37f335b28b
The ieee1394 arp reply should be broadcast.
2002-06-24 21:25:34 +00:00
36f1c19838
Don't use a pointer before it is initialized.
2002-06-24 10:52:15 +00:00
570a3e1f3d
set ar_hrd for RFC-defined cases
2002-06-24 08:42:33 +00:00
e03a874f74
set ia as well
2002-06-24 08:11:30 +00:00
0143dfc42f
integrate IEEE1394 ARP into generic ARP logic.
...
XXX there's no check at all in ar_hrd, and we don't set ar_hrd on outgoing.
it seems like a bad thing.
2002-06-24 08:06:20 +00:00
c474c560dd
do not consult routing table under the following condition:
...
- the destination is IPv4 multicast or 255.255.255.255, and
- outgoing interface is specified via socket option
this simplifies operation of routed
(no longer reqiure 224.0.0.0/4 to be set up)
2002-06-24 08:01:35 +00:00
8038dd2cbe
Disable TCP Congestion Window Monitoring by default; there are
...
performance problems in the face of tinygrams.
2002-06-13 16:31:05 +00:00
9368c444df
set IPv4 parameter to modern value.
...
- turn on path MTU discovery (previous: turned off)
- ICMPv4 redirect entry timeout = 600 sec (previous: never timeout)
2002-06-13 16:25:54 +00:00
fa53d749ff
share policy-on-pcb for listening socket. sync w/kame
...
todo: share even more, avoid frequent updates of spidx
2002-06-11 19:39:59 +00:00
2a8a7da29d
style
2002-06-09 19:49:49 +00:00
f192b66b94
whitespace
2002-06-09 16:33:36 +00:00
39af55e317
enforce IPv4 link MTU for FDDI and ARCNET even in RTF_GATEWAY case.
...
PR 17151.
2002-06-09 05:09:26 +00:00
6d8d0d63d8
sync with latest KAME in6_ifaddr/prefix/default router manipulation.
...
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
use sysctl path instead.
- lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.
2002-06-08 21:22:29 +00:00
14df31ceb3
look at rmx_mtu on IPsec tunnel MTU computation.
...
From: David Waitzman <djw@bbn.com>
2002-06-07 13:43:47 +00:00
f45a8e9eb0
typo/bound check fix from YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
2002-06-05 13:11:34 +00:00
fb9b52398c
in mss clamping code, do not go past TCPOPT_EOL. enforce stricter
...
boundary checking. discussed on tech-net
2002-06-04 10:06:27 +00:00
0f40d327f4
make "keep state" work for SYN without win scale option.
2002-06-01 07:21:11 +00:00
02dd12d915
since if_mtu is u_long, use u_long for mtu.
2002-05-31 05:26:42 +00:00
5c1df51d53
attach nd_ifinfo structure into if_afdata.
...
split IPv6 link MTU (advertised by RA) from real link MTU.
sync with kame
2002-05-29 07:53:39 +00:00
ede265fffd
move per-interface ip6/icmp6 stat to ifnet->if_afdata. sync w/kame
2002-05-29 02:58:28 +00:00
bbc84065b6
use arc4random
2002-05-29 01:33:45 +00:00
4121fa09fc
correct in*_pcbrtentry. check cached value correctly.
2002-05-28 11:10:52 +00:00
b9f810de55
use arc4random() on tcp iss generation
2002-05-28 10:17:27 +00:00
d208a22daa
use arc4random() where possible.
...
XXX is it necessary to do microtime() on tcp syn cache?
2002-05-28 10:11:49 +00:00
7410ea60ca
in in*_pcbrtentry(), check if route is still valid (RTF_UP),
...
and address family is still valid.
2002-05-28 10:07:51 +00:00
3e7ae517e0
path MTU discovery blackhole detection.
...
PR 12790 (sorry for not committing it for a long time)
2002-05-26 16:05:43 +00:00
1b8d8d79a8
Define uint{8,32}_t locally, per XNS5.2/POSIX-2001, and use them in this
...
header where applicable; use private fixed-width integer types otherwise.
2002-05-13 13:34:32 +00:00
602066c0d6
Provide local definitions of in_{addr,port}_t in <netinet/in.h> and use
...
them where deemed appropriate by XNS5.2/POSIX-2001.
2002-05-12 23:04:15 +00:00
c03e11f081
Eliminate commons.
2002-05-12 20:33:50 +00:00
d30d25dc1a
Spelling fixes, from Sergey Svishchev in kern/16650.
2002-05-12 15:48:36 +00:00
31a6ad2757
backout 1.72. it is not correct for the kernel to remove routes by itself,
...
and the code was buggy (dereferenced null pointer when IFAFREE removes the
route).
2002-05-09 06:49:15 +00:00
e5555e5c26
Change struct ipqe to use TAILQ's instead of LIST's (primarily for TCP's
...
benefit currently). Rework tcp_reass code to optimize the 4 most likely causes
of out-of-order packets: first OoO pkt, next OoO pkt in seq, OoO pkt is part
of new chuck of OoO packets, and the OoO pkt fills the first hole. Add evcnts
to instrument tcp_reass (enabled by the options TCP_REASS_COUNTERS). This is
part 1/2 of tcp_reass changes.
2002-05-07 02:59:38 +00:00
6f5d858e4b
Fix compilation problems
2002-05-02 17:13:27 +00:00
e74092de02
Upgraded IPFilter to 3.4.27
2002-05-02 17:11:37 +00:00
9054daca3e
* Instrument tcp_build_datapkt().
...
* Remove the code that allocates a cluster if the packet would
fit in one; it totally defeats doing references to M_EXT mbufs
in the socket buffer. This drastically reduces the number of
data copies in the tcp_output() path for applications which use
large writes. Kudos to Matt Thomas for pointing me in the right
direction.
2002-04-27 01:47:58 +00:00
79b1afa490
Change test for M_EXT to M_READONLY for MROUTING. We only need to to do
...
a pullup if we aren't allowed to modify the packet.
2002-04-18 22:33:21 +00:00
45451927ec
correct variable initialization. reported by fujitsu folks
2002-04-10 09:18:57 +00:00
f0bde82437
Add missing #else
2002-04-09 02:20:10 +00:00
b10eb8758b
Disable the H.323 proxy again - it's too buggy to be supported option
...
for now. Suggested by Matthew Green and Bernd Ernesti.
2002-04-01 18:07:10 +00:00
af2aedbe22
put back ip_h323_pxy.c - the QNX licence seems to be okay upon
...
further examination
2002-04-01 16:50:08 +00:00
c56211c431
add __KERNEL_RCSID()
2002-04-01 16:47:46 +00:00
69b18217c3
add RCS IDs
2002-04-01 16:45:24 +00:00
905b8db7c7
add __KERNEL_RCSID()
2002-04-01 16:44:28 +00:00
cedc0276dc
Import H.323 proxy of IPFilter 3.4.25. Upon closer examination,
...
the QNX licence seems to be allow both non-commercial and commercial
use actually.
According to Darren, the H.323 proxy code is buggy ATM, but is imported
here for reference anyway.
2002-04-01 16:29:31 +00:00
2f227734df
do not consider /32 address itself as broadcast.
...
with /32 address, in_addr == in_broadaddr.
2002-03-30 00:40:32 +00:00
4f0742e306
Change the multicast/broadcast test to happen later, and when we are
...
in listen mode. Fixes panic with telnet ::1 port, where the port is an
ipv4 open port.
2002-03-24 17:09:01 +00:00
bd5373f4e2
no need to check in_broadaddr/IN_MULTICAST in dropwithreset label.
...
suggested by enami
2002-03-22 04:31:01 +00:00
1f14081709
make sure we don't touch "ip" in IPv6 path
2002-03-22 03:21:13 +00:00
9c8babbd46
Drop connections to the broadcast address. From BUGTRAQ. This is a security
...
issue because it can by-pass ipf rules unintentionally.
2002-03-19 14:35:20 +00:00
38f3d28842
have tcp6_drain
2002-03-15 09:25:41 +00:00
58d564bc8c
Add MSS clamping to the IP Filter NAT subsystem.
...
Configured by a new option "mssclamp" in NAT rules, like:
map pppoe0 192.168.1.0/24 -> 0/32 mssclamp 1452
This is based on work by Xiaodan Tang <xtang@qnx.com>.
2002-03-14 21:46:54 +00:00
dd7a744e5a
Added (char *) for pointer arithmetic
2002-03-14 12:34:29 +00:00
3e033bc0f1
Removed unused proxy file
2002-03-14 12:34:25 +00:00
83b3487b70
Upgraded IPFilter to 3.4.25
2002-03-14 12:32:36 +00:00
7f7fe98c2c
support tcp_log_refused for IPv6. From: Andrew Brown <atatat@atatdot.net>
2002-03-12 04:36:47 +00:00
0039b1300a
KNFify my last change.
2002-03-11 10:06:12 +00:00
a180cee23b
Pool deals fairly well with physical memory shortage, but it doesn't
...
deal with shortages of the VM maps where the backing pages are mapped
(usually kmem_map). Try to deal with this:
* Group all information about the backend allocator for a pool in a
separate structure. The pool references this structure, rather than
the individual fields.
* Change the pool_init() API accordingly, and adjust all callers.
* Link all pools using the same backend allocator on a list.
* The backend allocator is responsible for waiting for physical memory
to become available, but will still fail if it cannot callocate KVA
space for the pages. If this happens, carefully drain all pools using
the same backend allocator, so that some KVA space can be freed.
* Change pool_reclaim() to indicate if it actually succeeded in freeing
some pages, and use that information to make draining easier and more
efficient.
* Get rid of PR_URGENT. There was only one use of it, and it could be
dealt with by the caller.
From art@openbsd.org .
2002-03-08 20:48:27 +00:00
ac36f7cb2c
bring in latest ALTQ from kjc. ALTQify some of the drivers.
2002-03-05 04:12:57 +00:00
3406f0a3dd
The "gif*" tunnelling interface does everything ipip does.
...
Move usage example from ipip.4 to gif.4
Excise ipip and stitch up the scars.
2002-03-04 13:24:06 +00:00
1caa35aa0f
In tcp_segsize(), move a label so that option length is considered
...
when using the default TCP MSS as well. From Matt Thomas.
2002-03-01 22:54:09 +00:00
10444ca48f
In in_savemkludge() and in_restoremkludge(), don't insert into a new
...
list without removing from the old one first.
From Matt Thomas.
2002-03-01 22:51:28 +00:00
75c5a16cfc
Enforce a lower bound of 32 for tcp_mssdflt.
...
This avoids kernel crashes when we don't handle nonsensial values
like 0 gracefully. Better check here once beforehand than having to
check for non meaningful values in time critical paths (like tcp_output).
Fixes PR 15709.
2002-02-28 20:26:17 +00:00
8832af6e59
correctly enforce ipsec policy check on forwarding case.
...
From: Greg Troxel <gdt@ir.bbn.com>, Bill Chiarchiaro <wjc@work.cleartech.com>
2002-02-25 02:17:55 +00:00
a7d662b71c
Clear M_BCAST and M_MCAST on outgoing mbufs.
...
Don't copy ttl from the inner packet to the encapsulating packet. Make
the outer ttl sysctl'able. This should close PR 14269 from Jasper Wallace
(change partly from there) and it makes traceroute work over gre tunnels.
2002-02-24 17:22:20 +00:00
61e29fb60a
Sean amended his patch not to include the IFAFREE()
2002-02-21 22:39:17 +00:00
2446cd0b68
PR/15662: Sean Boudreau: make sure we clean all routes of an interface when
...
we change its ip address.
2002-02-21 21:59:16 +00:00
9c68db2bfc
suppress source quence message, based on router-req RFC (also could be abused
...
as DoS traffic generator). from kjc/kame
2002-02-21 08:39:33 +00:00
35a343b018
IFF_POINTTOPOINT interfaces can also transmit packets to broadcast
...
destinations.
2002-02-07 21:47:45 +00:00
eb79ee01a8
ip_mloopback(): process the delayed checksum on the copy, not
...
the original mbuf.
2002-02-06 18:00:01 +00:00
d303c80bfb
correct bad ip checksum on multicast loopback packet. PR14597
2002-01-31 07:45:22 +00:00
b035470c38
Fixed initialization
2002-01-24 08:24:59 +00:00
7a8f11612c
Re-sync with IPFilter
2002-01-24 08:23:40 +00:00
b9920d0f43
Upgraded IPFilter to 3.4.23
2002-01-24 08:21:30 +00:00
b0499f9062
Import IPFilter 3.4.23
2002-01-24 08:18:28 +00:00
a709c83618
place NRL copyright notice itself, not a reference to it.
2002-01-24 02:12:29 +00:00
ae1b9c29e9
make sure to check address family on route cache. with IPv4 mapped
...
address we can see both AF_INET/INET6.
2002-01-22 03:53:55 +00:00
1cc58965b6
don't panic when there's no interface address exist for the specified multicast
...
outgoing interface (ia == NULL after IFP_TO_IA).
historic behavior (up to revision 1.43) was to use 0.0.0.0 as source address,
but it seems like a mistake according to RFC1112/1122.
2002-01-08 10:05:13 +00:00
28922b9973
use radix table for inbound tunnel lookup (would increase performance
...
for machines with a lot of tunnels).
update route cache for IPvX-over-IPv6 tunnel on path MTU discovery.
snyc with kame
2001-12-21 06:30:43 +00:00
af7e7f7b93
whitespace. protect from multiple inclusion. sync with kame
2001-12-21 04:11:24 +00:00
9fe96e61e6
call rip_ctlinput on icmp4 inputs
2001-12-21 04:07:25 +00:00
745e191850
move protosw fragment for gif/stf to their own source code.
...
reduce #ifdef in stf code. sync with kame
2001-12-21 03:21:50 +00:00
f05aaf1533
have packed attribute to protocol structs. sync with kame
2001-12-21 02:52:18 +00:00
dde7f16c1c
have rip_ctlinput to notify routing changes to raw sockets
...
(protosw change to be done). sync with kame
2001-12-21 02:51:47 +00:00
f504aee318
comment and whitespace. sync with kame
2001-12-21 02:51:08 +00:00
a36173e7a6
whitespace. sync with kame
2001-12-21 02:50:28 +00:00
33429d0612
correct timing to increment icmp6 MIB variables. sync with kame
2001-12-07 10:10:43 +00:00
078a8c0cc3
Fix TCP segment size computation. From Rick Byersm, PR kern/14799.
2001-12-03 01:45:43 +00:00
dd626d89c9
recompute hlen after calling pfil_run_hooks() in case ip_hl was changed.
2001-11-28 09:25:13 +00:00
c23ea6c341
update outgoing ifp, only if tunnel mode ipsec is used. this is to
...
honor IP_MULTICAST_IF setsockopt on ipsec-over-multicast. sync with kame
2001-11-21 06:28:08 +00:00
0fa231134c
- replace "defopt" with "defparam" for options which must take a value,
...
as config(8) will warn for value-less defparam options
- minor whitespace/formatting cleanup
- consolidate opt_tcp_recvspace.h and opt_tcp_sendspace.h into opt_tcp_space.h
2001-11-20 14:34:18 +00:00
2565646230
don't need <sys/types.h> when including <sys/param.h>
2001-11-15 09:47:59 +00:00
ea1cd7eb08
add RCSIDs
2001-11-13 00:32:34 +00:00
e2df911079
do not grab packet to joined multicast group, when ip6_dst and in6p_laddr
...
mismatches. it makes the behavior more closer to 4.4BSD IPv4 code.
sync with kame
2001-11-07 06:30:50 +00:00
da5a70805c
Convert netinet to not use the internal <sys/queue.h> field names
...
but instead the access macros. Use the FOREACH macros where appropriate.
2001-11-04 20:55:25 +00:00
47577dca93
Change a few variable/tables to const since they are read-only.
2001-11-04 13:42:27 +00:00
af71a3871d
Keep only one mtu_table (the two were identical except for
...
one value - 65280).
2001-11-04 13:38:50 +00:00
e4b5b62a3d
array boundary overflow on the use of IPv4 mapped address. from simonb
2001-11-02 02:37:50 +00:00
77c99e8c60
Add in support for timing out IPv4 routes added due to redirects,
...
as discussed in tech-net several weeks ago. It turned out that
KAME had already added this functionality to the IPv6 stack, so
I followed their example in adding the sysctl variables
net.inet.icmp.rediraccept and net.inet.icmp.redirtimeout.
2001-10-30 06:41:09 +00:00
5f717f7c33
Don't need to include <uvm/uvm_extern.h> just to include <sys/sysctl.h>
...
anymore.
2001-10-29 07:02:30 +00:00
c7e6405a34
remove unused codepath (unifdef -UUDP6)
2001-10-24 06:04:08 +00:00
enami