- npf_fixup16_cksum: 1's complement sum is endian-independent.
- npf_fixup32_cksum: the first 32->16 bit reduction is not needed.
Pointed out by Valery Ushakov.
If an interface is or gets detached, all associated rules and connections
will be deactivated (it might be useful to have an option to invalidate
the associated connections). Once the interface is reattached they will
become active.
Bump NPF_VERSION.
npfctl(8) and generate separate marks to describe the filter criteria.
- Rewrite 'npfctl show' functionality and fix some of the bugs.
- npftest: add a test for BPF COP.
- Bump NPF_VERSION.
which add a capability to call external functions in a predetermined way.
It can be thought as a BPF "coprocessor" -- a generic mechanism to offload
more complex packet inspection operations. There is no default coprocessor
and this functionality is not targeted to the /dev/bpf. This is primarily
targeted to the kernel subsystems, therefore there is no way to set a custom
coprocessor at the userlevel.
Discussed on: tech-net@
OK: core@
friendly (there are only few hooks in the system). Make the structures
opaque and the interface more strict.
- Remove PFIL_HOOKS option by making pfil(9) mandatory.
and into in6_if_link_up.
This fixes a possible panic where link is up but not the interface.
Note that a better solution would be to listen to the routing socket
in the kernel, but I don't know how to do that.
Reachable Router tests for IFF_UP as well.
addresses as detached.
Likewise, when the link state changes to up, mark all detached IPv6
as tentative and start DAD on them.
Advertised router reachability now checks that link state is not down.
This means that when an interface link state changes, the default IPv6
router may change as well.
the route entry was added, but the RTF_LLINFO bit was not set, making arp -a
not showing the entry, but netstat -rn -f inet showing it with the missing
L bit. The order of resolution in ifa_ifwithroute() is that if a destination
address is found, then the interface chosen for the route is that of the
destination. This does not work for link-level addresses since the ppp
interface does not arp (uses link_rtrequest, not arp_rtrequest), so the
bit is never set. The easy solution here is to check that the gateway is
a link address, and use the interface which we chose for the link address
as opposed to the interface that routes to the destination. This restores
the previous behavior, but is it correct?
points and document it. Split the worker thread into a separate module
with an interface, so it could be re-used for other tasks.
- Replace ALG list with arrays and thus hit fewer cache lines.
- Misc bug fixes.
rmind