summaryrefslogtreecommitdiffstats
path: root/sys/net/if_enc.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* "id" is too generic, rename to "rdomain" for clarity and easier greppingjca2018-07-081-23/+23
| | | | ok benno@ mpi@
* Use the same test pattern as for enc_ifps, for consistencyjca2018-07-081-2/+2
| | | | ok denis@
* Fix a kernelpanic when using rdomain(4) and enc(4)denis2018-06-251-2/+2
| | | | OK jca@ mpi@
* Last changes before running IPsec w/o KERNEL_LOCK().mpi2017-10-161-1/+3
| | | | | | | | | | Put more NET_ASSERT_LOCK() and document which globals it protects. Add a mutex for pfkeyv2 globals. Convert ipsp_delete_acquire() to timeout_set_proc(). Tested by Hrvoje Popovski, ok bluhm@ visa@
* Remove NET_LOCK()'s argument.mpi2017-08-111-9/+8
| | | | Tested by Hrvoje Popovski, ok bluhm@
* Protect the global array of interfaces with the NET_LOCK().mpi2017-05-281-9/+17
| | | | ok sashan@
* Flag pseudo-interfaces as such in order to call add_net_randomness()mpi2017-01-231-1/+2
| | | | | | | | | only once per packet. Fix a regression introduced when if_input() started to be called by every pseudo-driver. ok claudio@, dlg@
* No need to handle SIOCAIFADDR in drivers, it's never passed down tompi2017-01-201-2/+1
| | | | | | them. ok claudio@
* Make enc_output() return EAFNOSUPPORT after dropping the packet,krw2016-09-041-2/+2
| | | | | | instead of 0. Makes it consistent with other similar interfaces. ok mpi@ vgross@
* use IFQ_DEQUEUE to pull of the send queue.dlg2015-11-091-3/+2
|
* Rename rtrequest1() to rtrequest().bluhm2015-10-301-2/+2
| | | | OK mpi@
* Kill link_rtrequest(), introduce in 1990 to "fix" the resultmpi2015-10-221-2/+1
| | | | | | | of rt_getifa() when adding link level route from outside the kernel. ok claudio@
* Inspired by satosin(), use inline functions to convert sockaddr dl.bluhm2015-10-221-2/+3
| | | | | | Instead of casts they check wether the incoming object has the expected type. So introduce satosdl() and sdltosa() in the kernel. OK mpi@
* Remove some includes include-what-you-use claims don'tjsg2015-03-141-2/+1
| | | | | | | have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels. ok tedu@ deraadt@
* yet more mallocarray() changes.doug2014-12-131-5/+7
| | | | ok tedu@ deraadt@
* There's no good reason to keep into "struct ifnet" a pointer that's onlympi2014-12-081-3/+20
| | | | | | used by enc(4) devices to attach their routes. ok sthen@, mikeb@
* Explicitly include <net/if_var.h> instead of pulling it in <net/if.h>.mpi2014-12-051-1/+2
| | | | ok mikeb@, krw@, bluhm@, tedu@
* remove uneeded route.h includesjsg2014-09-081-2/+1
| | | | ok miod@ mpi@
* add a size argument to free. will be used soon, but for now default to 0.tedu2014-07-121-5/+5
| | | | after discussions with beck deraadt kettenis.
* Fix IPsec route addition broken since the removal of the link-layermpi2014-05-211-1/+6
| | | | | | | | | addresses from the per-ifp list. While here document why enc(4) needs a link-layer address, or at least something that seems to be one. Found the hard way and fix tested by naddy@, ok mikeb@, henning@
* The error return codes for the enc interface were inconsistent.bluhm2013-09-271-8/+9
| | | | | Always return the appropriate errno. OK reyk@ mikeb@
* Fix the naming of interfaces and variables for rdomains and rtablesguenther2010-07-031-2/+2
| | | | | | | | | | | | and make it possible to bind sockets (including listening sockets!) to rtables and not just rdomains. This changes the name of the system calls, socket option, and ioctl. After building with this you should remove the files /usr/share/man/cat2/[gs]etrdomain.0. Since this removes the existing [gs]etrdomain() system calls, the libc major is bumped. Written by claudio@, criticized^Wcritiqued by me
* Allow to specify an alternative enc(4) interface for an SA. Allreyk2010-07-011-17/+50
| | | | | | | | | | | | | | | | | | | traffic for this SA will appear on the specified enc interface instead of enc0 and can be filtered and monitored separately. This will allow to group individual ipsec policies to virtual interfaces and simplifies monitoring and pf filtering with many ipsec policies a lot. This diff includes the following changes: - Store the enc interface unit (default 0) in the TDB of an SA and pass it to the enc_getif() lookup when running the bpf or pf_test() handlers. - Add the pfkey SADB_X_EXT_TAP extension to communicate the encX interface unit for a specified SA between userland and kernel. - Update enc(4) again to use an allocate array instead of the TAILQ to lookup the matching enc interface in enc_getif() quickly. Discussed with many, tested by a few, will need more testing & review. ok deraadt@
* We have to add enc0 to the "enc" interface group manually on boot.reyk2010-07-011-1/+3
| | | | Adopted from the loop lo0 code.
* Replace enc(4) with a new implementation as a cloner device. We stillreyk2010-06-291-96/+196
| | | | | | | | | | create enc0 by default, but it is possible to add additional enc interfaces. This will be used later to allow alternative encs per policy or to have an enc per rdomain when IPsec becomes rdomain-aware. manpage bits ok jmc@ input from henning@ deraadt@ toby@ naddy@ ok henning@ claudio@
* encif is a global variable and thus pre-zeroed, don't bother bzero()ingoga2010-04-091-3/+1
| | | | | | it after the fact. ok henning@, claudio@
* return with ENOTTY instead of EINVAL for unknown ioctl requests.brad2007-12-201-2/+2
| | | | ok claudio@ krw@ jason@ dlg@
* one extern seems to be better than 20 for ifqmaxlen; ok krwjason2007-05-261-3/+1
|
* ansify the enc codereyk2006-12-121-62/+51
| | | | ok otto@
* Kill unused encrtrequest(). OK markus@claudio2006-06-281-13/+1
|
* With the exception of two other small uncommited diffs this movesbrad2006-03-041-2/+2
| | | | | | the remainder of the network stack from splimp to splnet. ok miod@
* no more netns handling for the various tunnel devices and loopbackhenning2005-06-081-5/+1
|
* Kill more netiso ghosts.grange2004-09-151-5/+1
| | | | ok millert@
* string fixes; tedu okderaadt2003-05-031-2/+2
|
* allocate sockaddr_dl for ifnet in if_alloc_sadl(), as we don't always knowitojun2002-06-301-1/+2
| | | | | the size of sockaddr_dl on if_attach() - for instance, see ether_ifattach(). from netbsd. fgs ok
* attach nd_ifinfo structure to if_afdata.itojun2002-05-291-4/+1
| | | | | split IPv6 MTU (advertised by RA) from real link MTU. sync with kame
* First round of __P removal in sysmillert2002-03-141-7/+7
|
* KNFprovos2001-06-271-3/+3
|
* Copyright update.angelos2001-06-251-4/+4
|
* One more include cleanup, just to piss off Aaron :-)angelos2001-06-081-13/+1
|
* Move offsetof define into sys/param.hcsapuntz2001-04-061-5/+1
|
* For bridged IPsec, use the gif* interfaces.angelos2000-12-301-334/+5
|
* initialize mtu/hlim for enc interface at encattach().itojun2000-06-201-1/+5
| | | | | | | | | | backgronud: inbound ipsec packet will have enc* as m->m_pkthdr.rcvif. when we try to reflect the packet back in the kernel (like icmp6 echo), we'd generate packet toward enc* interface. icmp6_reflect() will take hoplimit value from nd_ifinfo[enc*], which was not initialized by the old code. XXX the change to m->m_pkthdr.rcvif violates IPv6 scoped routing. we will need to disable it, for at least IPv6.
* Stats for bridge output too.angelos2000-04-181-4/+4
|
* Sanity check on dequeued mbufs, also keep track of correct interfaceangelos2000-04-181-1/+9
| | | | for statistics purposes.
* Fix checksum for outgoing etherip/ipip packets from enc interfaces.angelos2000-04-121-1/+12
|
* Minor oops in sanity logic, IFF_RUNNING is set/unset with IFF_UP,angelos2000-04-101-3/+9
| | | | be paranoid with uninitialized variable.
* output routine enqueues and calls start, rather than requeueing for input.angelos2000-04-101-55/+14
|
* Typo.angelos2000-04-101-2/+2
|
* SIOCAIFADDR.angelos2000-04-101-1/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.