| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
| |
to pass the destination address of the route to clone.
ok markus@, mikeb@
|
| |
|
|
|
|
|
|
|
|
|
| |
behaves as if SO_KEEPALIVE was set on all TCP sockets, forcing keepalives
to be sent every net.inet.tcp.keepidle half-seconds.
In conjunction with a keepidle value greatly reduced from the default,
this can be useful for keeping sessions open if you are stuck on a network
with short NAT or firewall timeouts.
Feedback from various people, ok henning@ claudio@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
and make it possible to bind sockets (including listening sockets!)
to rtables and not just rdomains. This changes the name of the
system calls, socket option, and ioctl. After building with this
you should remove the files /usr/share/man/cat2/[gs]etrdomain.0.
Since this removes the existing [gs]etrdomain() system calls, the
libc major is bumped.
Written by claudio@, criticized^Wcritiqued by me
|
| |
|
|
|
|
|
|
| |
needed so that the route and inp lookups done in TCP and UDP know where
to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain
argument as well for similar reasons. With this tcp seems to be now
fully rdomain save and no longer leaks single packets into the main domain.
Looks good markus@, henning@
|
| |
|
|
|
|
|
|
|
| |
alternate routing table and separate them from other interfaces in distinct
routing tables. The same network can now be used in any doamin at the same
time without causing conflicts.
This diff is mostly mechanical and adds the necessary rdomain checks accross
net and netinet. L2 and IPv4 are mostly covered still missing pf and IPv6.
input and tested by jsg@, phessler@ and reyk@. "put it in" deraadt@
|
| |
|
|
| |
relying on the mbuf chain layout; with claudio@ and krw@; ok henning@
|
| |
|
|
| |
ok millert
|
| |
|
|
|
|
| |
MGET* macros were changed to function calls, there wasn't any
need for the pool declarations and the inclusion of pool.h
From: tbert <bret.lambert@gmail.com>
|
| |
|
|
|
|
|
| |
code and replace both with a RFC1948 based method, so TCP clients
now have monotonic ISN/timestamps. The server side uses completely
random ISN/timestamps and does time-wait recycling (on port reuse).
ok djm@, mcbride@; thanks to lots of testers
|
| | |
|
| |
|
|
|
|
|
| |
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
i.e. don't act on ICMP-need-frag immediately if adhoc checks on the
advertised mtu fail. the mtu update is delayed until a tcp retransmit
happens. initial patch by Fernando Gont, tested by many.
|
| | |
|
| |
|
|
|
|
| |
1) add a reaper for TCP and SYN cache states (cf. netbsd pr 20390)
2) additional check for TCP_TIMER_ISARMED(TCPT_REXMT) in tcp_timer_persist()
with mickey@; ok deraadt@
|
| | |
|
| |
|
|
| |
rescinded 22 July 1999. Proofed by myself and Theo.
|
| |
|
|
| |
ok jason@
|
| |
|
|
|
|
|
|
| |
this part of falling back to non-ecn on timeout slipped during
merge from KAME.
ok @art
report to bugs@ by Han Boetes and Otto Moerbeek
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
it consists of
- ECN support in TCP
- tunnel-egress and fragment reassembly rules in layer-3 not to lose
congestion info at tunnel-egress and fragment reassembly
to enable ECN in TCP, build a kernel with TCP_ECN, and then,
turn it on by "sysctl -w net.inet.tcp.ecn=1".
ok deraadt@
|
| |
|
|
| |
tcp connections during tcp_slowtimo. apdapted from thorpej@netbsd.org
|
| |
|
|
| |
adapated from netbsd. okay angelos@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
armin@wolfermann.org
- set the persist timer so that connections in CLOSING state timeout
- honor keep-alive timer in CLOSING state.
Fixes the problem in simulaneous close situation where connections
would never leave the CLOSING state and stay arround indefinitly.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
flag delayed to ip_output(). That halves the code and reduces most of
the route lookups. okay deraadt@
|
| |
|
|
| |
SACK is disabled for the connection or via sysctl
|
| |
|
|
|
|
|
|
|
|
| |
Adapted from NetBSD:
Fix a retransmission bug introduced by the Brakmo and Peterson
RTO estimation changes. Under some circumstances it would
return a value of 0, while the old Van Jacobson RTO code would
return a minimum of 3. This would result in 12 retransmissions,
each 1 second apart. This takes care of those instances, and
ensures that t_rttmin is used everywhere as a lower bound.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
protocols.
"struct tcpiphdr" is now gone from much of the code, as are separate pointers
for ti and ti6. The result is fewer variables, which is generally a good thing.
Simple if(is_ipv6) ... else ... tests are gone in favor of a
switch(protocol family), which allows future new protocols to be added easily.
This also makes it possible for someone so inclined to re-implement TUBA (TCP
over CLNP?) and do it right instead of the kluged way it was done in 4.4.
The TCP header template is now referenced through a mbuf rather than done
through a data pointer and dtom()ed as needed. This is partly because dtom() is
evil and partly because max_linkhdr + IPv6 + TCP + MSS/TS/SACK opts won't fit
inside a packet header mbuf, so we need to grab a cluster for that (which the
code now does, if needed).
|
| |
|
|
|
|
|
|
|
|
| |
Fixed a sequence wraparound bug in the snd_recover variable discovered in
very large (multiple GByte) transfers (in loss free conditions, snd_recover
was not sufficiently tracking snd_una). Thanks to Mark Smith for finding
this.
Fixed a bug in tcp_newreno that was preventing retransmission of data due
to partial acks. (Discovered by Jayanth Vijayaraghavan)
|
| |
|
|
|
|
|
| |
already been cleared of the acked data, though it was called before any
sbdrop() call and always called tcp_output() with 0 index in the send
socket buffer and thus causing data corruption. so do not set snd_una to
th_ack.
|
| | |
|
| |
|
|
|
|
|
|
| |
by Hari Balakrishnan (hari@lcs.mit.edu), Tom Henderson (tomh@cs.berkeley.edu)
and Venkat Padmanabhan (padmanab@cs.berkeley.edu) as part of the
Daedalus research group at the University of California,
(http://daedalus.cs.berkeley.edu). [I was able to do this on time spent
at the Center for Information Technology Integration (citi.umich.edu)]
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
mpi
sthen
guenther
claudio
markus
deraadt
henning
miod
espie
itojun
millert
tedu
kjc
provos
angelos
hugh
cmetz
tholo
niklas