summaryrefslogtreecommitdiffstats
path: root/sys/netinet/ip_var.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Kill IP_ROUTETOETHER.mpi2015-07-161-2/+1
| | | | | | | | | This pseudo-option is a hack to support return-rst on bridge(4). It passes Ethernet information via a "struct route" through ip_output(). "struct route" is slowly dying... ok claudio@, benno@
* Remove the "multicast_" prefix from the fields a multicast-only struct.mpi2014-12-171-3/+3
| | | | Prodded by claudio@ and mikeb@
* Use an interface index instead of a pointer for multicast options.mpi2014-12-171-3/+3
| | | | | | | | | | | | Output interface (port) selection for multicast traffic is not done via route lookups. Instead the output ifp is registred when setsockopt(2) is called with the IP{V6,}_MULTICAST_IF option. But since there is no mechanism to invalidate such pointer stored in a pcb when an interface is destroyed/removed, it might lead your kernel to fault. Prevent a fault upon resume reported by frantisek holop, thanks! ok mikeb@, claudio@
* Kill in_iawithaddr() and use ifa_ifwithaddr() directly.mpi2014-11-051-3/+1
| | | | | | | Note that ifa_ifwithaddr() might return a broadcast address, so if you don't want one make sure to filter them out. ok mikeb@
* ip_output() using varargs always struck me as bizarre, esp since it's onlyhenning2014-04-211-4/+3
| | | | | | ever used to pass on uint32 (for ipsec). stop that madness and just pass the uint32, 0 in all cases but the two that pass the ipsec flowinfo. ok deraadt reyk guenther
* Retire kernel support for SO_DONTROUTE, this time without breakingmpi2014-04-071-2/+1
| | | | | | | | | | | localhost connections. The plan is to always use the routing table for addresses and routes resolutions, so there is no future for an option that wants to bypass it. This option has never been implemented for IPv6 anyway, so let's just remove the IPv4 bits that you weren't aware of. Tested a least by lteo@, guenther@ and chrisz@, ok mikeb@, benno@
* revert "Retire kernel support for SO_DONTROUTE" diff, which does bad thingssthen2014-03-281-1/+2
| | | | for localhost connections. discussed with deraadt@
* Retire kernel support for SO_DONTROUTE, since the plan is to alwaysmpi2014-03-271-2/+1
| | | | | | | | use the routing table there's no future for an option that wants to bypass it. This option has never been implemented for IPv6 anyway, so let's just remove the IPv4 bits that you weren't aware of. Tested by florian@, man pages inputs from jmc@, ok benno@
* Stop dereferencing the ifp pointer present in the packet header allmpi2014-03-271-3/+1
| | | | | | | over the input path since it is going to die. Should be no functional change. ok mikeb@, lteo@, benno@
* since the cksum rewrite the counters for hardware checksummed packetshenning2014-01-231-3/+3
| | | | | | | | | | are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
* Change ip_output()'s non-optional arguments to be standard argumentsmatthew2013-12-171-2/+4
| | | | | | | | | | instead of variable arguments. Allows stricter type checking by the compiler at call sites and also saves a bit of code size on some platforms (e.g., ~200 bytes on amd64). ok mikeb
* Instead of stripping the IP options manually in icmp_reflect(),bluhm2013-11-171-2/+2
| | | | | | just call ip_stripoptions(). Remove an unneeded parameter and adjust the ip length in ip_stripoptions(). from FreeBSD; OK deraadt@ henninh@ lteo@
* Move obvious kernel prototypes (and structure's with kernel pointers,deraadt2013-10-241-54/+55
| | | | | | | obviously only used in the kernel) behind #ifdef _KERNEL This is a more substantial change than the others commited minutes ago, so it is seperate. More structs get hidden. ok various
* There are gasps of shock! Add a pmtu delay sysctl BUTTON for netinet6,deraadt2013-10-211-1/+3
| | | | | making the code the same as netinet4 along the way. ok bluhm phessler
* When net.inet.ip.sourceroute is enable, store the source routempi2013-08-131-2/+2
| | | | | | | | | | | | of incoming IPv4 packets with the SSRR or LSRR header option in a m_tag rather than in a single static entry. Use a new m_tag type, PACKET_TAG_SRCROUTE, for this and bump PACKET_TAG_MAXSIZE accordingly. Adapted from FreeBSD r135274 with inputs from bluhm@. ok bluhm@, mikeb@
* Remove various external variable declaration from sources files andmpi2013-04-101-1/+17
| | | | | | | move them to the corresponding header with an appropriate comment if necessary. ok guenther@
* add IP_IPSECFLOWINFO option to sendmsg() and recvmsg(), so npppd(4)markus2012-07-161-1/+2
| | | | | | | can use this to select the IPsec tunnel for sending L2TP packets. this fixes Windows (always binding to 1701) and Android clients (negotiating wildcard flows); feedback mpf@ and yasuoka@; ok henning@ and yasuoka@; ok jmc@ for the manpage
* remove IP_JUMBO, SO_JUMBO, and RTF_JUMBO.dlg2012-03-171-2/+1
| | | | no objection from mcbride@ krw@ markus@ deraadt@
* reintroduce using the RB tree for local address lookups. this isdlg2011-04-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | confusing because both addresses and broadcast addresses are put into the tree. there are two types of local address lookup. the first is when the socket layer wants a local address, the second is in ip_input when the kernel is figuring out the packet is for it to process or forward. ip_input considers local addresses and broadcast addresses as local, however, the handling of broadcast addresses is different depending on whether ip_directedbcast is set. if if ip_directbcast is unset then a packet coming in on any interface to any of the systems broadcast addresses is considered local, otherwise the broadcast packet must exist on the interface it was received on. the code also needs to consider classful broadcast addresses so we can continue some legacy applications (eg, netbooting old sparcs that use rarp and bootparam requests to classful broadcast addresses as per PR6382). this diff maintains that support, but restricts it to packets that are broadcast on the link layer (eg, ethernet broadcasted packets), and it only looks up addresses on the local interface. we now only support classful broadcast addresses on local interfaces to avoid weird side effects with packets routed to us. the ip4 socket layer does lookups for local addresses with a wrapper around the global address tree that rejects matches against broadcast addresses. we now no longer support bind sockets to broadcast addresses, no matter what the value of ip_directedbcast is. ok henning@ testing (and possibly ok) claudio@
* Backout the in_iawithaddr() -> ifa_ifwithaddr() change.claudio2011-04-141-1/+3
| | | | | There is a massive issue with broadcast addrs because ifa_ifwithaddr() handles them differently then in_iawithaddr().
* make in_iawithaddr a wrapper for ifa_ifwithaddr plus a hack for old ancienthenning2011-04-041-3/+1
| | | | | | | | classful broadcast so we can still netboot sparc and the like. compat hack untested, i will deal with the fallout if there is any later at the same time stop exporting in_iawithaddr, everything but ip_input should (and now does) use ifa_ifwithaddr directly ok dlg sthen and agreement from many
* Initial support for routing domains. This allows to bind interfaces toclaudio2009-06-051-4/+4
| | | | | | | | | alternate routing table and separate them from other interfaces in distinct routing tables. The same network can now be used in any doamin at the same time without causing conflicts. This diff is mostly mechanical and adds the necessary rdomain checks accross net and netinet. L2 and IPv4 are mostly covered still missing pf and IPv6. input and tested by jsg@, phessler@ and reyk@. "put it in" deraadt@
* Deal with the situation when TCP nfs mounts timeout and processesthib2008-05-231-2/+2
| | | | | | | | | | | | | get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect. OK markus@, blambert@. "go ahead" deraadt@. Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
* allow 4095 instead of 20 multicast group memberships per socket (you needmarkus2007-09-181-2/+3
| | | | | | one entry for each multicast group and interface combination). this allows you to run OSPF with more than 10 interfaces. adapted from freebsd; ok claudio, henning, mpf
* Make savecontrol functions more generic and use them now for raw IP too.claudio2006-05-291-1/+4
| | | | | Additionally add the IP_RECVIF option which returns the interface a packet was received on. OK markus@ norby@
* New counter for not joined IPv4 multicast groups.mpf2005-08-111-1/+2
| | | | | | Don't count link local scope multicast as not forwardable. This stops ips_cantforward growing on carp(4) networks. tested and ok mcbride@, ok markus@.
* change the TCP reass queue from LIST to TAILQ;markus2005-08-021-16/+3
| | | | ok henning claudio fgsch krw
* Experimental support for opportunitic use of jumbograms where only some hostsmcbride2005-05-271-3/+4
| | | | | | | | | | | | | | on the local network support them. This adds a new socket option, SO_JUMBO, and a new route flag, RTF_JUMBO. If _both_ the socket option is set and the route for the host has RTF_JUMBO set, ip_output will fragment the packet to the largest possible size for the link, ignoring the card's MTU. The semantics of this feature will be evolving rapidly; talk to us if you intend to use it. ok deraadt@ marius@
* Pull the plug on source-based routing until remaining bugs are eradicated.cedric2004-06-221-2/+2
| | | | | No need to reconfig kernel or rebuild userland stuff. requested deraadt@, help beck@
* extend routing table to be able to match and route packets based oncedric2004-06-061-2/+2
| | | | | | | | their *source* IP address in addition to their destination address. routing table "destination" now contains a "struct sockaddr_rtin" for IPv4 instead of a "struct sockaddr_in". the routing socket has been extended in a backward-compatible way. todo: PMTU enhancements, IPv6. ok deraadt@ mcbride@
* make return-rst work on pure bridges. ok dhartmei@ henning@ mcbride@cedric2004-04-281-1/+2
|
* Remove the advertising clause in the UCB license which Berkeleymillert2003-06-021-6/+2
| | | | rescinded 22 July 1999. Proofed by myself and Theo.
* Remove commons; inspired by netbsd.jason2003-02-121-2/+2
|
* From Andrushock, s/sucess/success/gmillert2002-12-091-2/+2
|
* Change all variables definitions (int foo) in sys/sys/*.h to variablemiod2002-07-031-6/+6
| | | | declarations (extern int foo), and compensate in the appropriate locations.
* whitespaceitojun2002-06-091-2/+2
|
* respect rmx_mtu (cached PMTUD result) on outbound. deraadt/angelos okitojun2002-05-311-2/+2
|
* Factor out IP fragmentation code into its own function so it can bejasoni2002-05-281-1/+2
| | | | | reused. - ok jason@, dhartmei@
* First round of __P removal in sysmillert2002-03-141-31/+31
|
* allocate tcp reassembly queue via pool; based on netbsd; okay art@ angelos@provos2002-01-241-1/+2
|
* Hardware checksumming stats.angelos2001-06-231-1/+3
|
* Inclusion protection.angelos2001-06-091-2/+6
|
* IP_ENCAPSULATED is deprecated.angelos2001-05-281-2/+1
|
* Remove varargs from ipv4_input; cmetz@ deraadt@ ok.fgsch2001-05-201-2/+2
|
* get rid of dtom(), okay itojun@ angelos@ mickey@ millert@provos2001-05-011-8/+4
|
* drop packets with 127.0.0.0/8 in header field, if the packet is from outside.itojun2001-03-031-1/+2
| | | | | under RFC1122 sender rule 127.0.0.8 must not appear on the wire. count incidents by ipstat.ips_badaddr. sync with kame
* Path MTU discovery based on NetBSD but with the decision to use the DFprovos2000-09-181-1/+6
| | | | | flag delayed to ip_output(). That halves the code and reduces most of the route lookups. okay deraadt@
* Remove the ifdef for IP_ENCAPSULATED.angelos2000-01-021-4/+1
|
* bring in KAME IPv6 code, dated 19991208.itojun1999-12-081-1/+2
| | | | | | | | | replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details. GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
* add fragment flood protection; configureable using sysctl ip.maxqueuederaadt1999-02-171-1/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.