| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
ifpp - XXX: just for statistics
ifpp is always NULL in all callers so that statistic confirms ifpp is
dying
OK mpi@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
| |
|
|
|
|
|
| |
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
| |
|
|
|
|
|
|
| |
no real compat issue since we're using spare bytes.
old -> new ends up with set prio (0, 0) equivalent
new -> old is entirely harmless, old ignores the prios.
requested by Alexey Suslikov <alexey.suslikov at gmail>
ok phessler pelikan dlg
|
| |
|
|
|
|
| |
before <net/pfvar.h> or <net/if_pflog.h>. The kernel files can be
cleaned up next. Some sockaddr_union steps make it into here as well.
ok naddy
|
| |
|
|
|
| |
long live the one true internet.
ok henning mikeb
|
| |
|
|
| |
Prodded by claudio@ and mikeb@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Output interface (port) selection for multicast traffic is not done via
route lookups. Instead the output ifp is registred when setsockopt(2)
is called with the IP{V6,}_MULTICAST_IF option. But since there is no
mechanism to invalidate such pointer stored in a pcb when an interface
is destroyed/removed, it might lead your kernel to fault.
Prevent a fault upon resume reported by frantisek holop, thanks!
ok mikeb@, claudio@
|
| | |
|
| |
|
|
| |
ok bluhm@ dlg@ florian@ mpi@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pfsync_sendout. more specifically, move the reset of sc->sc_len to
PFSYNC_MINPKT above ip_output.
this prevents a situation where ipsec via ip_output calls
pfsync_update_tdb for syncing the ipsec flow to a peer, which
accounts for the tdb in the next pfsync packet, before unwinding
back to pfsync_output which resets the accounting we just did.
the next pfsync packet to be sent out will be allocated with a short
length because sc_len is wrong, and the long lists of things (eg,
the tdb) can overwrite memory after the mbuf. this manifests as
incorrect poisoning or xsimpleq entry corruption in mbufs still in
a pool, or random corruption of m->m_next on other mbufs in the
system.
bug found, fix tested, and ok stsp@
|
| |
|
|
| |
ok miod@ mpi@
|
| | |
|
| |
|
|
| |
after discussions with beck deraadt kettenis.
|
| |
|
|
|
|
| |
ever used to pass on uint32 (for ipsec). stop that madness and just pass
the uint32, 0 in all cases but the two that pass the ipsec flowinfo.
ok deraadt reyk guenther
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid the confusion by using an appropriate name for the variable.
Note that since routing domain IDs are a subset of the set of routing
table IDs, the following idiom is correct:
rtableid = rdomain
But to get the routing domain ID corresponding to a given routing table
ID, you must call rtable_l2(9).
claudio@ likes it, ok mikeb@
|
| |
|
|
|
|
| |
Found by LLVM/Clang Static Analyzer.
ok benno@ henning@
|
| |
|
|
| |
from erik at halon dot se, ok benno phessler benno
|
| |
|
|
|
|
|
| |
created a bunch of useless dependencies. Remove this implicit
inclusion and do an explicit #include <netinet6/in6_var.h> when it
is needed.
OK mpi@ henning@
|
| |
|
|
|
|
|
| |
not getting assigned to rules like they should cos pfsync_in_upd() wasnt
passing the PFSYNC_SI_CKSUM flag along to pfsync_state_import.
found and fixed by pedro
|
| |
|
|
| |
Reported by naddy@
|
| |
|
|
|
|
|
| |
structure rather than doing various M_WAITOK allocations during
the *attach() functions, we always rely on them anyway.
ok mikeb@, uebayasi@
|
| |
|
|
|
|
|
|
|
|
|
| |
key we need to sync our state key pointers with whatever values
the function will pick. Not doing so will produce wrong results
if address translation must be applied afterwards and we happen
to have a state key collision. Then pf_translate will follow an
old pointer and punch in garbage addresses into the packet.
Noticed, initial patch and tests by Vitaly Sinilin <vs @ kp4 ! ru>
ok tedu, henning
|
| | |
|
| |
|
|
| |
ok beck@, mikeb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
runtime while time_uptime is monotonic. Prevent underflows in
pfsync(4) and pflow(4) by using signed variables. pfsync(4) problem
pointed out by camield.
Diff originally by dlg, frag and pflow bits by me.
feedback dlg
man page tweak jmc
Various versions of the pflow bits tested by Hrvoje Popovski
(hrvoje AT srce DOT hr), thanks!
ok benno, henning, dlg
|
| |
|
|
|
|
| |
the syncdev gets set. this also makes sure we no longer leak hooks on
repeatet 'ifconfig syncdev' invocations.
ok mikeb@
|
| |
|
|
| |
followed by ifconfig destroy; ok mikeb
|
| |
|
|
|
|
|
|
| |
it's cancelling the bulk update and can leave the machine in a
demoted state.
bug was noticed by benno, who was kind enough to verify that the
fix is working fine. ok mpf, benno
|
| |
|
|
|
|
|
|
| |
with the latter
no change in md5 checksum of generated files
ok claudio@ henning@
|
| |
|
|
| |
ok camield mpf
|
| |
|
|
| |
to the 16 bit flags; reminded by claudio, ok henning
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
1) demote by 32 on the first bulk update to prevent failovers w/o having
a full state table;
2) don't do any demotion adjustments on the link up event and undemote
when bulk update finishes (or times out) preventing a race between
nodes getting a link state update asynchronously.
With phessler; tested by phessler and Kapetanakis Giannis. Thanks!
Looked through by henning and dlg. Now the correct version.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
1) demote by 32 on the first bulk update to prevent failovers w/o having
a full state table;
2) don't do any demotion adjustments on the link up event and undemote
when bulk update finishes (or times out) preventing a race between
nodes getting a link state update asynchronously.
With phessler; tested by phessler and Kapetanakis Giannis. Thanks!
Looked through by henning and dlg.
|
| |
|
|
| |
figured out by and ok guenther
|
| | |
|
| |
|
|
|
| |
moving the state export functionality from pfsync code into pf.
Based on the initial diff diff by guenther, ok henning.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
pf to fix that.
- add #ifdef INET6 in obvious places
- af translation is only possible with both INET and INET6
- interleave #endif /* INET6 */ and closing brace correctly
- it is not necessary to #ifdef function prototypes
- do not compile af translate functions at all instead of empty stub,
then the linker will report inconsistencies
- pf_poolmask() actually takes an sa_family_t not an u_int8_t argument
No binary change for GENERIC compiled with -O2 and -UDIAGNOSTIC.
reported by Olivier Cochard-Labbe; ok mikeb@ henning@
|
| |
|
|
|
|
|
|
|
| |
this prevents backup to failover back to master immediately
after getting link back on carpdev interface if underlying
pfsync interface went down as well. instead pfsync will
request a bulk update to get new states from the master.
sthen and mpf like the idea, ok dlg
|
| |
|
|
| |
ok dlg claudio
|
| |
|
|
|
|
|
|
|
|
|
|
| |
with every other thing that stores the state id (including other pfsync
messages).
includes improvements to the systat code to consider the creatorid as well
as the state id in its cache to avoid collisions between states created on
different hosts.
tested by me in production and on amd64 talking to sparc64.
ok henning@
|
| |
|
|
| |
accidental race conditions. From Erik Lax, thanks! ok dlg
|
| |
|
|
|
|
| |
connection does not observe the route-to option.
ok dlg mikeb
|
| |
|
|
|
|
|
| |
skewed at runtime by things like date(1) and ntpd. time_uptime is
monotonic and therefore more useful to compare against.
ok deraadt@ mikeb@
|
| |
|
|
|
|
|
|
| |
only when we're going up, not when we set PROMISC or any other
flag. Fixes spontaneous CARP failovers when running tcpdump
on pfsync.
ok henning, mcbride, camield
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
calculations, and does _not_ denote the time when to expire. So
it should never be added to (set into the future).
Try to reconstruct it with an educated guess on state import and
just set it to the current time on state updates.
This fixes a problem on pfsync listeners where the expiry time
could be double the expected value and cause a lot more states
to linger.
Timeout code from mikeb.
Found and testing by Maxim Bourmistrov.
ok mikeb dlg
|
| |
|
|
| |
an icmp<->icmp6 state (nat64); ok henning, mcbride, dlg
|
| |
|
|
| |
interface. Problem report and fix from Erik Lax, thanks!
|
claudio
mpi
jsg
henning
deraadt
tedu
lteo
dlg
chl
bluhm
mikeb
florian
markus
blambert
camield
mcbride