| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Note that after calling rtalloc(9) we only check if a route has been
returned or not and do not check for its validity. This cannot be
improved without a massive refactoring.
The kernel currently *do* use !RTF_UP route due to a mismatch between
the value of ifp->if_link_state and the IFF_UP|IFF_RUNNING code.
I'd explain the RTF_UP flag as follow:
. If a cached route entry w/o RTF_UP is passed to ip{6,}_output(),
. call rtalloc(9) to see if a better entry is present in the tree.
This is enough to support MPATH and route cache invalidation.
ok bluhm@
|
| | |
|
| |
|
|
|
|
| |
specific places.
ok claudio@, benno@
|
| |
|
|
|
|
| |
needs to see lo0 in the output path.
ok claudio@
|
| |
|
|
|
|
|
|
|
| |
lookup to ensure pf_test() is called with the same interface in the
input annd output path for local traffic.
Fix a regression reported by Heiko Zimmermann on bugs@, thanks!
ok mikeb@, claudio@
|
| |
|
|
|
|
|
|
|
| |
Use instead the RTF_LOCAL flag to loop local traffic back to the
corresponding protocol queue.
With this change rt_ifp is now always the same as rt_ifa->ifa_ifp.
ok claudio@
|
| |
|
|
|
|
|
|
|
|
| |
the protocol queues.
It basically does what looutput() was doing but having a generic
function will allow us to get rid of the loopback hack overwwritting
the rt_ifp field of RTF_LOCAL routes.
ok mikeb@, dlg@, claudio@
|
| |
|
|
| |
Found by jsg@ with clang
|
| |
|
|
| |
OK dlg@
|
| |
|
|
|
| |
Merge the two blocks into one that is executed before the IPSec tdb lookup.
OK mpi@ which had a sent out a similar diff around 3 years ago.
|
| |
|
|
| |
Found the hardway by naddy@
|
| |
|
|
|
|
|
|
|
| |
This introduces a behavior change as we now reject !RTF_UP routes to
output packets. This stricter check exposed a bug in the setup of
new routes and was the reason for the previous revert. This should
be now fixed by r1.229 of sys/net/route.c .
ok bluhm@
|
| |
|
|
|
|
|
|
| |
configured networks on RAMDISK kernels.
The problem is that the default route installed by dhclient(8) does not
have the RTF_UP flag in this environement and rtisvalid(9) doesn't allow
you to use a RTF_DOWN route.
|
| |
|
|
| |
ok bluhm@
|
| |
|
|
| |
Reported by jsg@, ok deraadt@
|
| |
|
|
|
|
|
|
|
| |
This pseudo-option is a hack to support return-rst on bridge(4). It
passes Ethernet information via a "struct route" through ip_output().
"struct route" is slowly dying...
ok claudio@, benno@
|
| |
|
|
| |
ok stsp mpi
|
| |
|
|
|
|
|
|
| |
compatibility with 4.3BSD in September 1989.
*Pick your own definition for "temporary".
ok bluhm@, claudio@, dlg@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
receiving interface in the packet header of every mbuf.
The interface pointer should now be retrieved when necessary with
if_get(). If a NULL pointer is returned by if_get(), the interface
has probably been destroy/removed and the mbuf should be freed.
Such mechanism will simplify garbage collection of mbufs and limit
problems with dangling ifp pointers.
Tested by jmatthew@ and krw@, discussed with many.
ok mikeb@, bluhm@, dlg@
|
| |
|
|
|
|
|
| |
annoying trailing, leading and embedded whitespace. No change to
.o files.
ok deraadt@
|
| | |
|
| |
|
|
| |
ok krw@ miod@
|
| |
|
|
| |
No objection from reyk@, OK markus, hshoexer
|
| |
|
|
| |
ok mikeb
|
| |
|
|
|
|
|
|
|
| |
This code is largely unfinished and is not used for anything. The change
leaves identities as only objects referenced by ipsec_ref structure and
their handling requires some changes to support more advanced matching of
IPsec connections.
No objections from reyk and hshoexer, with and OK markus.
|
| |
|
|
| |
Prodded by claudio@ and mikeb@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Output interface (port) selection for multicast traffic is not done via
route lookups. Instead the output ifp is registred when setsockopt(2)
is called with the IP{V6,}_MULTICAST_IF option. But since there is no
mechanism to invalidate such pointer stored in a pcb when an interface
is destroyed/removed, it might lead your kernel to fault.
Prevent a fault upon resume reported by frantisek holop, thanks!
ok mikeb@, claudio@
|
| |
|
|
| |
ok millert@, bluhm@
|
| |
|
|
| |
ok mikeb@, krw@, bluhm@, tedu@
|
| | |
|
| |
|
|
|
|
|
| |
Note that ifa_ifwithaddr() might return a broadcast address, so if you
don't want one make sure to filter them out.
ok mikeb@
|
| |
|
|
|
|
| |
functionnality instead of a mix of enable/disable.
ok bluhm@, jca@
|
| |
|
|
|
|
| |
kill the macro.
ok mikeb@, henning@
|
| |
|
|
|
|
| |
of doing a lookup on all the addresses of the outgoing interface.
ok henning@
|
| |
|
|
|
|
| |
rely on "struct route" that should die.
ok claudio@
|
| | |
|
| |
|
|
| |
after discussions with beck deraadt kettenis.
|
| |
|
|
|
|
|
| |
require the caller to do so. lteo needs that for divert soon, and is in line
with tcp/udp and the general approach that the rest of the stack should not
need to do anything regarding the cksums but setting the "needs it" flag.
ok lteo
|
| |
|
|
|
|
| |
ever used to pass on uint32 (for ipsec). stop that madness and just pass
the uint32, 0 in all cases but the two that pass the ipsec flowinfo.
ok deraadt reyk guenther
|
| |
|
|
|
| |
nothing except in_proto_cksum_out() uses it any more, and that's a good
thing. was on tech for 3 months, discussed with many
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid the confusion by using an appropriate name for the variable.
Note that since routing domain IDs are a subset of the set of routing
table IDs, the following idiom is correct:
rtableid = rdomain
But to get the routing domain ID corresponding to a given routing table
ID, you must call rtable_l2(9).
claudio@ likes it, ok mikeb@
|
| |
|
|
|
|
|
|
|
|
|
| |
localhost connections.
The plan is to always use the routing table for addresses and routes
resolutions, so there is no future for an option that wants to bypass
it. This option has never been implemented for IPv6 anyway, so let's
just remove the IPv4 bits that you weren't aware of.
Tested a least by lteo@, guenther@ and chrisz@, ok mikeb@, benno@
|
| |
|
|
| |
for localhost connections. discussed with deraadt@
|
| |
|
|
|
|
|
|
| |
use the routing table there's no future for an option that wants to
bypass it. This option has never been implemented for IPv6 anyway,
so let's just remove the IPv4 bits that you weren't aware of.
Tested by florian@, man pages inputs from jmc@, ok benno@
|
| |
|
|
|
|
|
|
|
|
| |
are are lie, since the software engine emulates hardware offloading
and that is later indistinguishable. so kill the hw cksummed counters.
introduce software checksummed packet counters instead.
tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum.
as before we still have a miscounting bug for inbound with pf on, to be
fixed in the next step.
found by, prodding & ok naddy
|
| |
|
|
| |
into consistent locations; ok henning@
|
| |
|
|
|
|
|
|
|
|
|
| |
(unplugged). Even if it makes no sense to keep them around if the
interface is no more, we cannot safely remove them since pcb multicast
options might keep a pointer to them.
Fixes a user after free introduced by the multicast address linking
rewrite and reported by Alexey Suslikov, thanks!
ok claudio@
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
instead of variable arguments.
Allows stricter type checking by the compiler at call sites and also
saves a bit of code size on some platforms (e.g., ~200 bytes on
amd64).
ok mikeb
|
| | |
|
mpi
deraadt
claudio
krw
markus
jsg
mikeb
tedu
henning
sthen
naddy
matthew