Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
97,316 Commits 606 Branches 0 Tags 3.1 GiB
44c6c3f7d0
Commit Graph

1003 Commits

Author SHA1 Message Date
itojun
1cc58965b6 don't panic when there's no interface address exist for the specified multicast 
outgoing interface (ia == NULL after IFP_TO_IA).

historic behavior (up to revision 1.43) was to use 0.0.0.0 as source address,
but it seems like a mistake according to RFC1112/1122.
 2002-01-08 10:05:13 +00:00
itojun
28922b9973 use radix table for inbound tunnel lookup (would increase performance 
for machines with a lot of tunnels).
update route cache for IPvX-over-IPv6 tunnel on path MTU discovery.
snyc with kame
 2001-12-21 06:30:43 +00:00
itojun
af7e7f7b93 whitespace. protect from multiple inclusion. sync with kame 2001-12-21 04:11:24 +00:00
itojun
9fe96e61e6 call rip_ctlinput on icmp4 inputs 2001-12-21 04:07:25 +00:00
itojun
745e191850 move protosw fragment for gif/stf to their own source code. 
reduce #ifdef in stf code.  sync with kame
 2001-12-21 03:21:50 +00:00
itojun
f05aaf1533 have packed attribute to protocol structs. sync with kame 2001-12-21 02:52:18 +00:00
itojun
dde7f16c1c have rip_ctlinput to notify routing changes to raw sockets 
(protosw change to be done).  sync with kame
 2001-12-21 02:51:47 +00:00
itojun
f504aee318 comment and whitespace. sync with kame 2001-12-21 02:51:08 +00:00
itojun
a36173e7a6 whitespace. sync with kame 2001-12-21 02:50:28 +00:00
itojun
33429d0612 correct timing to increment icmp6 MIB variables. sync with kame 2001-12-07 10:10:43 +00:00
jmcneill
078a8c0cc3 Fix TCP segment size computation. From Rick Byersm, PR kern/14799. 2001-12-03 01:45:43 +00:00
darrenr
dd626d89c9 recompute hlen after calling pfil_run_hooks() in case ip_hl was changed. 2001-11-28 09:25:13 +00:00
itojun
c23ea6c341 update outgoing ifp, only if tunnel mode ipsec is used. this is to 
honor IP_MULTICAST_IF setsockopt on ipsec-over-multicast.  sync with kame
 2001-11-21 06:28:08 +00:00
lukem
0fa231134c - replace "defopt" with "defparam" for options which must take a value, 
as config(8) will warn for value-less defparam options
- minor whitespace/formatting cleanup
- consolidate opt_tcp_recvspace.h and opt_tcp_sendspace.h into opt_tcp_space.h
 2001-11-20 14:34:18 +00:00
lukem
2565646230 don't need <sys/types.h> when including <sys/param.h> 2001-11-15 09:47:59 +00:00
lukem
ea1cd7eb08 add RCSIDs 2001-11-13 00:32:34 +00:00
itojun
e2df911079 do not grab packet to joined multicast group, when ip6_dst and in6p_laddr 
mismatches.  it makes the behavior more closer to 4.4BSD IPv4 code.
sync with kame
 2001-11-07 06:30:50 +00:00
matt
da5a70805c Convert netinet to not use the internal <sys/queue.h> field names 
but instead the access macros.  Use the FOREACH macros where appropriate.
 2001-11-04 20:55:25 +00:00
matt
47577dca93 Change a few variable/tables to const since they are read-only. 2001-11-04 13:42:27 +00:00
matt
af71a3871d Keep only one mtu_table (the two were identical except for 
one value - 65280).
 2001-11-04 13:38:50 +00:00
itojun
e4b5b62a3d array boundary overflow on the use of IPv4 mapped address. from simonb 2001-11-02 02:37:50 +00:00
kml
77c99e8c60 Add in support for timing out IPv4 routes added due to redirects, 
as discussed in tech-net several weeks ago.  It turned out that
KAME had already added this functionality to the IPv6 stack, so
I followed their example in adding the sysctl variables
net.inet.icmp.rediraccept and net.inet.icmp.redirtimeout.
 2001-10-30 06:41:09 +00:00
simonb
5f717f7c33 Don't need to include <uvm/uvm_extern.h> just to include <sys/sysctl.h> 
anymore.
 2001-10-29 07:02:30 +00:00
itojun
c7e6405a34 remove unused codepath (unifdef -UUDP6) 2001-10-24 06:04:08 +00:00
itojun
7bbe09e1d4 it may fix PR14124. 2001-10-24 05:56:49 +00:00
matt
bd61b6ad50 Make tcp_outflags & tcpstates const. 2001-10-20 03:19:41 +00:00
matt
fa2b333dc7 Make the two MTU tables const and change their type to u_int (one was int 
and one was u_long!).
 2001-10-20 03:18:17 +00:00
thorpej
e45efd967f Deprecate the "m_act" alias of "m_nextpkt" (m_act is a historical 
name), and just use m_nextpkt everywhere.
 2001-10-18 20:17:24 +00:00
itojun
91498ffec5 implement IPV6_V6ONLY socket option from draft-ietf-ipngwg-rfc2553bis-03.txt. 
IPV6_BINDV6ONLY (netbsd only) is deprecated, but still work just like before.
 2001-10-15 09:51:15 +00:00
chs
80373b7e54 don't depend on other headers to include sys/proc.h for us. 2001-09-28 11:59:51 +00:00
thorpej
d679590033 Split the pre-computed ifnet checksum flags into Tx and Rx directions. 
Add capabilities bits that indicate an interface can only perform
in-bound TCPv4 or UDPv4 checksums.  There is at least one Gig-E chip
for which this is true (Level One LXT-1001), and this is also the
case for the Intel i82559 10/100 Ethernet chips.
 2001-09-17 17:26:59 +00:00
wiz
456dff6cb8 Spell 'occurred' with two 'r's. 2001-09-16 16:34:23 +00:00
martin
7ac197f6e6 Fix typo in comment. 2001-09-16 08:49:50 +00:00
thorpej
050e9de009 Use callouts for SYN cache timers, rather than traversing time queues 
in tcp_slowtimo().
 2001-09-11 21:03:20 +00:00
thorpej
4745c7f252 Update copyrights. 2001-09-10 22:45:46 +00:00
thorpej
6d0e813f6c Use callouts for TCP timers, rather than traversing the list of 
all open TCP connections in tcp_slowtimo() (which is called 2x
per second).  It's fairly rare for TCP timers to actually fire,
so saving this list traversal is good, especially if you want
to scale to thousands of open connections.
 2001-09-10 22:14:26 +00:00
thorpej
413e5cb878 Initialize TCP timer variables in a new function, tcp_timer_init(). 2001-09-10 20:36:43 +00:00
thorpej
3d9c42775e Add explicit initialization of TCP timer state. A noop right now. 2001-09-10 20:19:54 +00:00
thorpej
45e02f5ee8 Split tcp_timers() into multiple functions, one for each timer, 
and call it directly from tcp_slowtimo() (via a table) rather
than going through tcp_userreq().

This will allow us to call TCP timers directly from callouts,
in a future revision.
 2001-09-10 20:15:14 +00:00
thorpej
7446fd2bc8 Change the way receive idle time and round trip time are measured. 
Instead of incrementing t_idle and t_rtt in tcp_slowtimo(), we now
take a timstamp (via tcp_now) and use subtraction to compute the
delta when we actually need it (using unsigned arithmetic so that
tcp_now wrapping is handled correctly).

Based on similar changes in FreeBSD.
 2001-09-10 15:23:09 +00:00
thorpej
7a89a34393 Enable Congestion Window Monitoring by default. 2001-09-10 04:43:35 +00:00
thorpej
783db90019 Use a callout for the delayed ACK timer, and delete tcp_fasttimo(). 
Expose the delayed ACK timer as net.inet.tcp.delack_ticks.
 2001-09-10 04:24:24 +00:00
itojun
ef0be725b3 if I'm bridging and got a packet to interface address on if A from if B, 
advertise MAC address for if A with ARP reply.
 2001-08-20 03:13:45 +00:00
thorpej
c82b0994e7 Permit weaker interface matches for incoming ARP packets if the packet was 
received on an interface that is part of a bridge and we find an ifaddr on
an interface that is part of the same bridge.
 2001-08-17 21:47:57 +00:00
itojun
74ad87bc53 gif interface now uses generic software interrupt 
(on archs that support it).  also, make gif ALTQ-capable on outgoing.
sync with kame, comments from thorpej.
 2001-08-16 17:45:25 +00:00
yamt
5d1c2fff55 fix cksum error of udp and tcp packet with ip options 2001-08-11 12:26:50 +00:00
itojun
57030e2f12 cache IPsec policy on in6?pcb. most of the lookup operations can be bypassed, 
especially when it is a connected SOCK_STREAM in6?pcb.  sync with kame.
 2001-08-06 10:25:00 +00:00
thorpej
35df06a642 Carve off the code that builds a TCP data packet into its own 
function, and inline it, except when profiling... so we can
profile it.
 2001-07-31 02:25:22 +00:00
thorpej
938720eea4 Count the number of times we "self-quench" (ip_output() returns 
ENOBUFS), and don't inline tcp_segsize() if profiling.
 2001-07-31 00:57:45 +00:00
itojun
cad488d032 sync gif interface code with latest kame. 
IFF_RUNNING is clearified.  attach/detach logic is more clearner.
the old code mistakenly set IFF_UP by itself, now the behavior is gone.
 2001-07-29 05:08:32 +00:00
itojun
66c75f4967 do not check in_dstaddr on in_{add,scrub}prefix, otherwise linklocal 
address manipulation could choke.  sync with kame
 2001-07-27 02:04:08 +00:00
thorpej
52654926a4 Slight cosmetic change. 2001-07-26 21:47:04 +00:00
itojun
fd5e7077a3 allocate ipsec policy buffer attached to pcb in in*_pcballoc, before 
giving anyone accesses to pcb (do not reveal an inconsistent ones).
sync with kame
 2001-07-25 23:28:02 +00:00
itojun
49f2e6958f g/c #if 0'ed fragment. sync with kame. 2001-07-25 06:05:16 +00:00
enami
4b21362a47 Remove an obsolete comment. 2001-07-25 00:13:16 +00:00
itojun
ddf920093e wrap IPv6 code by #ifdef INET6 2001-07-23 15:20:41 +00:00
itojun
489df53efe use in6_maxmtu, not in_maxmtu, for IPv6 mss computation 2001-07-23 15:17:58 +00:00
itojun
6338419cfb manage IFA_ROUTE on interface address better, so that we can 
provide a better support for multiple address with the same prefix better.
(like 10.0.0.1/8 and 10.0.0.2/8 on the same interface)
continuation of PR 13311.

remove irrelevant #if 0'ed segment for PR 10427.
 2001-07-22 16:18:31 +00:00
wiz
a9356936b4 seperate -> separate 2001-07-22 13:33:58 +00:00
enami
5e40498018 Add missing counting up of ``socket buffer is full'' counter when 
failed to sbappendaddr().
 2001-07-17 02:44:00 +00:00
itojun
09ddb6a1f1 do not #ifdef in headers. usr.sbin/trpt needs it. 2001-07-09 07:53:20 +00:00
abs
03aaf3d8b4 Rename TCPDEBUG to TCP_DEBUG, defopt TCP_DEBUG and TCP_NDEBUG, and 
make all usage of tcp_trace dependent on TCP_DEBUG - resulting in
a 31K saving on an INET enabled i386 kernel.
 2001-07-08 16:18:56 +00:00
abs
2f72fbeeab Give TCPDEBUG a chance of working - fix printf() types, add missing &s, 
and remove attempt to use a non existant tcphdr field.
 2001-07-08 15:59:18 +00:00
itojun
c3740d7821 IP6_EXTHDR_GET0 had no check against m->m_len (noone was using this macro). 
sync with kame
 2001-07-05 23:41:07 +00:00
itojun
0fec95079e better support for multiple IPv4 addresses on a single interface. 
- consider non-primary (2nd and beyond) IPv4 address as "local", and prevent
  outgoing ARP.
- for routing entries generated by ARP, make sure to set rt->rt_ifa equal to
  rt_key, to help IPv4 source address selection for traffic to myself.
PR 13311.

caveats/TODOs:
- interface routes ("connected routes" in cisco terminlogy) is tied with the
  primary (1st) IPv4 address on the interface.  should be fixed with updates
  to rt_ifinit().
- source address selection for offlink locations.  1st address tend to be used
  with the current code
  (you can configure it right by setting rt->rt_ifa accordingly).
 2001-07-04 02:29:58 +00:00
itojun
193167b1eb call in{,6}_pcbpurgeif0() before in{,6}_purgeif(). 2001-07-03 08:06:19 +00:00
itojun
1ff38f4d03 on interface removal, remove multicast groups joined from pcb, before 
removing interface addresses.  without the change, we may deref
NULL pointer in in_pcbpurgeif().  from jinmei@kame, sync with kame
 2001-07-02 15:25:34 +00:00
itojun
3e8e591c7f fix udp reception to sockets bound to linklocal address (like fe80::1%lo0). 
sync with kame
 2001-06-27 23:40:50 +00:00
wiz
3f9984fc90 existent', not existant' 2001-06-19 13:42:07 +00:00
wiz
0a600be867 receive, not recieve 2001-06-12 15:17:10 +00:00
tron
ea44bc48d3 Make arplookup error messages more informative. Patch supplied by 
Andrew Brown in PR kern/13162.
 2001-06-11 06:19:50 +00:00
thorpej
ad9d3794b0 Implement support for IP/TCP/UDP checksum offloading provided by 
network interfaces.  This works by pre-computing the pseudo-header
checksum and caching it, delaying the actual checksum to ip_output()
if the hardware cannot perform the sum for us.  In-bound checksums
can either be fully-checked by hardware, or summed up for final
verification by software.  This method was modeled after how this
is done in FreeBSD, although the code is significantly different in
most places.

We don't delay checksums for IPv6/TCP, but we do take advantage of the
cached pseudo-header checksum.

Note: hardware-assisted checksumming defaults to "off".  It is
enabled with ifconfig(8).  See the manual page for details.

Implement hardware-assisted checksumming on the DP83820 Gigabit Ethernet,
3c90xB/3c90xC 10/100 Ethernet, and Alteon Tigon/Tigon2 Gigabit Ethernet.
 2001-06-02 16:17:09 +00:00
soda
ea2e5754dd missing opt_inet.h 2001-05-31 19:56:13 +00:00
mrg
67afbd6270 use _KERNEL_OPT 2001-05-30 11:57:16 +00:00
itojun
e44d476e4e typo in comment 2001-05-27 23:46:51 +00:00
matt
524a19371f Make t_flags a u_int instead of u_short. It's followed by a mbuf pointer 
so there's padding around it already.  And it increases the amount of bits
available for TF_* flags.
 2001-05-26 22:02:57 +00:00
matt
24f26c957e Add TCP_MD5SIGNATURE option. 2001-05-26 21:40:55 +00:00
ragge
7952ffd61f defined(vax) -> defined(__vax__). This may fix PR#12919. 2001-05-26 21:29:45 +00:00
ragge
474bc8ee6d Remove one #ifdef vax, bugfix another. Should probably be #ifdef i386 also. 2001-05-26 21:27:09 +00:00
itojun
a7596d1912 call icmp6_mtudisc_update(foo, 0) even if ICMPv6 messages are very short. 
let icmp6 layer decide whether we take PMTUD routes or not.
 2001-05-24 07:22:27 +00:00
lukem
07d4fbd104 fix spelo in comment 2001-05-21 03:31:36 +00:00
martin
449c740399 Remove tests for IPN_FRAG bits. 
There is no place in the source where this bit could ever be set (or I'm
to blind to find it).

This fixes PR 12671.

If someone thinks this is the wrong solution, please make sure to (a) reopen
the PR and (b) explain to me how the tested bits would ever get set. I'll
be glad to then look further for the real cause (i.e. the flags not getting
set in the case described in the PR).
 2001-05-20 13:03:39 +00:00
thorpej
937cea769e Brain'o in last. Pointed out by Steve Woodford <scw@netbsd.org>. 2001-05-19 14:20:40 +00:00
thorpej
905e7935a9 Don't compute psuedo header checksum if nxt == 0. 2001-05-19 00:13:53 +00:00
matt
0c779d0a01 Use the LIST_NEXT & LIST_FIRST macros instead of refering to 
le_next & lh_first.
 2001-05-14 19:50:43 +00:00
itojun
498fdebcd7 drop multi destination mode (IFF_LINK0). 2001-05-14 13:35:20 +00:00
christos
00adbfd8d6 - Handle realloc failure without leaking memory 
(reported by: grendel@heorot.stanford.edu (Ted U)
- Don't cast malloc/realloc/calloc return values because they hide LP64 bugs.
- Don't destroy the whole array when realloc fails
- Use calloc in all cases (malloc was used inconsistently).
- Avoid duplicating code.

Reviewed by: ross
 2001-05-12 19:21:57 +00:00
itojun
63181d71c1 correct ecn consideration on tunnel encap/decap. sync with kame. 2001-05-10 01:37:42 +00:00
itojun
1bec764d78 correct faith prefix determination. use sys/netinet/if_faith.c:faithprefix() 
to determine.  sync with kame.
(without this change, non-faith socket may mistakenly accept for-faith traffic)
 2001-05-08 10:15:13 +00:00
itojun
02077e028f pull encapsulated packet for vif* via ip_encap framework. 2001-05-08 10:07:15 +00:00
fvdl
b7025ec37b Make it possible to override TCP_NDEBUG. The default value of 100 
wastes quite a bit of space (0xfa00).
 2001-04-29 15:18:01 +00:00
itojun
8799a9c64b give a default value to net.inet.ip.maxfragpackets, to protect us from 
"lots of fragmented packets" DoS attack.

the current default value is derived from ipv6 counterpart, which is
a magical value "200".  it should be enough for normal systems, not sure
if it is enough when you take hundreds of thousands of tcp connections on
your system.  if you have proposal for a better value with concrete reasons,
let me know.
 2001-04-16 17:03:33 +00:00
thorpej
bf2dcec4f5 Remove the use of splimp() from the NetBSD kernel. splnet() 
and only splnet() is allowed for the protection of data structures
used by network devices.
 2001-04-13 23:29:55 +00:00
thorpej
b978c269f5 Delete SPL_IMP(). It is not used in IP Filter, and it aids me 
on my quest to eliminate the foul beast known as splimp.
 2001-04-12 19:41:53 +00:00
darrenr
0b6031033d fix fragment cache security hole 2001-04-06 15:32:40 +00:00
itojun
6e45c58f53 check ip_mtudisc only for TCP over IPv4. 
PMTUD is mandatory for TCP over IPv6 (if packets > 1280).
 2001-04-03 06:14:31 +00:00
itojun
4b72eeeee5 net.inet.ip.maxfragpackets defines the maximum size of ip reass queue 
(prevents fragment flood from chewing up mbuf memory space).
derived from KAME net.inet6.ip6.maxfragpackets.
 2001-03-27 02:24:38 +00:00
mike
fb2dc295a6 Resolve conflicts. 2001-03-26 06:11:46 +00:00
thorpej
20fe4e2d96 Add a protosw flag, PR_ABRTACPTDIS (Abort on Accept of Disconnected 
Socket), and add it to the protocols that use that behavior (all
PR_LISTEN protocols except for PF_LOCAL stream sockets).
 2001-03-21 19:22:27 +00:00
chs
5947ce8284 make this compile without rnd. 2001-03-21 03:35:11 +00:00