mycroft
231a906c71
There's just no plausible reason to byte-swap ip_id internally. It's opaque.
1999-01-19 23:39:56 +00:00
mycroft
7eeb5a04da
Don't screw with ip_len; just subtract from it where we actually use the
...
value.
1999-01-19 23:03:20 +00:00
mycroft
fc1211a6ab
Don't overwrite the checksum fields when checking them. There's no reason to
...
do this, and it screws up ICMP replies.
XXX The returned IP checksum and length are still wrong.
1999-01-19 21:58:40 +00:00
thorpej
555784ccd5
Fix byte order and ip_len inconsistencies in ICMP reply code. Also, fix
...
some formatting and HTONS(foo) vs. foo = htons(foo) inconsistencies.
PR #6602 , Darren Reed.
1999-01-11 22:35:06 +00:00
thorpej
12632ebf71
Reverse the copyright-notice-swap. It went against existing practice.
1998-12-19 02:46:12 +00:00
thorpej
ca15e01c76
Add a lock around the IP fragment reassembly queue, to prevent ip_drain()
...
from corrupting the queue if called from a device's interrupt context.
Should fix PR #5684 .
1998-12-18 21:35:11 +00:00
thorpej
0e3a0a7f80
Once a fragmented IP packet has been reassembled, recompute the packet
...
length before passing it up the stack. From FreeBSD.
1998-11-13 03:24:22 +00:00
thorpej
14f5ac9081
Use the pool allocator for ipflow entries.
1998-10-08 01:41:45 +00:00
thorpej
974aa74abd
Use the pool allocator for ipqent structures.
1998-10-08 01:19:25 +00:00
tls
c4730d65cf
Switch order of TNF and UCB copyrights so UCB copyright is first; this seems more appropriate since UCB wrote the original code, after all.
1998-09-30 21:52:24 +00:00
thorpej
9fd57e8917
Make a diagnostic printf more sensible, PR #5951 , Heiko W. Rupp.
1998-09-09 04:57:18 +00:00
mrg
4a75265273
defopt PFIL_HOOKS.
1998-08-09 08:58:18 +00:00
sommerfe
534520d815
Fix PR5508: ipfil cut-through forwarding causes panic
1998-07-17 00:28:00 +00:00
thorpej
08b5a4ecb8
Protect the ipflow_reap() call with splsoftnet.
1998-06-01 00:39:37 +00:00
thorpej
f555f6d93f
Fix OBOB in IP timestamp option processing, as noted in FreeBSD PR 6738,
...
from Jennifer Dawn Meyers <jdm@enteract.com>.
1998-05-24 20:14:53 +00:00
matt
36eac04cc0
Default IP flow to being enabled. Add a sysctl to control the maximum
...
number of flows (net.inet.ip.maxflows). If set to 0, will disable fast
path forwarding.
1998-05-04 19:24:53 +00:00
thorpej
4452bc9a21
Allow packet filters to prevent a packet from creating a fast-forwarding
...
flow, by setting the "can fast forward" flag in the packet header, and
giving a chance for filters to clear the flag. If the flag is still
set after the filters have given it a chance, the packet will be used
to create a fast-forward flow entry.
1998-05-01 03:23:24 +00:00
matt
d4d709f7d0
Add support for "fast" forwarding. Add hooks in if_ethersubr.c and
...
if_fddisubr.c to fastpath IP forwarding. If ip_forward successfully
forwards a packet, it will create a cache (ipflow) entry. ether_input
and fddi_input will first call ipflow_fastforward with the received
packet and if the packet passes enough tests, it will be forwarded (the
ttl is decremented and the cksum is adjusted incrementally).
1998-04-29 21:37:52 +00:00
matt
37d70e3b46
defopt GATEWAY
1998-04-29 20:45:30 +00:00
kml
eadcaa201c
change path MTU timeout value to match RFC 1191
1998-04-29 03:45:52 +00:00
kml
1579dcec47
Add support for deletion of routes added by path MTU discovery;
...
uses new generic route timeout code. Add sysctl for timeout period.
1998-04-29 03:44:11 +00:00
mrg
45159fa631
convert pfil(9) in and out lists from <sys/queue.h> LISTs to TAILQs, and
...
change pfil_add_hook to put output filters at the tail of the queue,
while continuing to place input filters at the head of the queue. update
the two users of these functions, and document these changes.
fixes PR#4593.
1998-03-19 15:45:30 +00:00
tls
91de585d5f
Add correct copyright notice for IP address hash change. This code is donated to TNF by the original copyright holder, Panix.
1998-02-15 18:24:23 +00:00
tls
c9934a9084
Change list of interface IP addresses to a hash. Improves performance on hosts with a large number of IP addresses significantly.
1998-02-13 18:21:38 +00:00
thorpej
4c54445530
Use offsetof() from libkern.h
1998-01-28 02:35:10 +00:00
scottr
54ea074777
Use option header file for MROUTING
1998-01-12 03:02:48 +00:00
lukem
1f8f74b669
enhance ephemeral port allocation code:
...
* support sysctl net.inet.ip.anonportmin (lowest ephemeral port)
and net.inet.ip.anonportmax (highest ephemeral port).
these can't be set to >65535, < IPPORT_RESERVED (unless IPNOPRIVPORTS
is defined), and anonportmin has to be < anonportmax.
* use a cleaner way of only cycling through the available set once;
this will be useful for when a random allocation scheme is used
* define IPPORT_ANON{MIN,MAX} instead of IPPORT_USER{LOW,HIGH}
1998-01-05 09:52:02 +00:00
kml
6b86b260cb
change sysctl net.inet.icmp.mtudisc to net.inet.ip.mtudisc
1997-10-18 21:18:28 +00:00
thorpej
10f29f9bcb
Allow `subnetsarelocal' to be changed via sysctl.
1997-10-17 21:20:49 +00:00
gwr
c74236bfc9
Tweaks to allow operation with an interface address of 0.0.0.0
...
(needed for NFS mountroot using BOOTP to get boot parameters)
1997-08-29 16:02:41 +00:00
thorpej
a0e791807e
Eliminate use of dtom() from the network code, allowing more flexible
...
use of mbuf external storage and increasing performance (by eliminating
an m_pullup() for clusters in the IP reassembly code).
Changes from Koji Imada <koji@math.human.nagoya-u.ac.jp>, in PR #3628
and #3480 , with ever-so-slight integration changes by me.
1997-06-24 02:25:59 +00:00
christos
0659cacda6
Move the mtod calls *after* we've made sure that the packet has passed the
...
filter successfully. Otherwise it can be NULL if the filter blocked it,
and we die. How did this ever work?
1997-04-15 00:41:52 +00:00
mrg
78cd2f6f78
allow src-routed packetd by default, per host requirements
1997-02-26 04:09:32 +00:00
cjs
8a449a258b
Add net.inet.ip.allowsrcrt option which allows/drops all source
...
routed packets. This currently defaults to `drop,' but once we
verify that all applications that rely on determining remote IP
addresses for authentication are dropping the connection when they
see a source route option (not just disabling the source route
option), we can turn this back on and conform with the host
requirements.
1997-02-25 08:35:41 +00:00
cjs
788bcc9857
Fix bug in sysctl net.inet.ip.forwsrcrt handing: now you can read it
...
if securelevel > 0. (Thanks, cgd.)
1997-02-19 08:30:04 +00:00
mrg
4c8bfe2630
pseudo-device ipfilter brings in PFIL_HOOKS.
1997-02-18 20:49:32 +00:00
thorpej
9df1988ac8
Implement the IP_RECVIF socket option: supply a datagram packet's incoming
...
interface using a sockaddr_dl in a control mbuf.
Implement SO_TIMESTAMP for IP datagrams.
Move packet information option processing into a generic function
so that they work with multicast UDP and raw IP as well as unicast UDP.
Contributed by Bill Fenner <fenner@parc.xerox.com>.
1997-01-11 05:21:07 +00:00
mrg
04ce281a19
in pfil_hooks: always reassign ip after calling hook.
1996-12-20 09:08:14 +00:00
mrg
a24be0b669
remove pfil_bad.
1996-12-20 08:39:27 +00:00
thorpej
e55c8a9c7e
Before concatenating frags, sanity check the length of the packet. If it's
...
larger than IP_MAXPACKET, discard it.
Based on a patch from Bill Fenner <fenner@parc.xerox.com>
1996-10-25 06:30:32 +00:00
veego
b962d9a3eb
Fix a panic from the pfil_hooks.
1996-10-22 11:27:05 +00:00
christos
5545959d0b
backout previous kprintf changes
1996-10-13 02:03:00 +00:00
christos
6d7ad25bea
printf -> kprintf, sprintf -> ksprintf
1996-10-10 23:12:43 +00:00
perry
17fcad6b2c
commit fix in pr 2772 -- the IP input code was assuming that the
...
reserved (must be zero) flag must necessarily be zero. We now define
an IP_RF (by analogy to IP_DF and IP_MF) and mask it out when necessary.
1996-09-21 19:44:32 +00:00
mrg
a5f00f16bc
move the packet filter hooks in to a saner location. while i'm here, rename
...
PACKET_FILTER to PFIL_HOOKS.
1996-09-14 14:40:20 +00:00
mycroft
62a6cce9ca
Add in_nullhost() and in_hosteq() macros, to hide some protocol
...
details. Also, fix a bug in TCP wrt SYN+URG packets.
1996-09-09 14:51:07 +00:00
mycroft
f5c7d8bcc1
Save 68 bytes of the packet for ICMP, not 64. From Laine Stump, PR 2296.
1996-09-08 15:49:43 +00:00
mrg
ae47956db0
add packet filter interface code. see pfil(9) for more details. you
...
need the PACKET_FILTER option to enable this code. currently, ipfilter
version 3.1.1-beta has been converted to use this new interface.
1996-09-06 05:07:43 +00:00
thorpej
3ca11aa1ad
Fix some DIAGNOSTIC printf() formats; ntohl() provides a 32-bit quantity,
...
and should be printed with %x, not %lx.
1996-08-14 03:46:44 +00:00
cgd
9764a289cd
print result of ntohl/htonl as a long. (makes -Wformat work on the
...
Alpha.)
1996-07-10 18:13:35 +00:00