| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
the main new feature is gre keys, supported by the vnetid ioctls.
this also adds support for gre over ipv6, the use of hfsc, and
allows tx mitigation in the future.
this diff removes keepalive support, but i promised claudio@ and
patrick@ i would put it back after this goes in.
ok claudio@
|
| |
|
|
|
|
|
|
| |
having mobileip in gre makes it hard to cut gre up. the current mobileip
code is also broken, so this is def and improvement. it also makes it
easy to disable and remove mobileip in the future.
ok claudio@ henning@
|
| |
|
|
|
|
|
|
|
|
|
| |
this makes it like all our other protocol family input functions.
mpls_input always looks up the interface the mbuf was received on,
but it's always called by code that already has a reference to that
interface anyway. the result of this is a few less if_get/if_put
calls.
ok mpi@ bluhm@ visa@ claudio@
|
| |
|
|
|
|
| |
pr_input handlers without KERNEL_LOCK().
ok visa@
|
| |
|
|
|
|
| |
Exposes per-CPU counters to real parrallelism.
ok visa@, bluhm@, jca@
|
| |
|
|
|
|
| |
Especially in tcp_usrreq() connect detect the correct address family
based on the inp_flags instead of the sa_family user input.
OK mpi@
|
| |
|
|
|
|
|
| |
This will help transitionning to an un-KERNEL_LOCK()ed IP
forwarding path.
Disucssed with bluhm@, ok claudio@
|
| |
|
|
|
|
|
| |
change the pointer. Then *mp keeps the invalid pointer and it might
be used. Fix the potential use after free and also reset *mp in
other places to have less dangling pointers to freed mbufs.
OK mpi@ mikeb@
|
| |
|
|
|
| |
allows to simplify code used for both IPv4 and IPv6.
OK mikeb@ deraadt@
|
| |
|
|
|
|
|
| |
to get rid of struct ip6protosw and some wrapper functions. It is
more consistent to have less different structures. The divert_input
functions cannot be called anyway, so remove them.
OK visa@ mpi@
|
| |
|
|
|
|
| |
make the variable parameters of the protocol input functions fixed.
Also add the proto to make it similar to IPv6.
OK mpi@ guenther@ millert@
|
| |
|
|
| |
ok visa@, mikeb@
|
| |
|
|
|
|
|
|
|
| |
We don't expect inbound packets to come to PF with statekey attached.
- I've also found missing call to pf_pkt_addr_changed() at various
places, which needs to get fixed to prevent KASSERT() from firing.
OK mpi@, sthen@
|
| |
|
|
|
|
|
|
|
| |
them and they make everything so much harder with no gain. Remove the
ifp argument from mpls_input since it is not needed. On the input side
the lookup side is modified a bit when it comes to BOS handling.
Tested in a L3VPN setup with ldpd and bgpd. Commiting now so we can move
on with cleaning up rt_ifp usage. If this breaks L2VPN I will fix it once
reported. OK mpi@
|
| |
|
|
|
|
| |
directly. Also protect non mp-safe functions while at it.
ok mpi@.
|
| |
|
|
|
|
| |
with MPLS packets.
ok mpi@, claudio@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
with niqueues.
this change is so big because there's a lot of code that takes
pointers to different input queues (eg, ether_input picks between
ipv4, ipv6, pppoe, arp, and mpls input queues) and falls through
to code to enqueue packets against the pointer. if i changed only
one of the input queues id have to add sepearate code paths, one
for ifqueues and one for niqueues in each of these places
by flipping all these input queues at once i can keep the currently
common code common.
testing by mpi@ sthen@ and rafael zalamena
ok mpi@ sthen@ claudio@ henning@
|
| |
|
|
|
|
|
| |
skipping the wccp 2 header. Tested with Cisco ASA.
"looks correct" claudio
ok yasuoka
|
| |
|
|
|
| |
long live the one true internet.
ok henning mikeb
|
| |
|
|
| |
ok mpi@ kspillner@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid the confusion by using an appropriate name for the variable.
Note that since routing domain IDs are a subset of the set of routing
table IDs, the following idiom is correct:
rtableid = rdomain
But to get the routing domain ID corresponding to a given routing table
ID, you must call rtable_l2(9).
claudio@ likes it, ok mikeb@
|
| | |
|
| |
|
|
|
|
| |
global variables to in6.h.
ok deraadt@
|
| |
|
|
|
|
| |
global variables to in.h.
ok mikeb@, deraadt@
|
| |
|
|
|
|
|
| |
created a bunch of useless dependencies. Remove this implicit
inclusion and do an explicit #include <netinet6/in6_var.h> when it
is needed.
OK mpi@ henning@
|
| | |
|
| |
|
|
|
|
|
|
| |
`net.pipex.enable' to enable PIPEX. By default, pipex is disabled
and it will not process packets from wire. Update man pages and
update HOWTO_PIPEX_NPPPD.txt for testers.
discussed with dlg@, ok deraadt@ mcbride@ claudio@
|
| |
|
|
| |
ok claudio@
|
| | |
|
| |
|
|
| |
OK djm@ claudio@ dlg@
|
| |
|
|
|
|
|
|
| |
We can use IPv6 address as outer header of L2TP.
Kernel ABI is changed. You must update npppd.
OK @claudio, yasuoka@, dlg@
|
| |
|
|
|
|
| |
the one used by Cisco. It sends a return gre packet inside a gre packet
to the other side and expects it to return.
OK deraadt, reyk additional testing by sthen
|
| |
|
|
| |
is defined.
|
| |
|
|
|
|
| |
sysctl.h was reliant on this particular include, and many drivers included
sysctl.h unnecessarily. remove sysctl.h or add proc.h as needed.
ok deraadt
|
| |
|
|
| |
ok @dlg
|
| |
|
|
|
| |
different rdomain than the default one. This allows to do MPLS VPNs
without the MPLS madness. OK deraadt@, henning@
|
| |
|
|
| |
tested by Manuel Rodriguez Morales <marodriguez at grupogdt.com>
|
| |
|
|
|
|
|
|
|
| |
Not sure what's more surprising: how long it took for NetBSD to
catch up to the rest of the BSDs (including UCB), or the amount of
code that NetBSD has claimed for itself without attributing to the
actual authors.
OK deraadt@
|
| | |
|
| | |
|
| |
|
|
|
| |
outbound), using a new BIOCSDIRFILT ioctl;
guidance, feedback and ok canacar@
|
| |
|
|
|
|
| |
the remainder of the network stack from splimp to splnet.
ok miod@
|
| |
|
|
|
|
|
|
|
|
| |
to bpf with either an address family or other header added.
These helpers only allocate a much smaller struct m_hdr on the stack when
needed, rather than leaving 256 byte struct mbufs on the stack in deep
call paths. Also removes a fair bit of duplicated code.
commit now, tune after deraadt@
|
| | |
|
| |
|
|
| |
ok henning@, mcbride@
|
| | |
|
| | |
|
| |
|
|
| |
(please test, especially PF portion)
|
dlg
mpi
bluhm
sashan
claudio
rzalamena
mcbride
tedu
jsg
henning
yasuoka
dhill
sthen
hsuenaga
ray
miod
djm
brad
pascoe
pb
itojun
markus