| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
ip6_hopopts(). The value is tested and non-zero values could cause a
packet to be discarded.
Initialize the pointed at variable to 0, tweaking variable names and
associated comments.
COVERITY 1453098
ok deraadt@ mpi@
|
| |
|
|
| |
ok benno@ mortimer@
|
| |
|
|
| |
ok semarie@, visa@
|
| |
|
|
|
|
|
|
| |
This redefines the ifp <-> bridge relationship. No lock can be
currently used across the multiples contexts where the bridge has
tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
| |
|
|
|
|
|
|
| |
checksum field is located. During rip6 input and output make sure
that this field is within the packet. The offset my be -1 to disable
the feature, otherwise it must be non-negative and aligned. Do a
stricter check during setsockopt(2).
from FreeBSD; OK claudio@
|
| |
|
|
|
|
| |
calls to m_get/M_GET calls because M_MOVE_PKTHDR() is initialising
the pkthdr and so it is not needed when allocation the header.
OK bluhm@
|
| |
|
|
|
|
| |
m_leadingspace() and m_trailingspace(). Convert all callers to call
directly the functions and remove the defines.
OK krw@, mpi@
|
| |
|
|
|
|
| |
userland.
Inputs from markus@, ok sthen@
|
| |
|
|
|
|
|
|
| |
dropped packets in the output path.
While here fix a memory leak when compression is not needed w/ IPcomp.
ok markus@
|
| |
|
|
| |
OK deraadt@ florian@
|
| |
|
|
|
|
| |
IPv4 we do the same and there are races that triggers it. Increment
the statistics counter for both.
from markus@; OK mpi@
|
| |
|
|
| |
From Raf Czlonka, ok sthen@
|
| |
|
|
|
|
|
| |
The account flag `ASU' will no longer be set but that makes suser()
mpsafe since it no longer mess with a per-process field.
No objection from millert@, ok tedu@, bluhm@
|
| |
|
|
|
|
|
|
|
|
| |
if you need to send an ipv6 packet with ip6_send(), there's no DF
bit in an ipv6 packet and no way to pass the ip6 options to ip6_output
to tell it to not allow fragmentation. this adds an M_IPV6_DF_OUT
"checksum" flag so something creating ipv6 packets a long way from
ip6_output can easily tell it to not allow fragmentation.
grumbling and ok claudio@
|
| |
|
|
|
|
| |
all the callers to call m_freem(9).
Support from deraadt@ and tedu@, ok visa@, bluhm@
|
| |
|
|
|
|
| |
about pfctlinput(PRC_HOSTDEAD).
ok bluhm@
|
| |
|
|
|
|
| |
M_LOOP flag dance in ip6_output().
ok bluhm@, mpi@
|
| |
|
|
|
|
|
|
| |
* don't share mifs (multicast interface) between rdomains
* allow multiple routing sockets connected at the same time if they are
in different rdomains.
ok bluhm@
|
| |
|
|
|
|
|
|
| |
parameter. This makes the ip6_setmoptions() function look more like the
ipv4 version and fixes a problem with IPV6_JOIN_GROUP when no interface
is specified.
ok bluhm@
|
| |
|
|
|
| |
No binary change.
OK mpi@
|
| |
|
|
|
|
| |
*ctloutput functions. This also reduces a level of indentation.
ok mpi@
|
| |
|
|
| |
ok mpi@ bluhm@
|
| |
|
|
|
|
|
|
|
| |
Try to follow the existing examples. Some notes:
- don't implement counters_dec() yet, which could be used in two
similar chunks of code. Let's see if there are more users first.
- stop incrementing IPv6-specific mbuf stats, IPv4 has no equivalent.
Input from mpi@, ok bluhm@ mpi@
|
| |
|
|
|
|
|
|
| |
the netlock held. This also changes the prototypes of the *ctloutput
functions to take an mbuf instead of an mbuf pointer.
help, guidance from bluhm@ and mpi@
ok bluhm@
|
| |
|
|
|
|
| |
canwait as it is unneeded.
ok mpi@
|
| |
|
|
|
|
| |
generating atomic fragments. So remove the code that sends them.
CVE-2016-10142 has been assigned to that issue.
OK visa@ mpi@
|
| |
|
|
|
|
| |
of rtalloc(9).
ok benno@, lteo@
|
| |
|
|
| |
ok bluhm@, kettenis@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
each counter is identified by an enum value which correspond to the
original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual
updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for
now.
ok mpi@ mikeb@ deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to stop abusing lo0 for all rdomains, a new loopback interface
will be created every time a rdomain is created. The unit number will
be the same as the rdomain, i.e. lo1 will be attached to rdomain 1.
If this loopback interface is already in use it wont be possible to create
the corresponding rdomain.
In order to know which lo(4) interface is attached to a rdomain, its index
is stored in the rtable/rdomain map.
This is a long overdue since the introduction of rtable/rdomain. It also
fixes a recent regression due to resetting the rdomain of an incoming
packet reported by semarie@, Andreas Bartelt and Nils Frohberg.
ok claudio@
|
| | |
|
| |
|
|
| |
ok mikeb@ mpi@
|
| |
|
|
| |
ok vgross@ henning@
|
| |
|
|
|
|
|
|
| |
'struct route_in6 *'.
This is another little step towards deprecating 'struct route{,_in6}'
Inputs from and ok bluhm@
|
| | |
|
| |
|
|
| |
ok bluhm@
|
| |
|
|
|
| |
Useful to implement GTSM support in daemons such as bgpd(8). Diff from
2013 revived by renato@. Input from bluhm@, ok bluhm@ deraadt@
|
| |
|
|
|
|
|
|
| |
loop when we worked out that no IPsec is needed which led to a NULL
de-ref on the next iteration.
Fix this by making the code more similar to the IPv4 case.
Found the hard way by me, OK mpi@
|
| |
|
|
|
|
| |
has been moved to nd6_resolve().
ok visa@, millert@, florian@, sthen@
|
| |
|
|
|
|
|
|
| |
This sysctl is a no-op, read-only since it was introduced. There are no
plans to support IPv4-mapped addresses on OpenBSD, thus this sysctl is
meaningless.
Noticed by djm@, ok claudio@ mpi@ sthen@ henning@
|
| |
|
|
|
|
|
|
|
| |
is not intended and will behave unexpectedly if the address is
already used in another domain. It did not work anyway, as the PCB
ended in the wrong hash bucket after changing the rtable. Fail
with EBUSY if the socket is already bound and rehash the PCB if its
rtable changes.
input claudio@; OK mpi@
|
| | |
|
| |
|
|
|
|
| |
an interface joined a specific multicast group.
ok phessler@, visa@, dlg@
|
| |
|
|
| |
ok mikeb@, bluhm@
|
| | |
|
| |
|
|
|
|
| |
for failed route lookups. This is something that was maybe useful in the
90is but in this modern times it is just annoying and nothing expect it
anyway. OK mpi@, sthen@
|
| |
|
|
|
|
|
| |
While here fix a NULL dereference introduced by the support for
multiple rdomains. It seems that this code path is never run...
With input from David Hill, ok florian@
|
| |
|
|
|
|
|
|
| |
descriptor.
Allow to get rid of two if_ref() in the output paths.
ok dlg@
|
| |
|
|
|
|
| |
Found by LLVM/Clang Static Analyzer.
ok bluhm@ mpi@
|
| |
|
|
|
|
| |
IP options or if an IPv6 packet contains header extensions.
Required by cnmac(4) and a sensible precautionary measure in general.
ok visa@, mikeb@
|
krw
nayden
mpi
bluhm
claudio
dhill
dlg
rzalamena
jca
tedu
florian
markus
chl
naddy