| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
ok deraadt@, naddy@
|
| |
|
|
|
|
| |
when the number of the hash entries reaches 75% of the table size.
ok dlg henning, 'commit in' claudio
|
| |
|
|
|
|
| |
in the pkthdr directly.
ok henning@
|
| |
|
|
|
|
|
| |
now, so there is no need to calculate them before sending them to
userspace.
ok henning@
|
| |
|
|
| |
after discussions with beck deraadt kettenis.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* you can #include <sys/endian.h> instead of <machine/endian.h>,
and ditto <endian.h> (fixes code that pulls in <sys/endian.h> first)
* those will always export the symbols that POSIX specified for
<endian.h>, including the new {be,le}{16,32,64}toh() set. c.f.
http://austingroupbugs.net/view.php?id=162
if __BSD_VISIBLE then you also get the symbols that our <machine/endian.h>
currently exports (ntohs, NTOHS, dlg's bemtoh*, etc)
* when doing POSIX compiles (not __BSD_VISIBLE), then <netinet/in.h> and
<arpa/inet.h> will *stop* exporting the extra symbols like BYTE_ORDER
and betoh*
ok deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
machine and restore the original behavior of RTM_ADD and RTM_DELETE
by always generating one message per locally configured address.
This time, make sure the local route is removed during an address change,
since at least pppoe(4) do some funky magics with wildcard addresses that
might corrupt the routing tree, as found by naddy@
Also do not add a local route if the specified address is 0.0.0.0, to
prevent a tree corruption, as found by guenther@.
Putting this in now so that it gets tested, claudio@ agrees. Please
contact me if you find any route-related regression caused by this
change.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
and let the stack take care of the checksums for reinjected outbound
packets.
Reinjected inbound packets will continue to have their checksums
calculated manually but we can now take advantage of in_proto_cksum_out
and in6_proto_cksum_out to streamline the way their checksums are done.
help from florian@ and henning@, feedback from naddy@
ok florian@ henning@
|
| |
|
|
|
|
|
| |
require the caller to do so. lteo needs that for divert soon, and is in line
with tcp/udp and the general approach that the rest of the stack should not
need to do anything regarding the cksums but setting the "needs it" flag.
ok lteo
|
| |
|
|
|
|
| |
state to the socket pcb. Add an additional assert to narrow down
the panics.
OK henning@
|
| |
|
|
| |
ok henning@ stu@, Yay! weerd@
|
| |
|
|
|
|
|
|
|
| |
unnecessarily allocating an mbuf tag to store the divert port, just pass
the divert port directly to divert_packet() or divert6_packet() as an
argument.
includes a style fix pointed out by bluhm@
ok bluhm@ henning@ reyk@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the various bpf_mtap_* are very similiar, they differ in what (and to some
extent how) they prepend something, and what copy function they pass to
bpf_catchpacket.
use an internal _bpf_mtap as "backend" for bpf_mtap and friends.
extend bpf_mtap_hdr so that it covers all common cases:
if dlen is 0, nothing gets prepended.
copy function can be given, if NULL the default bpf_mcopy is used.
adjust the existing bpf_mtap_hdr users to pass a NULL ptr for the copy fn.
re-implement bpf_mtap_af as simple wrapper for bpf_mtap_hdr.
re-implement bpf_mtap_ether using bpf_map_hdr
re-implement bpf_mtap_pflog as trivial bpf_mtap_hdr wrapper
ok bluhm benno
|
| |
|
|
|
| |
don't need to be married.
ok guenther miod beck jsing kettenis
|
| |
|
|
|
|
| |
mean?
ok deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
an interface. Two other operations are performed when issuing a
SIOCDIFADDR{_IN6,} ioctl: call the address hook and the per-driver
ioctl function.
Since carp(4) relies on an address hook to recalculate its hash, make
sure to call this hook when IFXF_NOINET6 is set or when the rdomain is
changed.
ok henning@, mikeb@
|
| | |
|
| |
|
|
|
| |
Pointed out by Ivan Solonin.
ok henning mpi jca
|
| |
|
|
|
|
| |
it introduces a regression with default routes & p2p interfaces.
Problem reported by naddy@
|
| |
|
|
|
|
|
| |
machine and restore the original behavior of RTM_ADD and RTM_DELETE
by always generating one message per locally configured address.
Tested by krw@, jca@ and florian@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
system.
Yes, this is ugly for the moment because OpenBSD prevents you from
binding a tcp socket to broadcast address and checking for a broadcast
address is... funny! If you've ever wondered why would lead people to
write:
ina.s_addr != ia->ia_addr.sin_addr.s_addr
instead of:
ina.s_addr == ia->ia_broadaddr.sin_addr.s_addr
Well this is because all the IPv4 addresses belonging to your lo(4)
interfaces match the second idiom. Hopefully we'll get rid of this
hack soon.
ok jca@, mikeb@
|
| |
|
|
| |
ok blambert@, mikeb@
|
| |
|
|
|
|
|
| |
system. This function checks for unicast and broadcast addresses, so
there is no need to do two lookups instead of one.
Inputs & ok jca@, ok mikeb@
|
| | |
|
| |
|
|
|
|
|
| |
option, required by the RFC2236, some L3 switches do not examine the
packets.
Based on FreeBSD's r14622 via Florian Riehm on tech@. ok bluhm@, jca@
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
source address selection logic.
These hacks were only relevant for the NFS diskless boot code in order to
pick the local broadcast address of the only configured interface. So, be
explicit and set this address directly.
Tested by florian@, ok henning@, beck@, chrisz@
|
| |
|
|
|
|
| |
local traffic is not optional.
ok mikeb@, stsp@, jca@
|
| |
|
|
|
|
| |
receiving pointer -> index conversion. No functional change.
ok chrisz@, jca@, mikeb@, lteo@
|
| |
|
|
|
|
|
|
|
|
| |
instead of relying on hacks in nd6_rtrequest() to add a route to
loopback for each address configured on such interfaces.
While here document that abusing lo0 for local traffic is not safe
for interfaces in a non-default rdomain.
Tested by claudio@, jca@ and sthen@, ok sthen@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
your IPv4 routes.
mcbride@ says that this function has been introduced in order to be able
to reach the MASTER node from a BACKUP node using the CARP address. The
reasons are:
1) For troubleshooting, so I can ping or otherwise monitor the MASTER
host.
2) In some cases it's undesirable (or even not possible) to run
services on other IP addresses. For example, services that only allow
you to configure 1 listening IP, or services where you wish to avoid
users connecting to anything but the MASTER server.
Sadly this function becames a horrible hack. So if somebody thinks the
reasons explained before justify such logic, feel free to submit a
correct diff.
ok bluhm@, henning@, mikeb@
|
| |
|
|
|
|
|
|
|
|
| |
This function is used only once in our tree to optimize the size of the
MSS if the forward address correspond to a host on one of our subnets,
but only if ip.mutdisc is disable, which is not the default!
While here get rid of the "#ifdef RTV_MTU", it is here.
ok henning@, mikeb@, bluhm@
|
| |
|
|
|
|
|
| |
While there move declaration of divert{,6}_output() to .c as it's a
private function. Also switch first two args to make it more like
similar functions (both suggested by mpi@).
Input/OK mpi@, OK lteo@
|
| |
|
|
|
|
| |
udp6_output().
ok henning@, reyk@, jca@
|
| |
|
|
|
|
| |
ever used to pass on uint32 (for ipsec). stop that madness and just pass
the uint32, 0 in all cases but the two that pass the ipsec flowinfo.
ok deraadt reyk guenther
|
| |
|
|
| |
ok gcc & md5 (alas, no binary change)
|
| |
|
|
|
| |
enough.
remove a define in an #ifdef notdef /* obsolete */ - 14 years are enough
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
carp_rewrite_lladdr to overwrite the src lladdr, get the intended src
lladdr before assembling the ethernet header.
carp_rewrite_lladdr -> carp_get_srclladdr
ok reyk claudio
|
| |
|
|
|
| |
nothing except in_proto_cksum_out() uses it any more, and that's a good
thing. was on tech for 3 months, discussed with many
|
| |
|
|
|
|
|
|
|
|
| |
don't we all love functions implemented in header files? was under #ifdef
_KERNEL at least.
incremental checksum updates don't really make sense any more, this is
incredibly hard to get right, and doesn't fit the way our kernel deals
with the checksums these days. consequently, nothing uses in_cksum_addword
any more.
was on tech for 3 months, tested by & discussed with many.
|
| |
|
|
| |
manually, ok naddy (in january)
|
| |
|
|
|
|
|
|
| |
error code and pass the resulting source address back to the caller
through a pointer, as suggested by chrisz. This gives us more readable
code, and eases the deletion of useless checks in the callers' error path.
Add a bunch of "0 -> NULL" conversions, while here.
ok chrisz@ mpi@
|
| |
|
|
|
|
|
| |
IP_SENDSRCADDR support. This reduces the differences with the
IPv6 version and kill some comments that are no longer true.
ok jca@, chrisz@, mikeb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid the confusion by using an appropriate name for the variable.
Note that since routing domain IDs are a subset of the set of routing
table IDs, the following idiom is correct:
rtableid = rdomain
But to get the routing domain ID corresponding to a given routing table
ID, you must call rtable_l2(9).
claudio@ likes it, ok mikeb@
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
connected routes to prefixes/hosts.
Since the introduction of rt_ifa_addloop(9) and rt_ifa_delloop(9),
rtinit() was just a wrapper, so use the underlying functions
directly and document them.
Inputs from and ok mikeb@, manpage tweaks from jmc@
|
| |
|
|
| |
OK claudio@
|
| |
|
|
|
|
|
|
|
|
|
| |
localhost connections.
The plan is to always use the routing table for addresses and routes
resolutions, so there is no future for an option that wants to bypass
it. This option has never been implemented for IPv6 anyway, so let's
just remove the IPv4 bits that you weren't aware of.
Tested a least by lteo@, guenther@ and chrisz@, ok mikeb@, benno@
|
mpi
yasuoka
lteo
tedu
guenther
henning
bluhm
benno
deraadt
claudio
florian
jca
mikeb
chrisz