drochner
e1e8770b32
Give DAD a chance to succeed even if the network is "slightly broken"
...
(in my case it as a switch set to "monitor" mode):
If we see an NS request for the address we are just probing for, for
three times the number of DAD packets we are supposed to send (the
"ip6.dad_count" sysctl variable), assume that these are our own packets
and let DAD succeed.
The code for this was mostly there, commented out. Just needed some fixes.
The "three times" is heuristic of course.
Being here, reset the "dad_ns_tcount" variable on a successful send;
otherwise we get strange interdependencies with user-settable variables
(ever tried to set ip6.dad_count to something >15?).
2005-02-02 20:56:27 +00:00
drochner
dc86361844
remove the unused in6_ifindex2scopeid()
...
if at all, it works with site-local addresses whose fate is uncertain
to say the least
2005-02-01 15:29:23 +00:00
drochner
5d0cfbc9bd
sin6_scope_id maps to interface indices for link local addresses only!
...
(unlikely to be used with other scopes for now, but we should be
correct anyway)
2005-02-01 14:56:17 +00:00
matt
d341be30f4
Change initialzie of domains to use link sets. Switch to using STAILQ.
...
Add a convenience macro DOMAIN_FOREACH to interate through the domain.
2005-01-23 18:41:56 +00:00
itojun
57fd095fdf
shouldn't check code field on "packet too big" icmp6 message.
2005-01-17 10:16:07 +00:00
drochner
e5653b8213
remove a redundant check for ifindex2ifnet[idx] != 0
2004-12-21 11:40:12 +00:00
drochner
f44d9a5791
fix ifindex argument checks for IPV6_JOIN_GROUP,
...
IPV6_LEAVE_GROUP and IPV6_MULTICAST_IF -
0 is always legal
2004-12-21 11:37:47 +00:00
thorpej
7994b6f95e
Don't perform checksums on loopback interfaces. They can be reenabled with
...
the net.inet.*.do_loopback_cksum sysctl.
Approved by: groo
2004-12-15 04:25:19 +00:00
peter
396b87b8c2
Convert lo(4) to a clonable device.
...
This also removes the loif array and changes all code to use the new
lo0ifp pointer which points to the lo0 ifnet structure.
Approved by christos.
2004-12-04 16:10:25 +00:00
christos
694d5b6a91
We don't need to include bpfilter.h
2004-11-28 02:37:38 +00:00
itojun
5bcaef8e92
wrong paren. Patrick Latifi
2004-11-17 03:20:53 +00:00
itojun
bc559f51c6
remove extra code mistakenly committed
2004-10-27 23:16:56 +00:00
itojun
70fc307de9
missing break; Emmanuel Dreyfus
2004-10-27 22:26:50 +00:00
itojun
5e3841214f
no need to call defrouter_select() here any more; jinmei
2004-10-26 07:03:29 +00:00
itojun
830e5a5fbf
more cleanup on onlink assumption; jinmei
2004-10-26 06:54:53 +00:00
itojun
b5f3688c67
remove onlink assumption behavior (consider destination on-link if default
...
router list is empty) based on recent IETF ipv6 discussion (RFC2461 5.2).
fix "ndp -I delete".
2004-10-26 06:08:00 +00:00
itojun
75259d166c
ip6_flow_seq is no longer available.
2004-10-18 01:43:43 +00:00
yamt
056303b850
rip6_output: redo raw_ip6.c 1.67-1.67, using m_copyback_cow.
2004-09-06 10:05:14 +00:00
manu
6e3c639957
IPv4 PIM support, based on a submission from Pavlin Radoslavov posted on
...
tech-net@
2004-09-04 23:29:44 +00:00
yamt
39dd3d0c5d
run PFIL_IFADDR hooks on SIOCAIFADDR_IN6 and SIOCDIFADDR_IN6 as well.
...
from Peter Postma, PR/26368.
ok'ed by itojun.
2004-07-26 13:44:35 +00:00
yamt
e08729e055
rip6_output: redo the previous (raw_ip6.c 1.66)
...
with less assumptions about alignment.
2004-07-23 09:53:10 +00:00
yamt
540e6d4640
rip6_output: make sure that the mbuf is writable
...
before write a checksum into it.
otherwise "ping6 -s50000" causes a panic.
ok'ed by itojun.
2004-07-22 05:26:46 +00:00
itojun
3f35f96f9a
prevent mbuf leak on IPsec tunnel mode. from iij seil team
2004-07-16 01:12:02 +00:00
itojun
8da378abea
- update ro_pmtu on IPsec tunnel encapsulation. ro != ro_pmtu is used as the
...
sign for the existence of routing header.
- fragment to 1280 on IPv6-over-IPv6 encapsulation, as ICMPv6 too big may not
give you enough information to update pmtu cache.
from iij seil team, via kame.
2004-07-14 03:06:08 +00:00
minoura
c3ed038115
Remove broken code for now: getsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY,...).
...
It returned EINVAL, now returns ENOPROTOOPT.
Ok'd by itojun.
2004-07-06 04:30:27 +00:00
drochner
05da173d52
abstain from typecasting the LHS of an assignment;
...
gcc-3.4.x doesn't like it
2004-06-24 16:49:51 +00:00
itojun
b791f5f740
error could be left uninitialized when we jump into "senderr"
2004-06-24 15:01:51 +00:00
itojun
0f18c4c945
multicast data management fix - previous fix was incorrect. jinmei@kame
2004-06-16 03:17:26 +00:00
itojun
ec7ac551be
insufficient paren in macro def. Patrick Latifi
2004-06-16 02:36:37 +00:00
itojun
2e60f85658
use macro and make it a bit more readable.
2004-06-14 08:07:29 +00:00
itojun
4d7b9596f6
check before joining multicast group. otherwise multiple in6_multi structure
...
will be kept. reported by patrick latifi
2004-06-14 07:54:45 +00:00
itojun
501233726d
implement IPV6_USE_MIN_MTU sockopt. needed by bind9 + EDNS0 + big receive buffer.
2004-06-11 04:10:10 +00:00
itojun
56e182b708
there's no use to check privs on curproc in the input path. jinmei@kame
2004-06-01 03:13:22 +00:00
atatat
4de3747b89
Sysctl descriptions under net subtree (net.key not done)
2004-05-25 04:33:59 +00:00
itojun
32e4b55076
do not loop on nd6_output() when transmission fails. from kame
2004-05-19 17:45:05 +00:00
jonathan
f7abb16323
Fix per-PCB IPsec policy cache for FAST_IPSEC:
...
The sys/netipsec policy-cache (added by Jason Thorpe as a rewrite of
the KAME per-PCB policy cache) assumes that policy-cacheable PCBs
always has a non-NULL inph_sp in the common PCB header. So we must
do all the per-PCB policy cache calls when either (KAME) IPSEC, or
FAST_IPSEC is defined. ``Make it so''.
We can now support non-IPsec'ed IPv6 traffic, when both
``options FAST_IPSEC'' and ``options INET6'' are configured.
2004-04-26 01:53:59 +00:00
simonb
b5d0e6bf06
Initialise (most) pools from a link set instead of explicit calls
...
to pool_init. Untouched pools are ones that either in arch-specific
code, or aren't initialiased during initial system startup.
Convert struct session, ucred and lockf to pools.
2004-04-25 16:42:40 +00:00
itojun
cb0651e44a
correct parameter to in6_cksum. keiichi@kame
2004-04-22 17:58:59 +00:00
matt
e50668c7fa
Constify protosw arrays. This can reduce the kernel .data section by
...
over 4K (if all the network protocols) are loaded.
2004-04-22 01:01:40 +00:00
itojun
5da9234d88
remove duplicated #include. PR 25234
2004-04-20 17:12:03 +00:00
atatat
83b193a052
Make these compile without INET. tcp_input probably needs a lot more
...
work...
2004-03-29 04:59:02 +00:00
christos
d6939c86f1
no need for splsoftnet, because the caller does it already.
2004-03-28 08:28:50 +00:00
christos
03766c2d10
PR/23335: Christos Zoulas: Removing interfaces trashes free memory when
...
ipv6 is used because multicast group memberships contain dangling references
to the multicast group deleted.
2004-03-28 08:28:06 +00:00
itojun
e050c8a03d
do not touch m->m_pkthdr.rcvif after m becomes invalid. Patrick Latifi
2004-03-26 03:35:02 +00:00
atatat
19af35fd0d
Tango on sysctl_createv() and flags. The flags have all been renamed,
...
and sysctl_createv() now uses more arguments.
2004-03-24 15:34:46 +00:00
martti
c3f78782b9
Make ip6_getpmtu() globally visible. This is needed by IPFilter 4.x.
2004-03-23 18:21:38 +00:00
itojun
3811eef49d
typo
2004-03-23 05:31:54 +00:00
itojun
721292cf12
constify AH algorithm function table. suggested by robert watson
2004-03-10 03:45:04 +00:00
thorpej
2803ff0955
Use the new IPSEC_PCB_SKIP_IPSEC() to bypass a socket policy lookup
...
when possible. This shaves several cycles from the output path for
non-IPsec connections, even if the policy is cached in the PCB.
2004-03-02 02:28:28 +00:00
thorpej
db4fcd885b
Augment the PCB cache with a "hint" that can be used to short-circuit
...
IPsec processing in other places. The hint has 3 values: MAYBE, YES,
and NO. Hints are initialized to MAYBE, and MAYBE is always used for
unconnected sockets (since the spidx may change for every packet
that is output). For connected sockets, NONE and BYPASS policies cause
the hint to be set to NO, and all other policies to YES.
Also shuffle the PCB cache data structure, turning 3 arrays into a
single array of a struct.
2004-03-02 02:17:38 +00:00