Commit Graph

572 Commits

Author SHA1 Message Date
mycroft 50438b6df0 Absolutely minor tweak to generate better code. 1999-01-25 15:36:50 +00:00
mycroft 70e6acdfef Update the comment about the checksum hack. It was way out of date. 1999-01-24 13:34:35 +00:00
mycroft 94895652e1 Modify the checksum slightly so that the htons()s can all be combined. 1999-01-24 12:57:38 +00:00
thorpej a58f271406 Oops, forgot to update copyright notice in previous. 1999-01-24 01:21:18 +00:00
thorpej 86e2c3fbc6 * Completely rewrite syn_cache_respond().
- Don't use tcp_respond(), instead create the tcp/ip header from scratch,
and send it ourself.
- Reuse the mbuf that carried the SYN, or allocate one if that is not
available.
- Cache the route we look up to do the Path MTU Discovery check, and
transfer the reference to that route to the inpcb when the connection
completes.
* Macro'ize a small, but often repeated code fragment.
1999-01-24 01:19:28 +00:00
mycroft b790730226 Fix problems with fr_tcpsum() that prevented the FTP proxy from working. 1999-01-23 08:50:52 +00:00
thorpej a43786143f Fix a problem pointed out by Charles Hannum; DF wasn't being set in
SYN,ACK packets during Path MTU Discovery.  Fix tcp_respond() to do the
appropriate route lookup and set DF as appropriate.

Also, fixup similar code in tcp_output() to relookup the route if it
is down.
1999-01-20 03:39:54 +00:00
mycroft 231a906c71 There's just no plausible reason to byte-swap ip_id internally. It's opaque. 1999-01-19 23:39:56 +00:00
mycroft 7eeb5a04da Don't screw with ip_len; just subtract from it where we actually use the
value.
1999-01-19 23:03:20 +00:00
mycroft d3ea3de1af Fix byte-swapping of ip_len in returned IP header. 1999-01-19 22:10:42 +00:00
mycroft fc1211a6ab Don't overwrite the checksum fields when checking them. There's no reason to
do this, and it screws up ICMP replies.
XXX The returned IP checksum and length are still wrong.
1999-01-19 21:58:40 +00:00
thorpej 4b0e6bb4dc Domains are associated with protocol families, not address families. 1999-01-14 01:16:55 +00:00
thorpej 98d3903da8 Use the count supplied to the pseudo-device attach routine to dynamically
allocate (once) the ipip_softc array; don't assume NIPIP contains the count.
1999-01-13 23:01:20 +00:00
thorpej 555784ccd5 Fix byte order and ip_len inconsistencies in ICMP reply code. Also, fix
some formatting and HTONS(foo) vs. foo = htons(foo) inconsistencies.

PR #6602, Darren Reed.
1999-01-11 22:35:06 +00:00
thorpej 6ae68b4feb Pull the IP-in-IP tunneling support out of the GRE code. It's not handled
by a separate IP-IP input path.

XXX Should eventually do the same thing for IPPROTO_MOBILE.
1999-01-11 21:32:13 +00:00
thorpej 9508f259bf Adjust for the new IP-IP input path. mrt_ipip_input() is called from
ipip_input(), and returns non-zero if mrt_ipip_input() handled the
packet.

XXX Eventually, the multicast code should probably use regular IP-IP
XXX `interfaces', but mrouted knows about the VIF table, etc.
1999-01-11 21:31:03 +00:00
thorpej 9d996b9e4e Adjust for the new IP-IP input path. 1999-01-11 21:28:28 +00:00
thorpej 9f9be750f6 Separate out the IP-in-IP implementation from the GRE code. This cleans
up the interface to ip_mroute.c somewhat, and properly separates IP-IP
from GRE.  (They are similar, but they are different protocols, and should
not be implemented in the same place.)
1999-01-11 21:26:53 +00:00
thorpej 5f69dedb2c ipip_input() -> mrt_ipip_input(). 1998-12-22 02:51:32 +00:00
thorpej 54377d1212 Simplify the tunnel lookup routine. 1998-12-22 01:49:04 +00:00
thorpej 12632ebf71 Reverse the copyright-notice-swap. It went against existing practice. 1998-12-19 02:46:12 +00:00
thorpej 4f177aec90 Add a lock around the TCPCB's sequence queue, to prevent tcp_drain()
from corrupting the queue if called from a device's interrupt context.

Similar in nature to the problem reported in PR #5684.
1998-12-18 21:38:02 +00:00
thorpej ca15e01c76 Add a lock around the IP fragment reassembly queue, to prevent ip_drain()
from corrupting the queue if called from a device's interrupt context.

Should fix PR #5684.
1998-12-18 21:35:11 +00:00
thorpej 93454aafc6 Delay sending if SS_MORETOCOME is set in so_state. This avoids the case
where the user issued a write with a length greater than MLEN but less
than MINCLSIZE, thus causing two mbufs to be used.  The loop in sosend()
would then call PRU_SEND twice, causing TCP to transmit 2 packets when
it could have transmitted one.

Suggested by Justin Walker <justin@apple.com> on the freebsd-net
mailing list.
1998-12-16 00:33:14 +00:00
mrg 2f2fd097ef remove this insanity. appeared with ipfilter 3.2.10... 1998-12-11 23:47:16 +00:00
drochner 914642e439 correction to the previous: protect against _LKM too
pointed out by Todd Whitesel <toddpw@best.com>
1998-12-11 11:57:33 +00:00
drochner 36b809fed6 correcton tp previous: don't try to include kernel option headers in
userland
fixes PR kern/6561 (Takahiro Kambe)
1998-12-11 09:15:42 +00:00
christos ce96f9960a defopt IPFILTER_LOG 1998-12-10 15:50:59 +00:00
christos c7578c510a defopt 1998-12-10 11:01:01 +00:00
mrg a94214bdd0 add a patch from darren reed, to make ipfilter use our cksum routine. 1998-11-26 12:21:47 +00:00
sommerfe 0cdf66e377 Fragments should start with a header mbuf allocated by MGETHDR() 1998-11-25 21:13:58 +00:00
mrg 4dd9bebb58 add two more prototypes. noted missing by mjacob. 1998-11-22 23:30:36 +00:00
mrg 78db9d7d95 merge ipf 3.2.10 1998-11-22 15:17:18 +00:00
lukem 0cd1643609 if INADDR_ANY is given in in_pcbconnect(), choose the ia_addr of the first
interface, not the ia_broadaddr.  should fix [standards/5645] and [kern/6425]
1998-11-16 05:47:19 +00:00
drochner 1658ac64a8 fix the previous: "securelevel" in kernel only 1998-11-15 17:36:19 +00:00
tls da1c106b85 In 'highly secure' mode (securelevel >= 2), the filter lists may not be tampered with. It might be desirable to allow enabling of preset filter lists, but it seems too good a candidate for a denial-of-service attack, so we don't. 1998-11-14 07:42:37 +00:00
lukem cc41dfe747 simplify test in in_pcbbind() for setting wild=1; no need to check if
((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0 ||
	(so->so_options & SO_ACCEPTCONN) == 0)
since the latter is always true, so the former test in unnecessary.
from `TCP/IP Illustrated, Volume 2', W. Richard Stevens, p 730.
1998-11-13 10:50:10 +00:00
thorpej 0e3a0a7f80 Once a fragmented IP packet has been reassembled, recompute the packet
length before passing it up the stack.  From FreeBSD.
1998-11-13 03:24:22 +00:00
ws ede30e2813 Fix a buglet when looking up an interface for multicast:
Zero out the routing structure before calling the route lookup code
in order to correctly match addresses.
1998-10-26 17:31:01 +00:00
matt 3ad026ac87 vax -> __vax__ (and mips to __mips__ in ultrix_misc.c) 1998-10-20 01:46:27 +00:00
kim cd7e3136ad Use ETHERTYPE_ATALK instead of ETHERTYPE_AT. The former seems more common.
Our other constants also use "ATALK".

Added many new ETHERTYPE constants to sys/net/ethertypes.h, including the
ones from libpcap and tcpdump "ethertype.h" files.
1998-10-13 02:34:31 +00:00
thorpej 14f5ac9081 Use the pool allocator for ipflow entries. 1998-10-08 01:41:45 +00:00
thorpej 974aa74abd Use the pool allocator for ipqent structures. 1998-10-08 01:19:25 +00:00
thorpej 588ccb2d75 Fix some typos in comments, and clean up some whitespace. 1998-10-07 23:33:02 +00:00
thorpej 6cfb33b4e4 Use the pool allocator for the tcpcb's TCP/IP header template. 1998-10-07 23:20:03 +00:00
matt bf4e491879 Fix boolean dyslexic test. Duh! 1998-10-06 00:41:13 +00:00
matt 8e8f38e0f2 Add a sysctl for newreno (default to off). 1998-10-06 00:20:44 +00:00
lukem a1ea50ee45 * in_pcblookup_port(): deprecate INPLOOKUP_WILDCARD and flags in favour
of a lookup_wildcard arg; simplifies the logic a bit.
* when assigning ephemeral ports in in_pcbbind(), always call
  in_pcblookup_port() with lookup_wildcard=1, so that ephemeral port
  allocation on sockets with SO_REUSEADDR set won't potentially bind to a
  port in use by something else (principle of least surprise).
1998-10-05 14:33:14 +00:00
matt 25054b5cf7 Adapt the NEWRENO changes from the UCSB diffs of BSDI 3.0's TCP
to NetBSD.  Ignore the SACK & FACK stuff for now.
1998-10-04 21:33:52 +00:00
kleink c68106edad Use #error instead of causing a parse error. 1998-10-02 21:21:04 +00:00
drochner 5ddf423985 print reason for arplookup() failure (ala FreeBSD) 1998-10-01 11:04:24 +00:00
tls c4730d65cf Switch order of TNF and UCB copyrights so UCB copyright is first; this seems more appropriate since UCB wrote the original code, after all. 1998-09-30 21:52:24 +00:00
hwr eaccb9cd8d Start supporting IPPROTO_MOBILE (55) encapsulation. This is yet
another tunneling protocol used by the Mobile-IP people. See RFC 2004
for this.
1998-09-30 05:59:27 +00:00
christos e74ca32804 SIOCGIFALIAS should not be restricted to the superuser. 1998-09-28 12:32:43 +00:00
mycroft 4a000a54e6 Fix a typo (not mine) in a comment. 1998-09-19 04:34:34 +00:00
mycroft 04ef3bf88d If we're in LISTEN state and all of RST, SYN and ACK are clear, send a RST. 1998-09-19 04:32:51 +00:00
mycroft 31347e4671 Always send a 0 window with a RST. Suggested by Darren Reed. 1998-09-19 04:02:52 +00:00
hwr cf70cc28c7 Typo. :( 1998-09-14 21:15:56 +00:00
hwr 517139017e Some additions.
And IDPR-CMTP is 38 not 39 according to IANA.
1998-09-14 21:09:51 +00:00
hwr 366b9c4515 Add a gre tunnel pseudo network device. Gre = generic route encapsulation.
This device shows up like any other network interface and can be used to
tunnel L3 protocols as e.g. IP over IP.
1998-09-13 20:27:47 +00:00
christos 66dd35d72c Fix copyright spacing and 'Van' -> 'van' for consistency. 1998-09-13 15:45:40 +00:00
tv 235fc6a6a9 egcs {brace} warning fix 1998-09-10 19:53:28 +00:00
mouse b95116821c Create tcp.keepidle, tcp.keepintvl, tcp.keepcnt, tcp.slowhz sysctls. 1998-09-10 10:46:03 +00:00
thorpej 9fd57e8917 Make a diagnostic printf more sensible, PR #5951, Heiko W. Rupp. 1998-09-09 04:57:18 +00:00
thorpej 4dbfe05f1f Use an algorithm similar to that in tcp_notify() to determine if
syn_cache_unreach() should remove the entry, or just continue on.

Algorithm is to only remove the entry if we've had more than one unreach
error and have retransmitted 3 or more times.  This prevents the following
scenario, as noted in PR #5909 (PR from Ty Sarna, scenario from
Charles Hannum):

	* Host A sends a SYN.
	* Host A retransmits the SYN.
	* Host B gets the first SYN and sends a SYN-ACK.
	* Host B gets the second SYN and sends a SYN-ACK.
	* One of the SYN-ACK bounces with an
	  ICMP unreachable, causing the `SYN cache' entry to be
	  removed with no notification.
	* Host A receives the other SYN-ACK, sends an ACK, and goes to
	  ESTABLISHED state.

Should fix PR #5909.
1998-09-09 01:32:27 +00:00
christos 0f024deb52 Add SIOCGIFALIAS 1998-09-06 17:52:01 +00:00
kleink bb4f7768e4 Protect _XOPEN_SOURCE against sysctl MIB identifiers. 1998-09-05 19:03:25 +00:00
mycroft e2cb6dad8d Make the randomized part of the ISS 24 bits. 1998-09-04 22:34:51 +00:00
mycroft 2f501074f8 Fix a couple of bogons related to tcp_new_iss():
* Don't add tcp_iss_seq when creating a new ISS from TIME-WAIT state.
* Do the clock increment even when using the rnd device.
1998-09-04 22:29:54 +00:00
scottr e3e7e1673f Fix the NEXT_IA_WITH_SAME_ADDR macro introduced in 1.27: it was finding
the first in_ifaddr structure with a different internet address!  Reverse
the sense of the test.  Spotted by and fix from Eric Haszlakiewicz.
1998-08-14 06:57:54 +00:00
mrg 4a75265273 defopt PFIL_HOOKS. 1998-08-09 08:58:18 +00:00
thorpej 833061914a Use the pool allocator for tcpcbs. 1998-08-02 00:36:19 +00:00
thorpej d319e4b419 Use the pool allocator for syn_cache entries. 1998-08-02 00:35:51 +00:00
thorpej 47e9dcf841 Use the pool allocator for inpcbs. 1998-08-02 00:35:31 +00:00
tls 31d0752b99 change IN_IFADDR_HASH_SIZE to 509, which actually uses no more space than 293 due to rounding up to nearest power of two in hashinit. 1998-07-29 05:18:54 +00:00
pk 84840da908 in_pcballoc(): we can't afford to wait for memory. 1998-07-23 08:24:33 +00:00
mycroft cca4e566a9 Implement a better fix for the `gratuitous FIN' problem, as
mentioned on tcp-impl but with a bit more commentary.
1998-07-21 10:46:00 +00:00
thorpej 3a9ed00799 Document that we are more conservative after doing MTU discovery than the
suggestion in draft-floyd-incr-init-win-03.  Rather than scaling cwnd back
by the ratio of new segment size to old segment size, we perform a slow start
using the Initial Window, computed with the new segment size.
1998-07-17 23:09:58 +00:00
thorpej 0f909866c0 Clarify that we're using the Loss Window when we receive a source quench. 1998-07-17 23:02:38 +00:00
thorpej fa20f24cd9 Add a comment wrt. a current issue w/ CWM. 1998-07-17 23:00:02 +00:00
thorpej a3f4316cba Clarify that we are using the Loss Window if a retransmission occurred
during the three-way handshake.
1998-07-17 22:58:56 +00:00
thorpej 830879a809 Comment where the Restart Window is computed, and in the non-CWM case,
make sure it never _increases_ cwnd.
1998-07-17 22:52:01 +00:00
thorpej 1c4ff0a086 Comment where we use the Loss Window. 1998-07-17 22:18:49 +00:00
sommerfe 69b1b4758d Fix PR5559: if fast-forwarding, DF set, and packet too large, send ICMP error.. 1998-07-17 00:35:23 +00:00
sommerfe 534520d815 Fix PR5508: ipfil cut-through forwarding causes panic 1998-07-17 00:28:00 +00:00
tls deac3540de Put original hash function back. It wastes a little bit of space, but is much more even -- think of the case of a web service provider, some of whose customers end up getting 'inferior service' because they're on addresses that happen to be out at the end of a hash chain. With webservers with thousands of addresses, this is a real issue. If the wasted space is a big deal, we could pick a prime number that's slightly _less_ than a power of two... 1998-07-16 06:45:09 +00:00
thorpej 389da54091 Garbage collect `imp' and `hy'. We don't have the rest of the code, and
it's not like anyone is ever going to be using either of them.
1998-07-15 17:39:20 +00:00
veego 97ab1bd53b Resolve conflicts from the import. 1998-07-12 15:23:59 +00:00
mycroft 3a64270ca6 Back out the change from TCP/IP vol 2, in revision 1.7, which removed TH_FIN
from the output flags for CLOSING state.  There is no harm in retransmitting
the FIN, and this change has unexpected side effects that break simultaneous
close behaviour.
1998-07-09 05:49:56 +00:00
sommerfe 065cac9798 Delete bogus (void) cast of m_freem (which is already a void function..) 1998-07-07 00:04:59 +00:00
jonathan b37021c1a1 defopt NATM. 1998-07-05 22:48:05 +00:00
jonathan 9bf2ba0928 Garbage-collect ``needs-flag'' from attributes ether, fddi, arc:
NETHER, NFDDI, NARC are  not used anywhere. Remove #include "ether.h",
   which had no effect.
Removes clash with "options NATM" for native-ATM network protocol stack.
1998-07-05 22:29:51 +00:00
jonathan 011f2bda08 defopt NS, NSIP. 1998-07-05 06:49:00 +00:00
jonathan 5c0c5dd0b4 defopt ISO TPIP. 1998-07-05 04:37:35 +00:00
jonathan f2a2327e0a defopt EON. 1998-07-05 01:06:49 +00:00
jonathan 3751946b97 defopt INET, NETATALK. 1998-07-05 00:51:04 +00:00
jonathan 466e784ee1 defopt DDB. 1998-07-04 22:18:13 +00:00
thorpej 8cfe8959a6 Fix TCPS_HAVERCVDFIN() to actually catch all TCP states in which a FIN
has been received (CLOSE_WAIT, CLOSING, LAST_ACK, and TIME_WAIT).

From David Borman <dab@bsdi.com>.
1998-07-03 05:39:56 +00:00
is 0ca02c68a7 Thinko in last fix: we have to actually check each address for a copy on
our ifp, else we might fail for some strange configurations.
1998-07-02 14:00:39 +00:00
is d8b8a41918 The rewrite of if_arp.c to work with the hashed interface address lists
(1.44) missed a test for the right interface, making some machines answer
to some bogus arp requests (like for WHO-HAS 127.0.0.1).

The quick patch in 1.46-1.47 does not work for so-called "unnumbered"
interfaces, that is, (point-to-point) interfaces that share their local
address with another (e.g., the Ethernet) interface.

We add a macro to in_var.h, to step (in the current implementation) through
the hash chain and fine more entries with the same address, and use that
in if_arp.c to find one which belongs to our interface.
1998-07-02 11:39:56 +00:00