netstat uses sysctlbyname to get counter data from the kernel.
sysctlbyname fails with ENOMEM if actual counter data in the kernel is
larger than a passed buffer. netstat just skips showing counters of a
category if sysctlbyname fails, so if we added new counters of the
category to the kernel, nestat shows nothing for the category.
Fortunately sysctlbyname fills data as much as possible even if a passed
buffer is short. So we can allow netstat to show the filled data anyway
if sysctlbyname fails with ENOMEM.
Note that this backcompat mechanism works only if new counters are
appended, and doesn't work if new counters are inserted into the middle
or counters are moved.
GCC_NO_FORMAT_TRUNCATION -Wno-format-truncation (GCC 7/8)
GCC_NO_STRINGOP_TRUNCATION -Wno-stringop-truncation (GCC 8)
GCC_NO_STRINGOP_OVERFLOW -Wno-stringop-overflow (GCC 8)
GCC_NO_CAST_FUNCTION_TYPE -Wno-cast-function-type (GCC 8)
use these to turn off warnings for most GCC-8 complaints. many
of these are false positives, most of the real bugs are already
commited, or are yet to come.
we plan to introduce versions of (some?) of these that use the
"-Wno-error=" form, which still displays the warnings but does
not make it an error, and all of the above will be re-considered
as either being "fix me" (warning still displayed) or "warning
is wrong."
compatibility with BIOC[GS]SEESENT ioctl. The userland interface is the same
as FreeBSD.
This change also fixes a bug that the direction is misunderstand on some
environment by passing the direction to bpf_mtap*() instead of checking
m->m_pkthdr.rcvif.
and RFC4286 (Multicast Router Discovery.) and as shown in the IANA
parameters page available at:
https://www.ietf.org/assignments/icmpv6-parameters/icmpv6-parameters.txt
Also make the array be explicitly 256 entries long, one for each possible
code, which will detect attempts to insert names without deleting the
place holder (and mean a good solid NULL de-ref if too many place holders
are deleted, rather than just random results.)
- Get rid of "Fast"
- Use ipsec and ipsec6 for titles to clarify protocol
- Indent outputs of sub protocols
Original outputs were organized like this:
(Fast) IPsec:
IPsec ah:
IPsec esp:
IPsec ipip:
IPsec ipcomp:
(Fast) IPsec:
IPsec ah:
IPsec esp:
IPsec ipip:
IPsec ipcomp:
New outputs are organized like this:
ipsec:
ah:
esp:
ipip:
ipcomp:
ipsec6:
ah:
esp:
ipip:
ipcomp:
For unknown reasons, IPv6 multicast addresses are linked to a first
IPv6 address assigned to an interface. Due to the design, when removing
a first address having multicast addresses, we need to save them to
somewhere and later restore them once a new IPv6 address is activated.
mkludge stuffs support the operations.
This change links multicast addresses to an interface directly and
throws the kludge away.
Note that as usual some obsolete member variables remain for kvm(3)
users. And also sysctl net.inet6.multicast_kludge remains to avoid
breaking old ifmcstat.
TODO: currently ifnet has a list of in6_multi but obviously the list
should be protocol independent. Provide a common structure (if_multi
or something) to handle in6_multi and in_multi together as well as
ifaddr does for in_ifaddr and in6_ifaddr.
netstat appends '*' to the name of an interface without IFF_UP, so
if_nametoindex which is used in mc_print fails. mc_print needs just
an interface index so pass it instead of a tweaked interface name.
default, build a handful of tools as n64 so they work properly.
unfortunately, they're also static as dynamic n64 has a problem.
of these tools pstat is probably the lowest hanging fruit to convert
to sysctl. systat would be close were it not for the netstat screen,
which includes netstat itself.
the rest are difficult to perhaps foolish.
the upside is that netstat, pmap and fstat all work properly now.
loop, to use signals properly. There are two copies of this code; one
uses kvm and the other uses sysctls. One copy had been updated to use
sigset_t and sigsuspend; the other was using vintage sigpause(). Sync
up the code so both use sigpause. Also, use sig_atomic_t, and block
SIGALRM when not waiting for it to avoid a small and unlikely but real
race.
Since the non-modernized copy of the code *had* for some been
modernized to use setitimer instead of just alarm(), propagate that
change to the other copy.
These copies could share more logic than they do.
(-ia) and comment in the code where this is missing?
XXX: should that be an ioctl or sysctl? provide getifmultiaddrs() via the
routing socket? I guess since this is just for netstat a simple sysctl or
ioctl would suffice. I lean towards sysctl.
By this change, nexthop caches (IP-MAC address pair) are not stored
in the routing table anymore. Instead nexthop caches are stored in
each network interface; we already have lltable/llentry data structure
for this purpose. This change also obsoletes the concept of cloning/cloned
routes. Cloned routes no longer exist while cloning routes still exist
with renamed to connected routes.
Noticeable changes are:
- Nexthop caches aren't listed in route show/netstat -r
- sysctl(NET_RT_DUMP) doesn't return them
- If RTF_LLDATA is specified, it returns nexthop caches
- Several definitions of routing flags and messages are removed
- RTF_CLONING, RTF_XRESOLVE, RTF_LLINFO, RTF_CLONED and RTM_RESOLVE
- RTF_CONNECTED is added
- It has the same value of RTF_CLONING for backward compatibility
- route's -xresolve, -[no]cloned and -llinfo options are removed
- -[no]cloning remains because it seems there are users
- -[no]connected is introduced and recommended
to be used instead of -[no]cloning
- route show/netstat -r drops some flags
- 'L' and 'c' are not seen anymore
- 'C' now indicates a connected route
- Gateway value of a route of an interface address is now not
a L2 address but "link#N" like a connected (cloning) route
- Proxy ARP: "arp -s ... pub" doesn't create a route
You can know details of behavior changes by seeing diffs under tests/.
Proposed on tech-net and tech-kern:
http://mail-index.netbsd.org/tech-net/2016/03/11/msg005701.html