itojun
9636351c96
u_short -> u_int16_t
2003-09-05 23:02:40 +00:00
itojun
82eb4ce914
change the additional arg to be passed to ip{,6}_output to struct socket *.
...
this fixes KAME policy lookup which was broken by the previous commit.
2003-08-22 21:53:01 +00:00
jonathan
28b5f5dfab
(fast-ipsec): Add hooks to pass IPv4 IPsec traffic into fast-ipsec, if
...
configured with ``options FAST_IPSEC''. Kernels with KAME IPsec or
with no IPsec should work as before.
All calls to ip_output() now always pass an additional compulsory
argument: the inpcb associated with the packet being sent,
or 0 if no inpcb is available.
Fast-ipsec tested with ICMP or UDP over ESP. TCP doesn't work, yet.
2003-08-15 03:42:00 +00:00
grant
6ecb99a75c
fix grammatical error in a diagnostic message.
2003-05-06 17:54:27 +00:00
simonb
ac161ae918
Remove assigned-to but not used variable.
2003-02-23 04:20:06 +00:00
wiz
617b132aac
Spell output with two ts.
2003-01-04 23:43:02 +00:00
itojun
c00fa8dfd9
avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE
...
optimization made last year. should solve PR 17867 and 10195.
IP_HDRINCL behavior of raw ip socket is kept unchanged. we may want to
provide IP_HDRINCL variant that does not swap endian.
2002-08-14 00:23:27 +00:00
itojun
dddc4be003
to be consistent with other sources, use "struct ip *ip", not inp.
...
(inp is usually used for pointing struct inpcb)
2002-08-12 05:22:57 +00:00
itojun
c9faadc40f
return EPROTONOSUPPORT if unsupported protocol is specified
2002-06-10 17:40:26 +00:00
itojun
53b229d4cb
don't abuse IFF_UP
2002-06-10 17:38:31 +00:00
itojun
c0a05a111d
raise output errcnt
2002-06-10 17:30:16 +00:00
itojun
2d509e83c4
ENETDOWN if outer ip address is not configured.
...
plug mbuf leak while here.
2002-06-10 17:12:22 +00:00
itojun
ccdab26a23
don't use inner address configured by SIOCSIFADDR/DSTADDR
...
as outer addresses; now you need to configure outer address by
SIOCS*PHYADDR ("ifconfig tunnel"). as discussed on tech-net
2002-06-10 17:07:51 +00:00
itojun
7864ca478f
deprecate IFF_LINK2, !IFF_LINK0 is enough.
...
no need to manipulate IFF_LINK1 with IFF_LINK0.
remove reference to greconfig(8).
2002-06-09 19:17:43 +00:00
itojun
4c4b38eb0b
no need for if_addrlen be 4. From: Martin Husemann <martin@duskware.de>
2002-06-09 17:59:45 +00:00
itojun
c284599930
make sure to bzero sockaddr_in
2002-06-09 17:32:54 +00:00
itojun
9c95390f4a
style
2002-06-09 17:22:41 +00:00
itojun
a8b0c39863
don't forget splx
2002-06-09 17:18:32 +00:00
itojun
04aa2a1c65
avoid code duplicate (route lookup)
2002-06-09 17:17:15 +00:00
itojun
1a5eede494
style
2002-06-09 17:13:31 +00:00
itojun
6f21655564
support SIOCSLIFPHYADDR, SIOCDIFPHYADDR and SIOCGLIFPHYADDR, so that
...
we can manipulate tunnel endpoint by ifconfig(8).
2002-06-09 17:10:09 +00:00
martin
aed31ed511
Change default MTU to 1476 (same value that Cisco uses).
...
Do not limit the MTU when set by the admin with ifconfig, per discussion
on tech-net.
This fixes PR 16761 from Jasper Wallace.
2002-06-09 09:45:39 +00:00
martin
a7d662b71c
Clear M_BCAST and M_MCAST on outgoing mbufs.
...
Don't copy ttl from the inner packet to the encapsulating packet. Make
the outer ttl sysctl'able. This should close PR 14269 from Jasper Wallace
(change partly from there) and it makes traceroute work over gre tunnels.
2002-02-24 17:22:20 +00:00
martin
86c6c53869
Sanity check the tunnel route after computing it and don't mark the
...
interface up if there is no route or the route loops back to ourself.
This helps to avoid pilot errors which would result in kernel stack
overflows.
2001-11-24 15:46:08 +00:00
martin
c21931cf1d
Make this respect down interfaces.
2001-11-24 00:21:27 +00:00
lukem
64a432d965
remove unnecessary #if NFOO > 0 .... #endif wrappers
2001-11-13 00:49:35 +00:00
lukem
34d65a3414
add RCSIDs
2001-11-12 23:49:33 +00:00
itojun
2c2ff2e32d
one more indentation fix
2001-05-10 01:30:55 +00:00
itojun
b87cb9344b
whitespace/indentation cleanup
2001-05-10 01:23:51 +00:00
itojun
dc452a48f6
no longer need to carry local version of inet_ntoa, we have it in libkern.
2001-05-10 01:04:08 +00:00
thorpej
d7333fb163
splimp -> splnet
2001-04-12 17:53:48 +00:00
itojun
ffc12ee678
explicitly use u_int32_t for DLT_NULL encapsulation.
...
correct gif address family. from chopps, sync with kame.
2001-02-20 07:58:16 +00:00
thorpej
fc5dafc79b
Fix a rather annoying problem where the sockaddr_dl which holds
...
the link level name for the interface (ifp->if_sadl) is allocated
before ifp->if_addrlen is initialized, which could lead to allocating
too little space for the link level address.
Do this by splitting allocation of the link level name out of
if_attach() and into if_alloc_sadl(), which is normally called
by functions like ether_ifattach(). Network interfaces which
don't have a link-specific attach routine must call if_alloc_sadl()
themselves (example: gif).
Link level names are freed by if_free_sadl(), which can be called
from e.g. ether_ifdetach(). Drivers never need call if_free_sadl()
themselves as if_detach() will do it if it is not already done.
While here, add the ability to pass an AF_LINK address to
SIOCSIFADDR in ether_ioctl() (this is what caused me to notice
the problem that the above fixes).
2001-01-17 00:30:49 +00:00
thorpej
ed7695a765
Fill in if_dlt.
2000-12-18 19:44:33 +00:00
thorpej
c5293456da
Adapt to bpfattach() changes, and further centralize the bpfattach()
...
and bpfdetach() calls into link-type subroutines where possible.
2000-12-12 18:00:22 +00:00
martin
4a0283d9f0
Allow changing of settings via ioctl only for the superuser.
...
Fixes PR security/11524.
2000-11-19 18:48:44 +00:00
mjl
8358c07048
Add bpf tap to gre interface.
2000-08-25 00:51:20 +00:00
thorpej
9c86b65a92
Fix an omission in the gre cloning changes.
2000-07-05 22:45:25 +00:00
thorpej
4ec021cecf
Make gre(4) a cloning network pseudo-device.
2000-07-05 18:14:13 +00:00
drochner
87568e8d82
defopt the XNS protocol (options NS), clean up the use of related
...
option headers / defines
1999-10-25 19:18:10 +00:00
explorer
12b25faeaf
KNFify. Add LINK1 flag to turn off that address munging thing, for cases
...
where the tunnel endpoint is not the same as the remote GRE destination.
1999-06-28 07:52:38 +00:00
perry
d446fb449c
exterminate ovbcopy. patches provided by Erik Bertelsen, pr-7145
1999-03-12 22:42:30 +00:00
hwr
fbd6e613b3
We no longer support IPIP (IP proto 4).
1999-01-26 21:21:14 +00:00
thorpej
6ae68b4feb
Pull the IP-in-IP tunneling support out of the GRE code. It's not handled
...
by a separate IP-IP input path.
XXX Should eventually do the same thing for IPPROTO_MOBILE.
1999-01-11 21:32:13 +00:00
thorpej
588ccb2d75
Fix some typos in comments, and clean up some whitespace.
1998-10-07 23:33:02 +00:00
hwr
eaccb9cd8d
Start supporting IPPROTO_MOBILE (55) encapsulation. This is yet
...
another tunneling protocol used by the Mobile-IP people. See RFC 2004
for this.
1998-09-30 05:59:27 +00:00
hwr
6831c842f3
The post 1.3.2 world is actually ready for this.
1998-09-13 21:39:49 +00:00
hwr
366b9c4515
Add a gre tunnel pseudo network device. Gre = generic route encapsulation.
...
This device shows up like any other network interface and can be used to
tunnel L3 protocols as e.g. IP over IP.
1998-09-13 20:27:47 +00:00