Commit Graph

53 Commits

Author SHA1 Message Date
thorpej bf2dcec4f5 Remove the use of splimp() from the NetBSD kernel. splnet()
and only splnet() is allowed for the protection of data structures
used by network devices.
2001-04-13 23:29:55 +00:00
itojun 617b3fab7e - record IPsec packet history into m_aux structure.
- let ipfilter look at wire-format packet only (not the decapsulated ones),
  so that VPN setting can work with NAT/ipfilter settings.
sync with kame.

TODO: use header history for stricter inbound validation
2001-01-24 09:04:15 +00:00
ad 642267bcc7 Update for hashinit() change. 2000-11-08 14:28:12 +00:00
itojun 3909133548 introduce sys/netinet/ip_encap.c, to dispatch inbound packets
to protocol handlers, based on src/dst (for ip proto #4/41).
see comment in ip_encap.c for details of the problem we have.
there are too many protocol specs for ip proto #4/41.
backward compatibility with MROUTING case is now provided in ip_encap.c.

fix ipip to work with gif (using ip_encap.c).  sorry for breakage.

gif now uses ip_encap.c.

introduce stf pseudo interface (implements 6to4, another IPv6-over-IPv4 code
with ip proto #41).
2000-04-19 06:30:51 +00:00
chs e34eb900c0 remove an LBL ifdef that we can't turn on anyway. 2000-04-16 20:59:49 +00:00
augustss 8529438fe6 Remove register declarations. 2000-03-30 12:51:13 +00:00
thorpej fc96443d15 New callout mechanism with two major improvements over the old
timeout()/untimeout() API:
- Clients supply callout handle storage, thus eliminating problems of
  resource allocation.
- Insertion and removal of callouts is constant time, important as
  this facility is used quite a lot in the kernel.

The old timeout()/untimeout() API has been removed from the kernel.
2000-03-23 07:01:25 +00:00
itojun 04ac848d6f introduce m->m_pkthdr.aux to hold random data which needs to be passed
between protocol handlers.

ipsec socket pointers, ipsec decryption/auth information, tunnel
decapsulation information are in my mind - there can be several other usage.
at this moment, we use this for ipsec socket pointer passing.  this will
avoid reuse of m->m_pkthdr.rcvif in ipsec code.

due to the change, MHLEN will be decreased by sizeof(void *) - for example,
for i386, MHLEN was 100 bytes, but is now 96 bytes.
we may want to increase MSIZE from 128 to 256 for some of our architectures.

take caution if you use it for keeping some data item for long period
of time - use extra caution on M_PREPEND() or m_adj(), as they may result
in loss of m->m_pkthdr.aux pointer (and mbuf leak).

this will bump kernel version.

(as discussed in tech-net, tested in kame tree)
2000-03-01 12:49:27 +00:00
thorpej 3b5706e2e5 Fix a couple of whitespace glitches. 2000-02-01 00:07:50 +00:00
thorpej f9a7668b3f defopt IPSEC and IPSEC_ESP (both into opt_ipsec.h). 1999-07-09 22:57:15 +00:00
itojun 118d2b1d4f IPv6 kernel code, based on KAME/NetBSD 1.4, SNAP kit 19990628.
(Sorry for a big commit, I can't separate this into several pieces...)
Pls check sys/netinet6/TODO and sys/netinet6/IMPLEMENTATION for details.

- sys/kern: do not assume single mbuf, accept chained mbuf on passing
  data from userland to kernel (or other way round).
- "midway" ATM card: ATM PVC pseudo device support, like those done in ALTQ
  package (ftp://ftp.csl.sony.co.jp/pub/kjc/).
- sys/netinet/tcp*: IPv4/v6 dual stack tcp support.
- sys/netinet/{ip6,icmp6}.h, sys/net/pfkeyv2.h: IETF document assumes those
  file to be there so we patch it up.
- sys/netinet: IPsec additions are here and there.
- sys/netinet6/*: most of IPv6 code sits here.
- sys/netkey: IPsec key management code
- dev/pci/pcidevs: regen

In my understanding no code here is subject to export control so it
should be safe.
1999-07-01 08:12:45 +00:00
nathanw 9c6754cd69 Alpha printf format fixes.
Closes PR kern/7258.
1999-03-27 21:47:59 +00:00
marc 5f688e6632 remove gre_softc declaration; the symbol is no longer used in this
file.
1999-02-02 07:10:45 +00:00
mycroft 5e373d307f Clear mfchashtbl after it's deallocated, to kill a stray pointer. Fixes PR
5400.
1999-02-01 15:09:46 +00:00
thorpej 9508f259bf Adjust for the new IP-IP input path. mrt_ipip_input() is called from
ipip_input(), and returns non-zero if mrt_ipip_input() handled the
packet.

XXX Eventually, the multicast code should probably use regular IP-IP
XXX `interfaces', but mrouted knows about the VIF table, etc.
1999-01-11 21:31:03 +00:00
thorpej 5f69dedb2c ipip_input() -> mrt_ipip_input(). 1998-12-22 02:51:32 +00:00
hwr 366b9c4515 Add a gre tunnel pseudo network device. Gre = generic route encapsulation.
This device shows up like any other network interface and can be used to
tunnel L3 protocols as e.g. IP over IP.
1998-09-13 20:27:47 +00:00
chs f64abc7b4c add flags arg to hashinit(), to pass to malloc(). 1998-02-07 02:44:44 +00:00
mycroft e76ba36231 Make sure we install the route returned by the upcall before trying to
forward any queued packets.  From Bill Fenner, via Brad Karp.
1997-08-14 06:42:33 +00:00
christos 5545959d0b backout previous kprintf changes 1996-10-13 02:03:00 +00:00
christos 6d7ad25bea printf -> kprintf, sprintf -> ksprintf 1996-10-10 23:12:43 +00:00
mrg 4b851a2d9b remove an unused variable. 1996-09-14 12:35:07 +00:00
mycroft 9bb1acd303 Rework the token bucket filter to use a list of packets rather than a static
array.  Also, fix several memory leaks.  From Bill Fenner.
1996-09-09 17:14:04 +00:00
mycroft 23437fc3d2 Cosmetic changes, some from Bill Fenner. 1996-09-09 17:09:50 +00:00
mycroft 62a6cce9ca Add in_nullhost() and in_hosteq() macros, to hide some protocol
details.  Also, fix a bug in TCP wrt SYN+URG packets.
1996-09-09 14:51:07 +00:00
mycroft 865bfae299 Return ENOPROTOOPT rather than picking pseudo-random error values.
Don't allow SIOCGET{VIF,SG}CNT from sockets other than the multicast router.
Restructure rip_ctloutput() like ip_ctloutput(), and fix memory leaks.
1996-06-23 12:12:44 +00:00
thorpej 4edabe2501 Changed struct ifnet to have a pointer to the softc of the underlying
device and a printable "external name" (name + unit number), thus eliminating
if_name and if_unit.  Updated interface to (*if_watchdog)() and (*if_reset)()
to take a struct ifnet *, rather than a unit number.
1996-05-07 02:40:22 +00:00
christos 2769793c13 Fix printf format args. 1996-03-16 23:53:58 +00:00
christos 14d9cd33af netinet prototypes 1996-02-13 23:40:59 +00:00
mycroft 5482957905 splnet --> splsoftnet 1995-08-12 23:59:09 +00:00
mycroft c88cf97b34 Clear the MFC entry's statistical counters when doing an upcall. 1995-06-12 03:05:12 +00:00
mycroft 4906fd756f Simplify ipip_input() a bit. Don't blow away the vif cache if someone sends
us a bogus packet.
1995-06-04 07:38:19 +00:00
mycroft e30d6fd798 Simply tbf_control() a bit. 1995-06-04 07:20:47 +00:00
mycroft b8c4ea6580 Eliminate compiler warnings. 1995-06-04 06:55:30 +00:00
mycroft e201372b7d For consistency, set sin_len for SIOC{ADD,DEL}MULTI. 1995-06-04 06:46:05 +00:00
mycroft 0a99592372 Clean up many more casts. 1995-06-04 05:06:49 +00:00
mycroft 489f42a2d8 Dynamically allocate the deencapsulation interfaces. Abstract the code to
reset a vif into a separate function.
1995-06-02 04:23:05 +00:00
mycroft eb216fd6c2 Avoid byte-swapping IP addresses at run time. 1995-06-01 21:35:34 +00:00
mycroft ba9883ec57 Integrate multicast 3.5 distribution, with several bugs fixed and general
cleanup.  This is a (working) snapshot of work in progress.
1995-05-31 21:50:34 +00:00
cgd b5b72d26ea be a bit more careful and explicit with types. (basically a large no-op.) 1995-04-13 06:25:36 +00:00
cgd cf92afd66e New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD' 1994-06-29 06:29:24 +00:00
brezak 669769d3e0 Update to version 2 mrouting; from pre-4.4lite NetBSD + 4.4 mods 1994-06-09 16:01:53 +00:00
mycroft f130f244e7 Remove a spurious splx(). 1994-06-04 08:29:51 +00:00
mycroft 07b4f2ab54 Update to 4.4-Lite networking code, with a few local changes. 1994-05-13 06:02:48 +00:00
mycroft 252495f006 Format police. 1994-02-10 18:46:04 +00:00
mycroft bf98a55f37 Deprecate af.h. 1994-02-10 17:25:03 +00:00
brezak 8243f1bb37 Fix some cases of NOT dealing with m_pkthdr's. This code is still suspect though, at least this fixes some panics. 1994-01-29 11:57:45 +00:00
brezak 17ea2355b4 Fix some prototype detected warnings/errors. 1994-01-18 03:26:53 +00:00
brezak 38253dddb8 Patch for ip-multicast bugs from mccanne@ee.lbl.gov (Steven McCanne) 1994-01-18 02:36:53 +00:00
mycroft b79490fcca Should compile now with or without `options MULTICAST'. 1994-01-10 20:14:14 +00:00