Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
46,194 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

498 Commits

Author SHA1 Message Date
mrg 2f2fd097ef remove this insanity. appeared with ipfilter 3.2.10... 1998-12-11 23:47:16 +00:00
drochner 914642e439 correction to the previous: protect against _LKM too 
pointed out by Todd Whitesel <toddpw@best.com>
 1998-12-11 11:57:33 +00:00
drochner 36b809fed6 correcton tp previous: don't try to include kernel option headers in 
userland
fixes PR kern/6561 (Takahiro Kambe)
 1998-12-11 09:15:42 +00:00
christos ce96f9960a defopt IPFILTER_LOG 1998-12-10 15:50:59 +00:00
christos c7578c510a defopt 1998-12-10 11:01:01 +00:00
mrg a94214bdd0 add a patch from darren reed, to make ipfilter use our cksum routine. 1998-11-26 12:21:47 +00:00
sommerfe 0cdf66e377 Fragments should start with a header mbuf allocated by MGETHDR() 1998-11-25 21:13:58 +00:00
mrg 4dd9bebb58 add two more prototypes. noted missing by mjacob. 1998-11-22 23:30:36 +00:00
mrg 78db9d7d95 merge ipf 3.2.10 1998-11-22 15:17:18 +00:00
lukem 0cd1643609 if INADDR_ANY is given in in_pcbconnect(), choose the ia_addr of the first 
interface, not the ia_broadaddr.  should fix [standards/5645] and [kern/6425]
 1998-11-16 05:47:19 +00:00
drochner 1658ac64a8 fix the previous: "securelevel" in kernel only 1998-11-15 17:36:19 +00:00
tls da1c106b85 In 'highly secure' mode (securelevel >= 2), the filter lists may not be tampered with. It might be desirable to allow enabling of preset filter lists, but it seems too good a candidate for a denial-of-service attack, so we don't. 1998-11-14 07:42:37 +00:00
lukem cc41dfe747 simplify test in in_pcbbind() for setting wild=1; no need to check if 
((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 ||
	(so->so_options & SO_ACCEPTCONN) == 0)
since the latter is always true, so the former test in unnecessary.
from `TCP/IP Illustrated, Volume 2', W. Richard Stevens, p 730.
 1998-11-13 10:50:10 +00:00
thorpej 0e3a0a7f80 Once a fragmented IP packet has been reassembled, recompute the packet 
length before passing it up the stack.  From FreeBSD.
 1998-11-13 03:24:22 +00:00
ws ede30e2813 Fix a buglet when looking up an interface for multicast: 
Zero out the routing structure before calling the route lookup code
in order to correctly match addresses.
 1998-10-26 17:31:01 +00:00
matt 3ad026ac87 vax -> __vax__ (and mips to __mips__ in ultrix_misc.c) 1998-10-20 01:46:27 +00:00
kim cd7e3136ad Use ETHERTYPE_ATALK instead of ETHERTYPE_AT. The former seems more common. 
Our other constants also use "ATALK".

Added many new ETHERTYPE constants to sys/net/ethertypes.h, including the
ones from libpcap and tcpdump "ethertype.h" files.
 1998-10-13 02:34:31 +00:00
thorpej 14f5ac9081 Use the pool allocator for ipflow entries. 1998-10-08 01:41:45 +00:00
thorpej 974aa74abd Use the pool allocator for ipqent structures. 1998-10-08 01:19:25 +00:00
thorpej 588ccb2d75 Fix some typos in comments, and clean up some whitespace. 1998-10-07 23:33:02 +00:00
thorpej 6cfb33b4e4 Use the pool allocator for the tcpcb's TCP/IP header template. 1998-10-07 23:20:03 +00:00
matt bf4e491879 Fix boolean dyslexic test. Duh! 1998-10-06 00:41:13 +00:00
matt 8e8f38e0f2 Add a sysctl for newreno (default to off). 1998-10-06 00:20:44 +00:00
lukem a1ea50ee45 * in_pcblookup_port(): deprecate INPLOOKUP_WILDCARD and flags in favour 
of a lookup_wildcard arg; simplifies the logic a bit.
* when assigning ephemeral ports in in_pcbbind(), always call
  in_pcblookup_port() with lookup_wildcard=1, so that ephemeral port
  allocation on sockets with SO_REUSEADDR set won't potentially bind to a
  port in use by something else (principle of least surprise).
 1998-10-05 14:33:14 +00:00
matt 25054b5cf7 Adapt the NEWRENO changes from the UCSB diffs of BSDI 3.0's TCP 
to NetBSD.  Ignore the SACK & FACK stuff for now.
 1998-10-04 21:33:52 +00:00
kleink c68106edad Use #error instead of causing a parse error. 1998-10-02 21:21:04 +00:00
drochner 5ddf423985 print reason for arplookup() failure (ala FreeBSD) 1998-10-01 11:04:24 +00:00
tls c4730d65cf Switch order of TNF and UCB copyrights so UCB copyright is first; this seems more appropriate since UCB wrote the original code, after all. 1998-09-30 21:52:24 +00:00
hwr eaccb9cd8d Start supporting IPPROTO_MOBILE (55) encapsulation. This is yet 
another tunneling protocol used by the Mobile-IP people. See RFC 2004
for this.
 1998-09-30 05:59:27 +00:00
christos e74ca32804 SIOCGIFALIAS should not be restricted to the superuser. 1998-09-28 12:32:43 +00:00
mycroft 4a000a54e6 Fix a typo (not mine) in a comment. 1998-09-19 04:34:34 +00:00
mycroft 04ef3bf88d If we're in LISTEN state and all of RST, SYN and ACK are clear, send a RST. 1998-09-19 04:32:51 +00:00
mycroft 31347e4671 Always send a 0 window with a RST. Suggested by Darren Reed. 1998-09-19 04:02:52 +00:00
hwr cf70cc28c7 Typo. :( 1998-09-14 21:15:56 +00:00
hwr 517139017e Some additions. 
And IDPR-CMTP is 38 not 39 according to IANA.
 1998-09-14 21:09:51 +00:00
hwr 366b9c4515 Add a gre tunnel pseudo network device. Gre = generic route encapsulation. 
This device shows up like any other network interface and can be used to
tunnel L3 protocols as e.g. IP over IP.
 1998-09-13 20:27:47 +00:00
christos 66dd35d72c Fix copyright spacing and 'Van' -> 'van' for consistency. 1998-09-13 15:45:40 +00:00
tv 235fc6a6a9 egcs {brace} warning fix 1998-09-10 19:53:28 +00:00
mouse b95116821c Create tcp.keepidle, tcp.keepintvl, tcp.keepcnt, tcp.slowhz sysctls. 1998-09-10 10:46:03 +00:00
thorpej 9fd57e8917 Make a diagnostic printf more sensible, PR #5951, Heiko W. Rupp. 1998-09-09 04:57:18 +00:00
thorpej 4dbfe05f1f Use an algorithm similar to that in tcp_notify() to determine if 
syn_cache_unreach() should remove the entry, or just continue on.

Algorithm is to only remove the entry if we've had more than one unreach
error and have retransmitted 3 or more times.  This prevents the following
scenario, as noted in PR #5909 (PR from Ty Sarna, scenario from
Charles Hannum):

	* Host A sends a SYN.
	* Host A retransmits the SYN.
	* Host B gets the first SYN and sends a SYN-ACK.
	* Host B gets the second SYN and sends a SYN-ACK.
	* One of the SYN-ACK bounces with an
	  ICMP unreachable, causing the `SYN cache' entry to be
	  removed with no notification.
	* Host A receives the other SYN-ACK, sends an ACK, and goes to
	  ESTABLISHED state.

Should fix PR #5909.
 1998-09-09 01:32:27 +00:00
christos 0f024deb52 Add SIOCGIFALIAS 1998-09-06 17:52:01 +00:00
kleink bb4f7768e4 Protect _XOPEN_SOURCE against sysctl MIB identifiers. 1998-09-05 19:03:25 +00:00
mycroft e2cb6dad8d Make the randomized part of the ISS 24 bits. 1998-09-04 22:34:51 +00:00
mycroft 2f501074f8 Fix a couple of bogons related to tcp_new_iss(): 
* Don't add tcp_iss_seq when creating a new ISS from TIME-WAIT state.
* Do the clock increment even when using the rnd device.
 1998-09-04 22:29:54 +00:00
scottr e3e7e1673f Fix the NEXT_IA_WITH_SAME_ADDR macro introduced in 1.27: it was finding 
the first in_ifaddr structure with a different internet address!  Reverse
the sense of the test.  Spotted by and fix from Eric Haszlakiewicz.
 1998-08-14 06:57:54 +00:00
mrg 4a75265273 defopt PFIL_HOOKS. 1998-08-09 08:58:18 +00:00
thorpej 833061914a Use the pool allocator for tcpcbs. 1998-08-02 00:36:19 +00:00
thorpej d319e4b419 Use the pool allocator for syn_cache entries. 1998-08-02 00:35:51 +00:00
thorpej 47e9dcf841 Use the pool allocator for inpcbs. 1998-08-02 00:35:31 +00:00