Commit Graph

48 Commits

Author SHA1 Message Date
itojun
9636351c96 u_short -> u_int16_t 2003-09-05 23:02:40 +00:00
itojun
82eb4ce914 change the additional arg to be passed to ip{,6}_output to struct socket *.
this fixes KAME policy lookup which was broken by the previous commit.
2003-08-22 21:53:01 +00:00
jonathan
28b5f5dfab (fast-ipsec): Add hooks to pass IPv4 IPsec traffic into fast-ipsec, if
configured with ``options FAST_IPSEC''.  Kernels with KAME IPsec or
with no IPsec should work as before.

All calls to ip_output() now always pass an additional compulsory
argument: the inpcb associated with the packet being sent,
or 0 if no inpcb is available.

Fast-ipsec tested with ICMP or UDP over ESP. TCP doesn't work, yet.
2003-08-15 03:42:00 +00:00
grant
6ecb99a75c fix grammatical error in a diagnostic message. 2003-05-06 17:54:27 +00:00
simonb
ac161ae918 Remove assigned-to but not used variable. 2003-02-23 04:20:06 +00:00
wiz
617b132aac Spell output with two ts. 2003-01-04 23:43:02 +00:00
itojun
c00fa8dfd9 avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE
optimization made last year.  should solve PR 17867 and 10195.

IP_HDRINCL behavior of raw ip socket is kept unchanged.  we may want to
provide IP_HDRINCL variant that does not swap endian.
2002-08-14 00:23:27 +00:00
itojun
dddc4be003 to be consistent with other sources, use "struct ip *ip", not inp.
(inp is usually used for pointing struct inpcb)
2002-08-12 05:22:57 +00:00
itojun
c9faadc40f return EPROTONOSUPPORT if unsupported protocol is specified 2002-06-10 17:40:26 +00:00
itojun
53b229d4cb don't abuse IFF_UP 2002-06-10 17:38:31 +00:00
itojun
c0a05a111d raise output errcnt 2002-06-10 17:30:16 +00:00
itojun
2d509e83c4 ENETDOWN if outer ip address is not configured.
plug mbuf leak while here.
2002-06-10 17:12:22 +00:00
itojun
ccdab26a23 don't use inner address configured by SIOCSIFADDR/DSTADDR
as outer addresses; now you need to configure outer address by
SIOCS*PHYADDR ("ifconfig tunnel").  as discussed on tech-net
2002-06-10 17:07:51 +00:00
itojun
7864ca478f deprecate IFF_LINK2, !IFF_LINK0 is enough.
no need to manipulate IFF_LINK1 with IFF_LINK0.
remove reference to greconfig(8).
2002-06-09 19:17:43 +00:00
itojun
4c4b38eb0b no need for if_addrlen be 4. From: Martin Husemann <martin@duskware.de> 2002-06-09 17:59:45 +00:00
itojun
c284599930 make sure to bzero sockaddr_in 2002-06-09 17:32:54 +00:00
itojun
9c95390f4a style 2002-06-09 17:22:41 +00:00
itojun
a8b0c39863 don't forget splx 2002-06-09 17:18:32 +00:00
itojun
04aa2a1c65 avoid code duplicate (route lookup) 2002-06-09 17:17:15 +00:00
itojun
1a5eede494 style 2002-06-09 17:13:31 +00:00
itojun
6f21655564 support SIOCSLIFPHYADDR, SIOCDIFPHYADDR and SIOCGLIFPHYADDR, so that
we can manipulate tunnel endpoint by ifconfig(8).
2002-06-09 17:10:09 +00:00
martin
aed31ed511 Change default MTU to 1476 (same value that Cisco uses).
Do not limit the MTU when set by the admin with ifconfig, per discussion
on tech-net.

This fixes PR 16761 from Jasper Wallace.
2002-06-09 09:45:39 +00:00
martin
a7d662b71c Clear M_BCAST and M_MCAST on outgoing mbufs.
Don't copy ttl from the inner packet to the encapsulating packet. Make
the outer ttl sysctl'able. This should close PR 14269 from Jasper Wallace
(change partly from there) and it makes traceroute work over gre tunnels.
2002-02-24 17:22:20 +00:00
martin
86c6c53869 Sanity check the tunnel route after computing it and don't mark the
interface up if there is no route or the route loops back to ourself.
This helps to avoid pilot errors which would result in kernel stack
overflows.
2001-11-24 15:46:08 +00:00
martin
c21931cf1d Make this respect down interfaces. 2001-11-24 00:21:27 +00:00
lukem
64a432d965 remove unnecessary #if NFOO > 0 .... #endif wrappers 2001-11-13 00:49:35 +00:00
lukem
34d65a3414 add RCSIDs 2001-11-12 23:49:33 +00:00
itojun
2c2ff2e32d one more indentation fix 2001-05-10 01:30:55 +00:00
itojun
b87cb9344b whitespace/indentation cleanup 2001-05-10 01:23:51 +00:00
itojun
dc452a48f6 no longer need to carry local version of inet_ntoa, we have it in libkern. 2001-05-10 01:04:08 +00:00
thorpej
d7333fb163 splimp -> splnet 2001-04-12 17:53:48 +00:00
itojun
ffc12ee678 explicitly use u_int32_t for DLT_NULL encapsulation.
correct gif address family.  from chopps, sync with kame.
2001-02-20 07:58:16 +00:00
thorpej
fc5dafc79b Fix a rather annoying problem where the sockaddr_dl which holds
the link level name for the interface (ifp->if_sadl) is allocated
before ifp->if_addrlen is initialized, which could lead to allocating
too little space for the link level address.

Do this by splitting allocation of the link level name out of
if_attach() and into if_alloc_sadl(), which is normally called
by functions like ether_ifattach().  Network interfaces which
don't have a link-specific attach routine must call if_alloc_sadl()
themselves (example: gif).

Link level names are freed by if_free_sadl(), which can be called
from e.g. ether_ifdetach().  Drivers never need call if_free_sadl()
themselves as if_detach() will do it if it is not already done.

While here, add the ability to pass an AF_LINK address to
SIOCSIFADDR in ether_ioctl() (this is what caused me to notice
the problem that the above fixes).
2001-01-17 00:30:49 +00:00
thorpej
ed7695a765 Fill in if_dlt. 2000-12-18 19:44:33 +00:00
thorpej
c5293456da Adapt to bpfattach() changes, and further centralize the bpfattach()
and bpfdetach() calls into link-type subroutines where possible.
2000-12-12 18:00:22 +00:00
martin
4a0283d9f0 Allow changing of settings via ioctl only for the superuser.
Fixes PR security/11524.
2000-11-19 18:48:44 +00:00
mjl
8358c07048 Add bpf tap to gre interface. 2000-08-25 00:51:20 +00:00
thorpej
9c86b65a92 Fix an omission in the gre cloning changes. 2000-07-05 22:45:25 +00:00
thorpej
4ec021cecf Make gre(4) a cloning network pseudo-device. 2000-07-05 18:14:13 +00:00
drochner
87568e8d82 defopt the XNS protocol (options NS), clean up the use of related
option headers / defines
1999-10-25 19:18:10 +00:00
explorer
12b25faeaf KNFify. Add LINK1 flag to turn off that address munging thing, for cases
where the tunnel endpoint is not the same as the remote GRE destination.
1999-06-28 07:52:38 +00:00
perry
d446fb449c exterminate ovbcopy. patches provided by Erik Bertelsen, pr-7145 1999-03-12 22:42:30 +00:00
hwr
fbd6e613b3 We no longer support IPIP (IP proto 4). 1999-01-26 21:21:14 +00:00
thorpej
6ae68b4feb Pull the IP-in-IP tunneling support out of the GRE code. It's not handled
by a separate IP-IP input path.

XXX Should eventually do the same thing for IPPROTO_MOBILE.
1999-01-11 21:32:13 +00:00
thorpej
588ccb2d75 Fix some typos in comments, and clean up some whitespace. 1998-10-07 23:33:02 +00:00
hwr
eaccb9cd8d Start supporting IPPROTO_MOBILE (55) encapsulation. This is yet
another tunneling protocol used by the Mobile-IP people. See RFC 2004
for this.
1998-09-30 05:59:27 +00:00
hwr
6831c842f3 The post 1.3.2 world is actually ready for this. 1998-09-13 21:39:49 +00:00
hwr
366b9c4515 Add a gre tunnel pseudo network device. Gre = generic route encapsulation.
This device shows up like any other network interface and can be used to
tunnel L3 protocols as e.g. IP over IP.
1998-09-13 20:27:47 +00:00