summaryrefslogtreecommitdiffstats
path: root/sys/netinet
Commit message (Collapse)AuthorAgeFilesLines
* Replace beforeinstall target with new variables used by .mk system.rgrimes2000-01-141-4/+1
| | | | Reviewed by: marcel, and make world
* Bring over ipfilter kernel sources, including merging the local modifications.guido2000-01-1315-224/+429
|
* Change struct sockaddr_storage member name, because following changeshin2000-01-131-9/+9
| | | | | | | | | | | | is very likely to become consensus as recent ietf/ipng mailing list discussion. Also recent KAME repository and other KAME patched BSDs also applied it. s/__ss_family/ss_family/ s/__ss_len/ss_len/ Makeworld is confirmed, and no application should be affected by this change yet.
* Clear rt after RTFREE. This might have sometime caused kernel panic at rtfree()shin2000-01-132-2/+8
| | | | on INET6 enabled environment.
* add a comment for some possible? IPv4 option processing.shin2000-01-132-0/+2
|
* removed incorrect ip6 length setting for IPv6 tcp reset packet.shin2000-01-132-2/+0
|
* MGETHDR() does not initialize m_pkthdr.rcvif, do it here.ru2000-01-101-0/+1
| | | | | | | This fixes page fault panic observed when diverting packets with IP options (e.g. ping -R remoteIP over natd). PR: kern/8596, kern/11199
* tcp updates to support IPv6.shin2000-01-0912-730/+2874
| | | | | | | also a small patch to sys/nfs/nfs_socket.c, as max_hdr size change. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* enable IPsec over DUMMYNET againshin2000-01-091-17/+14
| | | | | Submitted by: luigi Reviewed by: luigi
* prevent kernel panic which happens when either of IPSEC and IPDIVERTshin2000-01-081-1/+1
| | | | | | is enabled. Confirmed by: Eugene M. Kim <ab@astralblue.com>
* Add ipfw hooks for the new dummynet features.luigi2000-01-082-69/+99
| | | | | | | Support masks on TCP/UDP ports. Minor cleanup of ip_fw_chk() to avoid repeated calls to PULLUP_TO at each rule.
* Cleanup dummynet call interface so it should now work on the Alphaluigi2000-01-081-5/+7
| | | | as well. Also (probably) fix a bug introduced during the IPv6 import.
* Implement per-flow queueing. Using a single pipe config rule,luigi2000-01-082-406/+765
| | | | | | | | | | | | | | | | | | now you can dynamically create rate-limited queues for different flows using masks on dst/src IP, port and protocols. Read the ipfw(8) manpage for details and examples. Restructure the internals of the traffic shaper to use heaps, so that it manages efficiently large number of queues. Fix a bug which was present in the previous versions which could cause, under certain unfrequent conditions, to send out very large bursts of traffic. All in all, this new code is much cleaner than the previous one and should also perform better. Work supported by Akamba Corp.
* KERNEL -> _KERNELeivind2000-01-055-5/+5
|
* Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL"peter1999-12-2920-34/+34
| | | | | | is an application space macro and the applications are supposed to be free to use it as they please (but cannot). This is consistant with the other BSD's who made this change quite some time ago. More commits to come.
* Make tcp_drain() actually do something. When invoked (usually as amsmith1999-12-282-0/+58
| | | | | | | | | | | desperation measure in low-memory situations), walk the tcpbs and flush the reassembly queues. This behaviour is currently controlled by the debug.do_tcpdrain sysctl (defaults to on). Submitted by: Bosko Milekic <bmilekic@dsuper.net> Reviewed by: wollman
* IPSEC support in the kernel.shin1999-12-2227-93/+1121
| | | | | | | | pr_input() routines prototype is also changed to support IPSEC and IPV6 chained protocol headers. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* Change incorrect NULLs to 0seivind1999-12-212-6/+6
|
* The ipfilter module name wasn't exactly conventional..peter1999-12-201-1/+1
|
* M_PREPEND-related cleanups (unregisterifying struct mbuf *s).green1999-12-192-2/+2
|
* Use SEQ_* macros for comparing sequence space numbers.jlemon1999-12-142-4/+4
| | | | Reviewed by: truckman
* Always set INP_IPV4 flag for IPv4 pcb entries, because netstat needs itshin1999-12-132-5/+0
| | | | | | | | | | | to print out protocol specific pcb info. A patch submitted by guido@gvr.org, and asmodai@wxs.nl also reported the problem. Thanks and sorry for your troubles. Submitted by: guido@gvr.org Reviewed by: shin
* According to RFC 793, a reset should be honored if the sequence numberjlemon1999-12-112-14/+12
| | | | | | | is within the receive window. Follow this behavior, instead of only allowing resets at last_ack_sent. Pointed out by: jayanth@yahoo-inc.com
* Fix a '&&' that should have been a '&'.archie1999-12-101-1/+1
| | | | Submitted by: Erik Salander <erik@whistle.com>
* Fix several typos.archie1999-12-091-17/+17
| | | | Submitted by: Erik Salander <erik@whistle.com>
* Make this buildable with MROUTING defined.shin1999-12-081-1/+1
| | | | Specified by: eivind, phk
* udp IPv6 support, IPv6/IPv4 tunneling support in kernel,shin1999-12-0714-66/+707
| | | | | | | | | | packet divert at kernel for IPv6/IPv4 translater daemon This includes queue related patch submitted by jburkhol@home.com. Submitted by: queue related patch from jburkhol@home.com Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* Last minute patch that I forgot to apply: check return code of iplattach()guido1999-12-061-0/+2
|
* Revive mlfk_ipl here. This version is slightly changed fromguido1999-12-066-12/+181
| | | | | | | | | | | | | the old one: an unnecessary define (KLD_MODULE) has been deleted and the initialisation of the module is done after domaininit was called to be sure inet is running. Some slight changed were made to ip_auth.c and ip_state.c in order to assure including of sys/systm.h in case we make a kld Make sure ip_fil does nmot include osreldate in kernel mode Remove mlfk_ipl.c from here: no sources allowed in these directories!
* Miscellaneous fixes/cleanups relating to ipfw and divert(4):archie1999-12-066-192/+235
| | | | | | | | | | | | | - Implement 'ipfw tee' (finally) - Divert packets by calling new function divert_packet() directly instead of going through protosw[]. - Replace kludgey global variable 'ip_divert_port' with a function parameter to divert_packet() - Replace kludgey global variable 'frag_divert_port' with a function parameter to ip_reass() - style(9) fixes Reviewed by: julian, green
* Change the delayed ack time from 200ms to 100ms.jlemon1999-12-021-1/+1
| | | | | | | | This results in closer behavior to earlier versions, where the fixed 200ms timer actually resulted in a delay anywhere from 1..200ms, with the average delay being 100ms. Pointed out by: dg
* RTFREE the correct route entry in dummynet_io(). The previousluigi1999-11-261-3/+3
| | | | | | code failed in handling things like "forward" actions. Reported-and-tested-by: Jean-Hugues ROYER jhroyer@joher.com
* Get rid of useless osreldate include for KLD/LKM modules (sys/param.hguido1999-11-231-2/+0
| | | | | already carries what is needed). This is needed for the KLD support.
* Add kernel parts of revived ipfilter (3.3.3.)guido1999-11-2319-0/+10805
|
* KAME netinet6 basic part(no IPsec,no V6 Multicast Forwarding, no UDP/TCPshin1999-11-227-29/+225
| | | | | | | | | | for IPv6 yet) With this patch, you can assigne IPv6 addr automatically, and can reply to IPv6 ping. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* Fix a warning and a potential panic if TCPDEBUG is active. (tp ispeter1999-11-181-0/+2
| | | | a wild pointer and used by TCPDEBUG2())
* The logic for blackhole processing does not free mbufs if thephk1999-11-171-0/+2
| | | | | | | | blackhole flag is set. PR: 14958 Submitted by: Larry Baird <lab@gta.com> Reviewed by: phk
* add two more codes to ICMP error 12 (Parameter Problem).jmb1999-11-151-0/+2
| | | | | | these two are detailed in RFC1700. Reviewed by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
* Restore sub-chapters order.phantom1999-11-091-19/+16
| | | | | PR: docs/14766 Submitted by: Kazutoshi Kubota <kazu@iworks.co.jp>
* Undo rev 1.10, which took out TH_FIN from the CLOSING state. Thisjlemon1999-11-071-1/+1
| | | | breaks simultaneous closes.
* KAME related header files additions and merges.shin1999-11-0513-35/+120
| | | | | | | (only those which don't affect c source files so much) Reviewed by: cvs-committers Obtained from: KAME project
* Append missing newline to log() message for permanent ARP modificationsheldonh1999-10-181-1/+1
| | | | | | | attempt warning, which was added in rev 1.48 . PR: 14371 Submitted by: sec@pi.musin.de (Stefan `Sec` Zehl)
* Nuke the old antique copy of ipfilter from the tree. This is old enoughpeter1999-10-1018-9034/+0
| | | | | | | | to be dangerous. It will better serve us as a port building a KLD, ala SKIP. The hooks are staying although it would be better to port and use the NetBSD pfil interface rather than have custom hooks.
* Implement RLIMIT_SBSIZE in the kernel. This is a per-uid sockbuf totalgreen1999-10-092-4/+4
| | | | usage limit.
* Properly handle the case when either the aliasing or source address ofru1999-09-271-26/+66
| | | | | | | | | | | | | the link are equal to the default aliasing address. Do not zero them! This will fix the problem with non-working links added with the source and/or aliasing address equal to the default aliasing address, but the default aliasing address is set later, after the link has been set up, like both natd(8) and ppp(8) do (for objective reasons). Reviewed by: Brian Somers <brian@FreeBSD.org>, Eivind Eklund <eivind@FreeBSD.org>, Charles Mott <cmott@srv.net>
* Remove five now unused fields from struct cdevsw. They should neverphk1999-09-251-5/+0
| | | | | | | | have been there in the first place. A GENERIC kernel shrinks almost 1k. Add a slightly different safetybelt under nostop for tty drivers. Add some missing FreeBSD tags
* ReLink() partial links in FindLinkOut() in the same manner as we do itru1999-09-221-7/+15
| | | | | | in FindLinkIn(). This will make TcpMonitorIn()/TcpMonitorOut() happy. Reviewed by: eivind
* Restore previous version of FindLinkIn().ru1999-09-211-9/+8
| | | | | Instead, natd(8) should be fixed to call PacketAliasSetAddress() as part of initialization, as required by libalias(3).
* - Make partially specified permanent links (without `dst_addr' and/orru1999-09-211-11/+25
| | | | | | | | | | | `dst_port') work for outgoing packets. - Make permanent links whose `alias_addr' matches the primary aliasing address `aliasAddress' work for incoming packets. - Typo fixes. Reviewed by: brian, eivind
* sys/errno.h -> errno.hbrian1999-09-211-1/+1
|
OpenPOWER on IntegriCloud