-143/+170
| | | | | | | | | | | | | | | | so that it can be reused elsewhere (there is a number of places where it can be useful). This also trims some 200 lines from the body of ip_output(), which helps readability a bit. (This change was discussed a few weeks ago on the mailing lists, Julian agreed, silence from others. It is not a functional change, so i expect it to be ok to commit it now but i am happy to back it out if there are objections). While at it, fix some function headers and replace m_copy() with m_copypacket() where applicable. MFC after: 1 week
* Minor documentation changes and indentation fix.luigi2002-11-171-37/+26
| | | | | | | Replace m_copy() with m_copypacket() where applicable. While at it, fix some function headers and remove 'register' from variable declarations.
* Cleanup some of the comments, and reformat long lines.luigi2002-11-171-29/+27
| | | | | | | | | | | | Replace m_copy() with m_copypacket() where applicable. Replace "if (a.s_addr ...)" with "if (a.s_addr != INADDR_ANY ...)" to make it clear what the code means. While at it, fix some function headers and remove 'register' from variable declarations. MFC after: 3 days
* Massive cleanup of the ip_mroute code.luigi2002-11-156-886/+594
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | No functional changes, but: + the mrouting module now should behave the same as the compiled-in version (it did not before, some of the rsvp code was not loaded properly); + netinet/ip_mroute.c is now truly optional; + removed some redundant/unused code; + changed many instances of '0' to NULL and INADDR_ANY as appropriate; + removed several static variables to make the code more SMP-friendly; + fixed some minor bugs in the mrouting code (mostly, incorrect return values from functions). This commit is also a prerequisite to the addition of support for PIM, which i would like to put in before DP2 (it does not change any of the existing APIs, anyways). Note, in the process we found out that some device drivers fail to properly handle changes in IFF_ALLMULTI, leading to interesting behaviour when a multicast router is started. This bug is not corrected by this commit, and will be fixed with a separate commit. Detailed changes: -------------------- netinet/ip_mroute.c all the above. conf/files make ip_mroute.c optional net/route.c fix mrt_ioctl hook netinet/ip_input.c fix ip_mforward hook, move rsvp_input() here together with other rsvp code, and a couple of indentation fixes. netinet/ip_output.c fix ip_mforward and ip_mcast_src hooks netinet/ip_var.h rsvp function hooks netinet/raw_ip.c hooks for mrouting and rsvp functions, plus interface cleanup. netinet/ip_mroute.h remove an unused and optional field from a struct Most of the code is from Pavlin Radoslavov and the XORP project Reviewed by: sam MFC after: 1 week
* track changes to not strip the Ethernet header from input packetssam2002-11-141-8/+5
| | | | | Reviewed by: many Approved by: re
OpenPOWER on IntegriCloud