summaryrefslogtreecommitdiffstats
path: root/sys/netinet
Commit message (Collapse)AuthorAgeFilesLines
* Export IPFW_TABLES_MAX value for compiled in defaults.rik2008-09-211-1/+6
|
* Export IPFW_TABLES_MAX via sysctl. Part of PR: 127058.rik2008-09-141-0/+2
| | | | PR: 127058
* oops commit the version that compilesjulian2008-09-141-0/+1
|
* Revert a part of the MRT commit that proved un-needed.julian2008-09-143-14/+15
| | | | | | | | | | rt_check() in its original form proved to be sufficient and rt_check_fib() can go away (as can its evil twin in_rt_check()). I believe this does NOT address the crashes people have been seeing in rt_check. MFC after: 1 week
* Make the commet for the default rule number more clear.rik2008-09-141-1/+4
| | | | Submitted by: yar@
* Implement IPv6 support for TCP MD5 Signature Option (RFC 2385)bz2008-09-133-33/+95
| | | | | | | | the same way it has been implemented for IPv4. Reviewed by: bms (skimmed) Tested by: Nick Hilliard (nick netability.ie) (with more changes) MFC after: 2 months
* Work around an integer division resulting in 0 and thus thebz2008-09-091-1/+3
| | | | | | | | | | | | | congestion window not being incremented, if cwnd > maxseg^2. As suggested in RFC2581 increment the cwnd by 1 in this case. See http://caia.swin.edu.au/reports/080829A/CAIA-TR-080829A.pdf for more details. Submitted by: Alana Huebner, Lawrence Stewart, Grenville Armitage (caia.swin.edu.au) Reviewed by: dwmalone, gnn, rpaulo MFC After: 3 days
* To my reading there are no real consumers of ip6_plen (IPv6bz2008-09-072-2/+2
| | | | | | | | | | | | | | | Payload Length) as set in tcpip_fillheaders(). ip6_output() will calculate it based of the length from the mbuf packet header itself. So initialize the value in tcpip_fillheaders() in correct (network) byte order. With the above change, to my reading, all places calling tcp_trace() pass in the ip6 header via ipgen as serialized in the mbuf and with ip6_plen in network byte order. Thus convert the IPv6 payload length to host byte order before printing. MFC after: 2 months
* Split tcp_mss() in tcp_mss() and tcp_mss_update() where the formerbz2008-09-073-88/+66
| | | | | | | | | | | | | | | calls the latter. Merge tcp_mss_update() with code from tcp_mtudisc() basically doing the same thing. This gives us one central place where we calcuate and check mss values to update t_maxopd (maximum mss + options length) instead of two slightly different but almost equal implementations to maintain. PR: kern/118455 Reviewed by: silby (back in March) MFC after: 2 months
* V_irtualize SVN r182846 tcp_mssdflt/tcp_v6mssdflt procedure basedbz2008-09-071-4/+4
| | | | | | sysctl implementations for VIMAGE the same way we did elsewhere: update the implementation but leave the globals and the SYSCTL statement untouched.
* Convert SYSCTL_INTs for tcp_mssdflt and tcp_v6mssdflt tobz2008-09-071-6/+42
| | | | | | | | | | | SYSCTL_PROCs and check that the default mss for neither v4 nor v6 goes below the minimum MSS constant (216). This prevents people from shooting themselves in the foot. PR: kern/118455 (remotely related) Reviewed by: silby (as part of a larger patch in March) MFC after: 2 months
* Add a second KASSERT checking for len >= 0 in the tcp output path.bz2008-09-071-1/+7
| | | | | | | | | This is different to the first one (as len gets updated between those two) and would have caught various edge cases (read bugs) at a well defined place I had been debugging the last months instead of triggering (random) panics further down the call graph. MFC after: 2 months
* Export the IPFW_DEFAULT_RULE outside ip_fw2.c. This number in not onlyrik2008-09-062-1/+7
| | | | | | | | | | the default rule number but also the maximum rule number. User space software such as ipfw and natd should be aware of its value. The software that already includes ip_fw.h should use the defined value. All other a expected to use sysctl (as discussed on net@). MFC after: 5 days. Discussed on: net@
* Slightly reword comment and remove typos.keramida2008-09-051-3/+3
|
* whitespace nitjulian2008-09-031-1/+1
|
* Wrap an 81 column SYSCTL_NODE decleration.brooks2008-09-011-1/+2
| | | | Obtained from: //depot/projects/vimage-commit2/...
* Don't check if an interface can do tcp offload if there are no offload ↵kmacy2008-09-012-1/+8
| | | | | | | devices registered on the system. Suggested by: rwatson MFC after: 3 days
* fix tiny nti in commentjulian2008-08-311-1/+1
|
* Improve the entropy of the source port randomization for network addresscsjp2008-08-301-6/+6
| | | | | | | | | translation. It turns out this is useful for applications which require source port randomization for security (i.e. dns servers). Discussed with: secteam Requested by: mlaier MFC after: 2 weeks
* Fix a bug whereby multicast packets that are looped back locallygnn2008-08-291-1/+5
| | | | | | | | | wind up with the incorrect checksum on the wire when transmitted via devices that do checksum offloading. PR: kern/119635 Reviewed by: rwatson MFC after: 5 days
* Fix typo in comment.rpaulo2008-08-281-1/+1
|
* ok, non static the function and put in the .h sorrs2008-08-282-1/+3
| | | | | | when we do INVARANT compile the compiler will not dis the function that is not used. Hmm maybe I should have made it ifndef INVARIANTs..
* Fixes compile error when INVARIANTs is on. Adds anrrs2008-08-281-0/+2
| | | | empty goto to keep the compiler happy.
* - Make strict-sacks be the default.rrs2008-08-287-6/+126
| | | | | | | - Change it so that without INVARIANTs there are no panics in SCTP. - sctp_timer changes so that we have a recovery mechanism when the sent list is out of order.
* Fix a panic in MAC kernels that was a result of un-initialized labelcsjp2008-08-271-3/+0
| | | | | | | | | storage. We can safely remove the label copying operations since M_MOVE_PKTHDR will move the mbuf tags (which contain MAC labels) to the destination mbuf. MFC after: 1 week Discussed with: rwatson
* - When we close a socket with pending assoc's that are stillrrs2008-08-271-0/+1
| | | | | | | shutting down, NULL out the socket pointer so we won't ever refer to a dead socket. Obtained from: Neil Wilson
* Another missed V_ instancejulian2008-08-251-1/+1
|
* Another V_ forgottenjulian2008-08-252-2/+2
|
* We left out V_static_len from ip_fw2.cjulian2008-08-251-3/+3
| | | | | (also a whitespace diff that i'd rahter fix her ethan break in the vimage branch.)
* Move some struct defs around. This is a prep step for Vimage.Ajulian2008-08-252-67/+67
| | | | No real effect of this at this time.
* Make the kernel compile with SCTP and SCTP_DEBUG butbz2008-08-241-1/+2
| | | | no INET6 defined.
* Don't calculate checksum if it has already been validatedkmacy2008-08-241-6/+14
| | | | | Obtained from: Chelsio Inc. MFC after: 3 days
* Cache the cred locally in _syncache_add() while holding the locks, sobz2008-08-231-0/+12
| | | | | | | | | | | | | we can be sure that it's valid. In case we abort early free it again else put it into the syncache. We need the cred in the syncache to be able to restrict what will be exportet by the sysctl helper function syncache_pcblist() (to netstat) within jails. PR: kern/126493 Reviewed by: rwatson (earlier versions) MFC after: 3 days
* Add an explicit comment why we NULLify the two variables.bz2008-08-231-0/+1
| | | | | Reviewed by: rwatson MFC after: 3 days
* Remove comments and #ifdef notyet'd code relating to directly dispatchingrwatson2008-08-211-17/+0
| | | | | | | | the IP multicast input code from the output path; we don't allow reentrance of the input path from the IP output path, it must use the netisr due to potential lock recursion. MFC after: 3 days
* Fix some of the formatting fixes.. It's amazing how some thing stand outjulian2008-08-203-6/+5
| | | | in a commit message.
* A bunch of formatting fixes brough to light by, or created by the Vimage commitjulian2008-08-208-29/+40
| | | | a few days ago.
* Fix ARP in bridging scenarios where the bridge shares itsphilip2008-08-181-1/+24
| | | | | | | | MAC address with one of its members (see my r180140). Pointy hat to: philip Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> MFC after: 3 days
* Commit step 1 of the vimage project, (network stack)bz2008-08-1737-1166/+1204
| | | | | | | | | | | | | | | | | | | | | | | | virtualization work done by Marko Zec (zec@). This is the first in a series of commits over the course of the next few weeks. Mark all uses of global variables to be virtualized with a V_ prefix. Use macros to map them back to their global names for now, so this is a NOP change only. We hope to have caught at least 85-90% of what is needed so we do not invalidate a lot of outstanding patches again. Obtained from: //depot/projects/vimage-commit2/... Reviewed by: brooks, des, ed, mav, julian, jamie, kris, rwatson, zec, ... (various people I forgot, different versions) md5 (with a bit of help) Sponsored by: NLnet Foundation, The FreeBSD Foundation X-MFC after: never V_Commit_Message_Reviewed_By: more people than the patch
* Fix a regression introduced in r179289 splitting up ip6_savecontrol()bz2008-08-161-1/+1
| | | | | | | | | | | | into v4-only vs. v6-only inp_flags processing. When ip6_savecontrol_v4() is called from ip6_savecontrol() we were not passing back the **mp thus the information will be missing in userland. Istead of going with a *** as suggested in the PR we are returning **mp now and passing in the v4only flag as a pointer argument. PR: kern/126349 Reviewed by: rwatson, dwmalone
* Nitdes2008-08-091-2/+1
|
* Minor white space tweaks.rwatson2008-08-072-7/+6
| | | | MFC after: 1 week
* Correct comment typo.rwatson2008-08-071-2/+2
| | | | MFC after: 1 week (after inpcb rwlocking)
* Minor style tweaks.jhb2008-08-051-6/+5
|
* The IPFW code accepts the use of the tablearg keyword along with the skiptojulian2008-08-011-8/+21
| | | | | | | | | | | | keyword. But it doesn't work. Two options.. make it no longer accept it, or actually make it work.. I chose the 2nd.. Allow the tablearg to be used to specify a skipto destination. This is actually a very powerful construct if used correctly, or a sink of cpu cycles if used badly. changes t teh man page will follow.
* MFp4 (//depot/projects/tcpecn/):rpaulo2008-07-315-14/+155
| | | | | | | | TCP ECN support. Merge of my GSoC 2006 work for NetBSD. TCP ECN is defined in RFC 3168. Partly reviewed by: dwmalone, silby Obtained from: NetBSD
* Adds support for the SCTP_PORT_REUSE optionrrs2008-07-317-110/+330
| | | | | | Fixes a refcount bug found in the process Obtained from: With the help of Michael Tuexen
* Fix build breakage - kthread_exit() in 8 now has no argumentsrrs2008-07-291-1/+2
| | | | MFC after: 1 week
* - Out with some printfs.rrs2008-07-296-19/+12
| | | | | | | - Fix a initialization of last_tsn_used - Fix handling of mapped IPv4 addresses Obtained from: Michael Tuexen and I :-) MFC after: 1 week
* Some style and assertion fixes to the previous commits hinted by rwatson.mav2008-07-281-3/+9
| | | | There is no functional changes.
OpenPOWER on IntegriCloud