Commit Graph

49 Commits

Author SHA1 Message Date
itojun 235e090dea gi_len is ip_len, so it has to be network byteorder. markus friedl 2003-12-11 00:22:29 +00:00
itojun 9636351c96 u_short -> u_int16_t 2003-09-05 23:02:40 +00:00
itojun 82eb4ce914 change the additional arg to be passed to ip{,6}_output to struct socket *.
this fixes KAME policy lookup which was broken by the previous commit.
2003-08-22 21:53:01 +00:00
jonathan 28b5f5dfab (fast-ipsec): Add hooks to pass IPv4 IPsec traffic into fast-ipsec, if
configured with ``options FAST_IPSEC''.  Kernels with KAME IPsec or
with no IPsec should work as before.

All calls to ip_output() now always pass an additional compulsory
argument: the inpcb associated with the packet being sent,
or 0 if no inpcb is available.

Fast-ipsec tested with ICMP or UDP over ESP. TCP doesn't work, yet.
2003-08-15 03:42:00 +00:00
grant 6ecb99a75c fix grammatical error in a diagnostic message. 2003-05-06 17:54:27 +00:00
simonb ac161ae918 Remove assigned-to but not used variable. 2003-02-23 04:20:06 +00:00
wiz 617b132aac Spell output with two ts. 2003-01-04 23:43:02 +00:00
itojun c00fa8dfd9 avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE
optimization made last year.  should solve PR 17867 and 10195.

IP_HDRINCL behavior of raw ip socket is kept unchanged.  we may want to
provide IP_HDRINCL variant that does not swap endian.
2002-08-14 00:23:27 +00:00
itojun dddc4be003 to be consistent with other sources, use "struct ip *ip", not inp.
(inp is usually used for pointing struct inpcb)
2002-08-12 05:22:57 +00:00
itojun c9faadc40f return EPROTONOSUPPORT if unsupported protocol is specified 2002-06-10 17:40:26 +00:00
itojun 53b229d4cb don't abuse IFF_UP 2002-06-10 17:38:31 +00:00
itojun c0a05a111d raise output errcnt 2002-06-10 17:30:16 +00:00
itojun 2d509e83c4 ENETDOWN if outer ip address is not configured.
plug mbuf leak while here.
2002-06-10 17:12:22 +00:00
itojun ccdab26a23 don't use inner address configured by SIOCSIFADDR/DSTADDR
as outer addresses; now you need to configure outer address by
SIOCS*PHYADDR ("ifconfig tunnel").  as discussed on tech-net
2002-06-10 17:07:51 +00:00
itojun 7864ca478f deprecate IFF_LINK2, !IFF_LINK0 is enough.
no need to manipulate IFF_LINK1 with IFF_LINK0.
remove reference to greconfig(8).
2002-06-09 19:17:43 +00:00
itojun 4c4b38eb0b no need for if_addrlen be 4. From: Martin Husemann <martin@duskware.de> 2002-06-09 17:59:45 +00:00
itojun c284599930 make sure to bzero sockaddr_in 2002-06-09 17:32:54 +00:00
itojun 9c95390f4a style 2002-06-09 17:22:41 +00:00
itojun a8b0c39863 don't forget splx 2002-06-09 17:18:32 +00:00
itojun 04aa2a1c65 avoid code duplicate (route lookup) 2002-06-09 17:17:15 +00:00
itojun 1a5eede494 style 2002-06-09 17:13:31 +00:00
itojun 6f21655564 support SIOCSLIFPHYADDR, SIOCDIFPHYADDR and SIOCGLIFPHYADDR, so that
we can manipulate tunnel endpoint by ifconfig(8).
2002-06-09 17:10:09 +00:00
martin aed31ed511 Change default MTU to 1476 (same value that Cisco uses).
Do not limit the MTU when set by the admin with ifconfig, per discussion
on tech-net.

This fixes PR 16761 from Jasper Wallace.
2002-06-09 09:45:39 +00:00
martin a7d662b71c Clear M_BCAST and M_MCAST on outgoing mbufs.
Don't copy ttl from the inner packet to the encapsulating packet. Make
the outer ttl sysctl'able. This should close PR 14269 from Jasper Wallace
(change partly from there) and it makes traceroute work over gre tunnels.
2002-02-24 17:22:20 +00:00
martin 86c6c53869 Sanity check the tunnel route after computing it and don't mark the
interface up if there is no route or the route loops back to ourself.
This helps to avoid pilot errors which would result in kernel stack
overflows.
2001-11-24 15:46:08 +00:00
martin c21931cf1d Make this respect down interfaces. 2001-11-24 00:21:27 +00:00
lukem 64a432d965 remove unnecessary #if NFOO > 0 .... #endif wrappers 2001-11-13 00:49:35 +00:00
lukem 34d65a3414 add RCSIDs 2001-11-12 23:49:33 +00:00
itojun 2c2ff2e32d one more indentation fix 2001-05-10 01:30:55 +00:00
itojun b87cb9344b whitespace/indentation cleanup 2001-05-10 01:23:51 +00:00
itojun dc452a48f6 no longer need to carry local version of inet_ntoa, we have it in libkern. 2001-05-10 01:04:08 +00:00
thorpej d7333fb163 splimp -> splnet 2001-04-12 17:53:48 +00:00
itojun ffc12ee678 explicitly use u_int32_t for DLT_NULL encapsulation.
correct gif address family.  from chopps, sync with kame.
2001-02-20 07:58:16 +00:00
thorpej fc5dafc79b Fix a rather annoying problem where the sockaddr_dl which holds
the link level name for the interface (ifp->if_sadl) is allocated
before ifp->if_addrlen is initialized, which could lead to allocating
too little space for the link level address.

Do this by splitting allocation of the link level name out of
if_attach() and into if_alloc_sadl(), which is normally called
by functions like ether_ifattach().  Network interfaces which
don't have a link-specific attach routine must call if_alloc_sadl()
themselves (example: gif).

Link level names are freed by if_free_sadl(), which can be called
from e.g. ether_ifdetach().  Drivers never need call if_free_sadl()
themselves as if_detach() will do it if it is not already done.

While here, add the ability to pass an AF_LINK address to
SIOCSIFADDR in ether_ioctl() (this is what caused me to notice
the problem that the above fixes).
2001-01-17 00:30:49 +00:00
thorpej ed7695a765 Fill in if_dlt. 2000-12-18 19:44:33 +00:00
thorpej c5293456da Adapt to bpfattach() changes, and further centralize the bpfattach()
and bpfdetach() calls into link-type subroutines where possible.
2000-12-12 18:00:22 +00:00
martin 4a0283d9f0 Allow changing of settings via ioctl only for the superuser.
Fixes PR security/11524.
2000-11-19 18:48:44 +00:00
mjl 8358c07048 Add bpf tap to gre interface. 2000-08-25 00:51:20 +00:00
thorpej 9c86b65a92 Fix an omission in the gre cloning changes. 2000-07-05 22:45:25 +00:00
thorpej 4ec021cecf Make gre(4) a cloning network pseudo-device. 2000-07-05 18:14:13 +00:00
drochner 87568e8d82 defopt the XNS protocol (options NS), clean up the use of related
option headers / defines
1999-10-25 19:18:10 +00:00
explorer 12b25faeaf KNFify. Add LINK1 flag to turn off that address munging thing, for cases
where the tunnel endpoint is not the same as the remote GRE destination.
1999-06-28 07:52:38 +00:00
perry d446fb449c exterminate ovbcopy. patches provided by Erik Bertelsen, pr-7145 1999-03-12 22:42:30 +00:00
hwr fbd6e613b3 We no longer support IPIP (IP proto 4). 1999-01-26 21:21:14 +00:00
thorpej 6ae68b4feb Pull the IP-in-IP tunneling support out of the GRE code. It's not handled
by a separate IP-IP input path.

XXX Should eventually do the same thing for IPPROTO_MOBILE.
1999-01-11 21:32:13 +00:00
thorpej 588ccb2d75 Fix some typos in comments, and clean up some whitespace. 1998-10-07 23:33:02 +00:00
hwr eaccb9cd8d Start supporting IPPROTO_MOBILE (55) encapsulation. This is yet
another tunneling protocol used by the Mobile-IP people. See RFC 2004
for this.
1998-09-30 05:59:27 +00:00
hwr 6831c842f3 The post 1.3.2 world is actually ready for this. 1998-09-13 21:39:49 +00:00
hwr 366b9c4515 Add a gre tunnel pseudo network device. Gre = generic route encapsulation.
This device shows up like any other network interface and can be used to
tunnel L3 protocols as e.g. IP over IP.
1998-09-13 20:27:47 +00:00