NetBSD/sys/netinet/Makefile

#	$NetBSD: Makefile,v 1.19 2007/10/05 03:28:13 dyoung Exp $

INCSDIR= /usr/include/netinet

INCS=	icmp6.h icmp_var.h if_atm.h if_ether.h if_inarp.h igmp.h \
	igmp_var.h in.h in_gif.h in_pcb.h in_pcb_hdr.h \
	in_selsrc.h in_systm.h \
	in_var.h ip.h ip_carp.h ip6.h ip_ecn.h ip_encap.h \
	ip_icmp.h ip_mroute.h ip_var.h pim.h pim_var.h \
	tcp.h tcp_debug.h tcp_fsm.h tcp_seq.h tcp_timer.h tcp_var.h \
	tcpip.h udp.h udp_var.h

# ipfilter headers
# XXX shouldn't be here
.include <bsd.own.mk>

INCS+=	ip_compat.h	# always needed by kdump(1)

.if (${MKIPFILTER} != "no")
INCS+=	ip_auth.h ip_fil.h ip_frag.h ip_htable.h ip_nat.h \
	ip_lookup.h ip_pool.h ip_proxy.h ip_scan.h ip_state.h ip_sync.h \
	ipl.h
.endif

.include <bsd.kinc.mk>

.PATH: ${NETBSDSRCDIR}/sys/dist/ipf/netinet
Work in progress: use a raw socket for GRE in IP encapsulation instead of adding/subtracting our own IPv4 header. There are many benefits: gre(4) needn't grok the outer encapsulation header any longer, so this simplifies the gre(4) code. The IP stack needn't grok GRE, so it is simplified, too. gre(4) will benefit from optimizations in the socket code. Eventually, gre(4) will gain an IPv6 encapsulation with very few new lines of code. There is a small performance loss. A 133 MHz, 486-class AMD Elan sinks/sources a TCP stream over GRE with about 93% the throughput of the old code. TCP throughput on a 266 MHz, 586-class AMD Geode is about 96% the throughput of the old code. A 175-MHz ADM5120 (MIPS) only sinks a TCP stream over GRE at about 90% of the old code; I am still investigating that. I produced stripped-down versions of sosend() and soreceive() for gre(4) to use. They are guaranteed not to block, so they can be called from a software interrupt and from a socket upcall, respectively. A kernel thread is no longer necessary for socket transmit/receive, but I didn't get around to removing it, yet. Thanks to Matt Thomas for suggesting the use of stripped-down socket code and software interrupts, and to Andrew Doran for advice and answers concerning software interrupts, threads, and performance. 2007-10-05 07:28:12 +04:00			`# $NetBSD: Makefile,v 1.19 2007/10/05 03:28:13 dyoung Exp $`
Rework the way kernel include files are installed. In the new method, as with user-land programs, include files are installed by each directory in the tree that has includes to install. (This allows more flexibility as to what gets installed, makes 'partial installs' easier, and gives us more options as to which machines' includes get installed at any given time.) The old SYS_INCLUDES={symlinks,copies} behaviours are _both_ still supported, though at least one bug in the 'symlinks' case is fixed by this change. Include files can't be build before installation, so directories that have includes as targets (e.g. dev/pci) have to move those targets into a different Makefile. 1998-06-13 03:22:30 +04:00
			`INCSDIR= /usr/include/netinet`

Move ipf to sys/dist/ipf; Note that I followed the pattern used for pf. I think though that the files.ipfilter and Makefile glue should go to the dist directory, not like it is done now. 2004-10-01 19:24:45 +04:00			`INCS= icmp6.h icmp_var.h if_atm.h if_ether.h if_inarp.h igmp.h \`
Here are various changes designed to protect against bad IPv4 routing caused by stale route caches (struct route). Route caches are sprinkled throughout PCBs, the IP fast-forwarding table, and IP tunnel interfaces (gre, gif, stf). Stale IPv6 and ISO route caches will be treated by separate patches. Thank you to Christoph Badura for suggesting the general approach to invalidating route caches that I take here. Here are the details: Add hooks to struct domain for tracking and for invalidating each domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall. Introduce helper subroutines, rtflush(ro) for invalidating a route cache, rtflushall(family) for invalidating all route caches in a routing domain, and rtcache(ro) for notifying the domain of a new cached route. Chain together all IPv4 route caches where ro_rt != NULL. Provide in_rtcache() for adding a route to the chain. Provide in_rtflush() and in_rtflushall() for invalidating IPv4 route caches. In in_rtflush(), set ro_rt to NULL, and remove the route from the chain. In in_rtflushall(), walk the chain and remove every route cache. In rtrequest1(), call rtflushall() to invalidate route caches when a route is added. In gif(4), discard the workaround for stale caches that involves expiring them every so often. Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a call to rtflush(ro). Update ipflow_fastforward() and all other users of route caches so that they expect a cached route, ro->ro_rt, to turn to NULL. Take care when moving a 'struct route' to rtflush() the source and to rtcache() the destination. In domain initializers, use .dom_xxx tags. KNF here and there. 2006-12-09 08:33:04 +03:00			`igmp_var.h in.h in_gif.h in_pcb.h in_pcb_hdr.h \`
			`in_selsrc.h in_systm.h \`
Work in progress: use a raw socket for GRE in IP encapsulation instead of adding/subtracting our own IPv4 header. There are many benefits: gre(4) needn't grok the outer encapsulation header any longer, so this simplifies the gre(4) code. The IP stack needn't grok GRE, so it is simplified, too. gre(4) will benefit from optimizations in the socket code. Eventually, gre(4) will gain an IPv6 encapsulation with very few new lines of code. There is a small performance loss. A 133 MHz, 486-class AMD Elan sinks/sources a TCP stream over GRE with about 93% the throughput of the old code. TCP throughput on a 266 MHz, 586-class AMD Geode is about 96% the throughput of the old code. A 175-MHz ADM5120 (MIPS) only sinks a TCP stream over GRE at about 90% of the old code; I am still investigating that. I produced stripped-down versions of sosend() and soreceive() for gre(4) to use. They are guaranteed not to block, so they can be called from a software interrupt and from a socket upcall, respectively. A kernel thread is no longer necessary for socket transmit/receive, but I didn't get around to removing it, yet. Thanks to Matt Thomas for suggesting the use of stripped-down socket code and software interrupts, and to Andrew Doran for advice and answers concerning software interrupts, threads, and performance. 2007-10-05 07:28:12 +04:00			`in_var.h ip.h ip_carp.h ip6.h ip_ecn.h ip_encap.h \`
Move ipl.h into the ipfilter block, which is the right place. 2005-07-09 18:15:11 +04:00			`ip_icmp.h ip_mroute.h ip_var.h pim.h pim_var.h \`
Move ipf to sys/dist/ipf; Note that I followed the pattern used for pf. I think though that the files.ipfilter and Makefile glue should go to the dist directory, not like it is done now. 2004-10-01 19:24:45 +04:00			`tcp.h tcp_debug.h tcp_fsm.h tcp_seq.h tcp_timer.h tcp_var.h \`
Rework the way kernel include files are installed. In the new method, as with user-land programs, include files are installed by each directory in the tree that has includes to install. (This allows more flexibility as to what gets installed, makes 'partial installs' easier, and gives us more options as to which machines' includes get installed at any given time.) The old SYS_INCLUDES={symlinks,copies} behaviours are _both_ still supported, though at least one bug in the 'symlinks' case is fixed by this change. Include files can't be build before installation, so directories that have includes as targets (e.g. dev/pci) have to move those targets into a different Makefile. 1998-06-13 03:22:30 +04:00			`tcpip.h udp.h udp_var.h`

move ipf headers and add a comment. 2004-10-05 08:55:48 +04:00			`# ipfilter headers`
			`# XXX shouldn't be here`
Add MKIPFILTER; if set to no, don't build and install the ipf(4) programs, headers and LKM. Add MKPF; if set to no, don't build and install the pf(4) programs, headers, LKM and spamd. Both options default to yes, so nothing changed in the default build. Reviewed by lukem. 2005-02-22 17:39:58 +03:00			`.include <bsd.own.mk>`

			`INCS+= ip_compat.h # always needed by kdump(1)`

			`.if (${MKIPFILTER} != "no")`
			`INCS+= ip_auth.h ip_fil.h ip_frag.h ip_htable.h ip_nat.h \`
Move ipl.h into the ipfilter block, which is the right place. 2005-07-09 18:15:11 +04:00			`ip_lookup.h ip_pool.h ip_proxy.h ip_scan.h ip_state.h ip_sync.h \`
			`ipl.h`
Add MKIPFILTER; if set to no, don't build and install the ipf(4) programs, headers and LKM. Add MKPF; if set to no, don't build and install the pf(4) programs, headers, LKM and spamd. Both options default to yes, so nothing changed in the default build. Reviewed by lukem. 2005-02-22 17:39:58 +03:00			`.endif`
Move ipf to sys/dist/ipf; Note that I followed the pattern used for pf. I think though that the files.ipfilter and Makefile glue should go to the dist directory, not like it is done now. 2004-10-01 19:24:45 +04:00
Rework the way kernel include files are installed. In the new method, as with user-land programs, include files are installed by each directory in the tree that has includes to install. (This allows more flexibility as to what gets installed, makes 'partial installs' easier, and gives us more options as to which machines' includes get installed at any given time.) The old SYS_INCLUDES={symlinks,copies} behaviours are _both_ still supported, though at least one bug in the 'symlinks' case is fixed by this change. Include files can't be build before installation, so directories that have includes as targets (e.g. dev/pci) have to move those targets into a different Makefile. 1998-06-13 03:22:30 +04:00			`.include <bsd.kinc.mk>`
Move ipf to sys/dist/ipf; Note that I followed the pattern used for pf. I think though that the files.ipfilter and Makefile glue should go to the dist directory, not like it is done now. 2004-10-01 19:24:45 +04:00
			`.PATH: ${NETBSDSRCDIR}/sys/dist/ipf/netinet`