Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
71,531 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

803 Commits

Author SHA1 Message Date
itojun ca777cb72c add an DIAGNOSTIC case for MCLBYTES assumption 2000-07-23 05:00:01 +00:00
itojun f5211e847a remove m_pulldown statistics code. it is highly experimental and belong 
to kame tree only (not for *bsd).
 2000-07-13 05:34:21 +00:00
itojun ab492849bc implement net.inet.icmp.errppslimit. 
make default value for net.inet.icmp.erratelimit to 0, as < 10ms value
does not do the right thing.
 2000-07-10 09:31:29 +00:00
itojun 8a661b9beb be more cautious about tcp option length field. drop bogus ones earlier. 
not sure if there is a real threat or not, but it seems that there's
possibility for overrun/underrun (like non-NOP option with optlen > cnt).
 2000-07-09 12:49:08 +00:00
itojun ec67eee51f sync with kame. 
introduce in6_{recover,embed}scope, for in-kernel scoped-address manipulation.
improve in6_pcbnotify.
 2000-07-07 15:54:16 +00:00
itojun 210a3e2f80 remove unnecessary #include <netkey/key_debug.h>. from kame. 2000-07-06 12:51:39 +00:00
itojun 0a1e211454 - do not use bitfield for router renumbering header. 
- add protection mechanism against ND cache corruption due to bad NUD hints.
- more stats
- icmp6 pps limitation.  TOOD: should implement ppsratecheck(9).
 2000-07-06 12:36:18 +00:00
thorpej 70140a566d Some slight cleanup. 2000-07-06 04:34:26 +00:00
thorpej 9c86b65a92 Fix an omission in the gre cloning changes. 2000-07-05 22:45:25 +00:00
thorpej 6a900bc9ff Fix some zero-vs-NULL confusion. 2000-07-05 21:45:14 +00:00
thorpej f77f419c50 Make that note that we really should be checking the viftable 
in ip_mroute.c for duplicate tunnel entries, too.  Well, what
really needs to happen is that the mrouting code needs to be
changed to work w/ `gif' tunnels... but...
 2000-07-05 21:32:51 +00:00
thorpej 4348603862 RFCs 1853, 2003, 2401 -- copy the DF bit. 2000-07-05 21:01:38 +00:00
thorpej e5c397199f Use LIST_HEAD_INITIALIZER(), for correctness sake. 2000-07-05 18:45:26 +00:00
christos f142d4254d added a linted comment about non-portable bitfields. Unfortunately it cannot 
be fixed portably.
 2000-07-05 02:45:03 +00:00
itojun f0d7296dc1 typo in previous 2000-07-02 21:25:41 +00:00
itojun e29fba4ba7 do not touch struct ip6stat on non-INET6 compilation. 
From: Paul Goyette <paul@whooppee.com>
 2000-07-02 21:05:41 +00:00
itojun 8ff902fca1 repair kernel faithd(8) support. there were two mistakes: 
(1) tcp6_input dropped packets for translation
(2) in6_pcblookup_connect was too strict
 2000-07-02 08:04:10 +00:00
sommerfeld 8f2d5e3219 Don't rate-limit ICMP errors from packets we send to ourselves. 
The dns resolver depends on reliably receiving errors to allow it to
quickly detect a dead local nameserver.
 2000-07-01 21:46:40 +00:00
thorpej c8875e6066 Pass the correct destination address for the route-to-gateway case. 
From Zdenek Salvet, kern/10483.
 2000-06-30 19:43:53 +00:00
itojun 23f6a4f4e8 remove old mbuf assumption (ip header and tcp header are on the same mbuf). 
this is for m_pulldown use. (sync with kame)
 2000-06-30 16:44:33 +00:00
mrg cf594a3f4d <vm/vm.h> -> <uvm/uvm_extern.h> 2000-06-28 03:01:16 +00:00
mrg 5ec6fd267b remove include of <vm/vm.h> 2000-06-28 02:59:32 +00:00
kleink d2787dad27 XNS5.2: define sa_family_t and use it where specified by the standard. 2000-06-26 15:48:19 +00:00
mrg 2f159a1bac remove/move more mach vm header files: 
<vm/pglist.h> -> <uvm/uvm_pglist.h>
	<vm/vm_inherit.h> -> <uvm/uvm_inherit.h>
	<vm/vm_kern.h> -> into <uvm/uvm_extern.h>
	<vm/vm_object.h> -> nothing
	<vm/vm_pager.h> -> into <uvm/uvm_pager.h>

also includes a bunch of <vm/vm_page.h> include removals (due to redudancy
with <vm/vm.h>), and a scattering of other similar headers.
 2000-06-26 14:20:25 +00:00
matt e21a3d997c Don't copy M_EXT mbufs unless in "dhcp" mode. Do a mtod after the pullup 
to make sure the ip pointer is still valid.
 2000-06-16 20:21:26 +00:00
itojun 07098cd363 better conformance to draft-ietf-ipngwg-icmp-name-lookups-05. 
the old code was chimera of 03 and 05 draft.

-n by default, since IPv6 reverse lookup takes too much time.
use -H to enable reverse name lookup.
 2000-06-12 16:21:02 +00:00
veego ecbf42696a Remove a duplicated check for the NetBSD callout (I think it is a mistake 
from a previous conflict resolve which doesn't cause harm).
 2000-06-12 10:41:36 +00:00
veego 886013b9e7 Ups, forgot to resolve one place. 2000-06-12 10:29:36 +00:00
veego d6dd29c882 Resolve conflicts. 2000-06-12 10:28:20 +00:00
darrenr bae005d1db add icmpreturndatabytes kernel variable (default 8) which specifies the 
number of extra data bytes to return in ICMP error messages.  This is
also available via sysctl as net.icmp.returndatabytes and is limited to
[8,512].
 2000-06-10 12:39:19 +00:00
itojun 8987054176 pass struct proc * down to udp6_output and in6_pcbbind. 2000-06-05 06:38:22 +00:00
veego c02ef5cc85 Resolve conflicts. 2000-05-23 06:07:42 +00:00
itojun 5de72de121 disallow negative numbers for ratelimit interval (tcp, icmp, icmp6). 2000-05-22 12:08:43 +00:00
veego b0c4d85748 Add a missing ; at the end of a line. 2000-05-21 18:47:00 +00:00
veego 4c4ad1d1a5 Resolve conflicts. 2000-05-21 18:45:53 +00:00
jhawk ca31d672e2 Install "show arptab" (db_show_arptab) in the ddb command tree. 
Move prototype from netinet/if_inarp.h to ddb/db_interface.h.
Change function to have standard ddb parameters (though they're
ignored).
 2000-05-20 03:08:41 +00:00
veego 8db28cd918 Resolve conflicts and fix a compile error in ip_ftp_pxy.c. 2000-05-11 19:46:05 +00:00
itojun 8a0fabf8cf add missing boundary checks to ip options processing. 
correct timestamp option validation (len and ptr upper/lower bound
based on RFC791).
fill "pointer" field for parameter problem in timestamp option processing.
 2000-05-10 03:31:30 +00:00
itojun b3c4ed6cf7 correct more out-of-bounds memory access, if cnt == 1 and optlen > 1. 2000-05-10 01:19:44 +00:00
itojun 4a12628c71 correct out-of-bound access when hlen == 1 and opt > 1. 
reviewed by darren, darren committed to freebsd fil.c (1.12 -> 1.13)
so it should be correct enough.
 2000-05-10 00:08:03 +00:00
sommerfeld 90f481ef3f Handle large offsets with very small options correctly. 2000-05-06 16:35:14 +00:00
mycroft 176e840713 GC in_interfaces. 2000-05-06 02:41:32 +00:00
matt 650107086a remove superfluous test (snd_una is always > iss since th_ack must > iss 
(first test at start of case) and th_ack is assigned to snd_una).
 2000-05-05 15:05:29 +00:00
matt 5a6e4c896c From PR #3733: Only disarm timer if SYN contained the ACK bit since if 
it didn't it would be a crossing/simultaneous SYN and doesn't mean the
remote TCP received our SYN.
 2000-05-05 14:51:46 +00:00
veego 21dea2100c Resolve conflicts. 2000-05-03 11:12:03 +00:00
sommerfeld a5ff71cecc One more __attribute__((__packed__)) to dissuade egcs from making 
unwarranted asumptions about the structure's alignment.
 2000-05-02 14:15:07 +00:00
itojun 3075a916cc sync with more recent kame. defer inclusion of net/if_gif.h. 2000-04-26 05:36:41 +00:00
enami c63f06acd3 IN_MULTICAST() takes in_addr.s_addr as argument, not pointer to it. 2000-04-20 01:59:22 +00:00
itojun d300ce3942 add net/if_stf.h and netinet/ip_encap.h (almost noone will include them though) 2000-04-19 06:39:15 +00:00
itojun 3909133548 introduce sys/netinet/ip_encap.c, to dispatch inbound packets 
to protocol handlers, based on src/dst (for ip proto #4/41).
see comment in ip_encap.c for details of the problem we have.
there are too many protocol specs for ip proto #4/41.
backward compatibility with MROUTING case is now provided in ip_encap.c.

fix ipip to work with gif (using ip_encap.c).  sorry for breakage.

gif now uses ip_encap.c.

introduce stf pseudo interface (implements 6to4, another IPv6-over-IPv4 code
with ip proto #41).
 2000-04-19 06:30:51 +00:00
chs e34eb900c0 remove an LBL ifdef that we can't turn on anyway. 2000-04-16 20:59:49 +00:00
chs 46faa6bb58 remove ifdefs to skip htons() on some big-endian platforms. 2000-04-16 20:58:52 +00:00
is ab879a6479 Copy M_BCAST and M_MCAST flags when fragmenting a packet (else 
Multicast packets won't be send to the correct link layer address
by the interface driver).
By Artur Grabowski, PR 9772.
 2000-04-13 11:48:07 +00:00
enami 97ba34b80b - Unselect the multicast outgoing interface if it is being detached. 
- Drop the multicast membership if we are joining through the interface
  being detached.
 2000-04-03 03:51:16 +00:00
enami 107aabc200 Bump the reference count of ifaddr while it is refered through in_multi. 2000-04-03 03:50:05 +00:00
jdolecek c42f28d24a Since last duplicate prototype cleanup, we need to include 
<netinet/ip_mroute.h> to get ip_mforward() prototype if MROUTING
is defined.
 2000-03-31 14:31:03 +00:00
jdolecek a59a99b6dc Slighly improve previous - only include <netinet/ip_mroute.h> if MROUTING 
is defined.
 2000-03-31 14:27:17 +00:00
jdolecek c2acbd102b include <netinet/ip_mroute.h> for ip_mforward() - needed after 
last duplicate prototype sweep (prototype for ip_mforward() used to be in <netinet/ip_var.h>)
 2000-03-31 08:34:20 +00:00
augustss 8529438fe6 Remove register declarations. 2000-03-30 12:51:13 +00:00
simonb 75c4560a75 Delete reduncdant decl of inetctlerrmap - it's in <netinet/in_var.h>. 2000-03-30 02:39:37 +00:00
simonb 1058c2aba9 Delete redundant decl of zeroin6_addr, it's in <netinet6/in6_var.h>. 2000-03-30 02:38:53 +00:00
simonb c85fbea607 Delete redundant decl of ip_gif_ttl - it's in <netinet/in_gif.h>. 
Delete redundant decl of ip_mforward() - it's in <netinet/ip_mroute.h>.
 2000-03-30 02:37:40 +00:00
simonb c2693b78a0 Delete uninitialised declaration of ip_defttl - there's an initialised 
decl earlier in this file.
 2000-03-30 02:35:24 +00:00
simonb d1fd2a6b54 Delete redundant decl of in_socktrim() - it's in <netinet/in.h>. 2000-03-30 02:33:45 +00:00
simonb e4c5993774 Extern decl of arpintrq. 2000-03-30 02:32:57 +00:00
thorpej 66470ad12d Pull in <sys/callout.h> for the benefit of userland. 2000-03-24 22:40:11 +00:00
thorpej fc96443d15 New callout mechanism with two major improvements over the old 
timeout()/untimeout() API:
- Clients supply callout handle storage, thus eliminating problems of
  resource allocation.
- Insertion and removal of callouts is constant time, important as
  this facility is used quite a lot in the kernel.

The old timeout()/untimeout() API has been removed from the kernel.
 2000-03-23 07:01:25 +00:00
ws 7da71e5f9e Make IPKDB working again. 
Add support for i386 debugging and pci-based ne2000 boards.
 2000-03-22 20:58:25 +00:00
itojun 2dbc76c437 tabify a line. 2000-03-22 06:10:39 +00:00
itojun 19b198e8c2 improve comment (about undo'ing code on in{,6}_ifinit failure) 2000-03-21 11:23:31 +00:00
itojun d926d6fa47 #if 0'ed undo code for interface address addition failure. 
it was a bit too strong, and forbids multiple addresses from
same prefix to be assigned.

now the behavior is the same as previous - memory leak on interface address
addition failure.
http://orange.kame.net/dev/query-pr.cgi?pr=218
 2000-03-18 02:41:58 +00:00
itojun 9f8cac1f16 undo interface address addition attempt, when in_ifinit fails. 
(this basically avoids memory leakage)
 2000-03-12 05:01:16 +00:00
thorpej 0fcf68825f Back out previous, and adjust a comment. 2000-03-10 22:39:03 +00:00
itojun 673e8e6fad move IPPROTO_DONE to IPPROTO_xx group 2000-03-10 15:30:55 +00:00
itojun 402493dee5 change member name for icmp6_filter, to be conformant to RFC2292. 
From: Francis Dupont
 2000-03-09 21:26:16 +00:00
thorpej d315d42657 Back out part of 1.104 which isn't actually needed. 2000-03-07 05:39:57 +00:00
mycroft 5a212f7999 Fix a splx() botch or two. 2000-03-07 04:58:35 +00:00
itojun 6a70fada85 allow SIOCDIFADDR with AF_UNSPEC address by default, until we fix ifconfig(8). 
(should be COMPAT_43)
 2000-03-06 19:33:13 +00:00
itojun be78177ba2 comment fix, sync with kame. 2000-03-03 17:42:14 +00:00
itojun 38441b4ae3 remove unnecessary ttl initialization which I mistakingly bringed in 
during KAME merge (this is part of WIDE's expeirmental reass code...)
NetBSD PR: 9412
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
Fix from: ho@crt.se
itojun was notified from: theo
 2000-03-03 13:07:42 +00:00
thorpej 754bba7b6c Avoid a bug in GCC which manifests itself when processing unaligned 
IP options.  Problem pointed out by Matt Hargett and Erik Fair, analyzed
by me.
 2000-03-02 06:07:36 +00:00
itojun 04ac848d6f introduce m->m_pkthdr.aux to hold random data which needs to be passed 
between protocol handlers.

ipsec socket pointers, ipsec decryption/auth information, tunnel
decapsulation information are in my mind - there can be several other usage.
at this moment, we use this for ipsec socket pointer passing.  this will
avoid reuse of m->m_pkthdr.rcvif in ipsec code.

due to the change, MHLEN will be decreased by sizeof(void *) - for example,
for i386, MHLEN was 100 bytes, but is now 96 bytes.
we may want to increase MSIZE from 128 to 256 for some of our architectures.

take caution if you use it for keeping some data item for long period
of time - use extra caution on M_PREPEND() or m_adj(), as they may result
in loss of m->m_pkthdr.aux pointer (and mbuf leak).

this will bump kernel version.

(as discussed in tech-net, tested in kame tree)
 2000-03-01 12:49:27 +00:00
itojun 5c1b7efe97 avoid copy-overwrite-copy on incoming udp4 checksum. use in4_cksum 
which takes care of pseudo header checksum without overwrites.
 2000-02-29 16:21:56 +00:00
itojun 82ab98145f ensure tcp window size does not overflow (16bit unsigned after window scale). 
FreeBSD PR: 16914
 2000-02-29 05:25:49 +00:00
itojun cdea88d700 support draft-ietf-ipngwg-icmp-name-lookups-05.txt, drop support for 
draft-ietf-ipngwg-icmp-name-lookups-04.txt.

There are certain bitfield change in 04 draft to 05 draft, which makes
04 "ping6 -a" and 05 "ping6 -a" not interoperable.  sigh.
 2000-02-28 13:48:50 +00:00
itojun bbe25244d0 remove some of cross-BSD portability #ifdef. 
remove xxCTL_VARS, which is BSDI specific.
 2000-02-28 12:08:21 +00:00
itojun 1450d6e643 bring in recent KAME changes (only important and stable ones, as usual). 
- remove net.inet6.ip6.nd6_proxyall.  introduce proxy NDP code works
  just like "arp -s".
- revise source address selection.
  be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
  packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.
 2000-02-26 08:39:18 +00:00
itojun c1e70a6c0a allow AF_UNSPEC for SIOCDIFADDR. ISC DHCP client depends on this behavior. 2000-02-25 08:51:35 +00:00
itojun abf6ccac96 backout previous commit (sanity check for family) - it seems to be doing 
something wrong.  i'll revise it soon.
 2000-02-25 08:37:05 +00:00
itojun 3c0960474d reject non-AF_INET addresses on ioctl. 
without this, we can configure invalid sockaddrs, for example,
sa_family == 0 (and we can never remove them!)
 2000-02-25 07:11:38 +00:00
itojun 729dcf0da4 hide declaration of IP6_EXTHDR_{GET,CHECK} from userland. 2000-02-24 09:55:24 +00:00
itojun 6a1af46504 don't transmit ICMPv4 packet back, if the original packet was encyrpted. 2000-02-24 09:54:49 +00:00
darrenr 4b3916780b pass "struct pfil_head *" to pfil_add_hook and pfil_remove hook rather 
than "struct protosw *".
 2000-02-20 00:56:33 +00:00
darrenr fd7edad6c3 Change the use of pfil hooks. There is no longer a single list of all 
pfil information, instead, struct protosw now contains a structure
which caontains list heads, etc.  The per-protosw pfil struct is passed
to pfil_hook_get(), along with an in/out flag to get the head of the
relevant filter list.  This has been done for only IPv4 and IPv6, at
present, with these patches only enabling filtering for IPPROTO_IP and
IPPROTO_IPV6, although it is possible to have tcp/udp, etc, dedicated
filters now also.  The ipfilter code has been updated to only filter
IPv4 packets - next major release of ipfilter is required for ipv6.
 2000-02-17 10:59:32 +00:00
itojun 729f693364 - if ip_dst matches address on !IFF_UP interface, and 
- there's no match against addresses on IFF_UP interface,
send icmp unreach if I'm router.  drop it if I'm host.

Revised version of PR: 9387 from nrt@iij.ad.jp.  Discussed with thorpej+nrt.
 2000-02-16 12:40:40 +00:00
thorpej b178e1f58c Add support for rate-limiting RSTs sent in response to no socket for 
an incoming packet.  Default minimum interval is 10ms.  The interval
is changeable via the "net.inet.tcp.rstratelimit" sysctl variable.
 2000-02-15 19:54:11 +00:00
thorpej f3b975e9a4 Add ICMP error rate limiting, based on the same for ICMP6. 
Note, we're reusing the previously unused slot for "MTU discovery" (which
was moved to the "net.inet.ip" branch of the sysctl tree quite some time
ago).
 2000-02-15 04:03:49 +00:00
itojun 800897b12f make assumption on mbuf explicit (m->m_len >= sizeof (struct ip)). 2000-02-15 00:42:22 +00:00
thorpej fd4ed9b425 Typo (Thanks, Havard :-) 2000-02-12 18:00:00 +00:00
thorpej 46f7b67929 Small cosmetic change, and note a place where a statistic should be 
gathered.
 2000-02-12 17:45:44 +00:00