fc1211a6ab
Don't overwrite the checksum fields when checking them. There's no reason to
...
do this, and it screws up ICMP replies.
XXX The returned IP checksum and length are still wrong.
1999-01-19 21:58:40 +00:00
555784ccd5
Fix byte order and ip_len inconsistencies in ICMP reply code. Also, fix
...
some formatting and HTONS(foo) vs. foo = htons(foo) inconsistencies.
PR #6602 , Darren Reed.
1999-01-11 22:35:06 +00:00
12632ebf71
Reverse the copyright-notice-swap. It went against existing practice.
1998-12-19 02:46:12 +00:00
ca15e01c76
Add a lock around the IP fragment reassembly queue, to prevent ip_drain()
...
from corrupting the queue if called from a device's interrupt context.
Should fix PR #5684 .
1998-12-18 21:35:11 +00:00
0e3a0a7f80
Once a fragmented IP packet has been reassembled, recompute the packet
...
length before passing it up the stack. From FreeBSD.
1998-11-13 03:24:22 +00:00
14f5ac9081
Use the pool allocator for ipflow entries.
1998-10-08 01:41:45 +00:00
974aa74abd
Use the pool allocator for ipqent structures.
1998-10-08 01:19:25 +00:00
c4730d65cf
Switch order of TNF and UCB copyrights so UCB copyright is first; this seems more appropriate since UCB wrote the original code, after all.
1998-09-30 21:52:24 +00:00
9fd57e8917
Make a diagnostic printf more sensible, PR #5951 , Heiko W. Rupp.
1998-09-09 04:57:18 +00:00
4a75265273
defopt PFIL_HOOKS.
1998-08-09 08:58:18 +00:00
534520d815
Fix PR5508: ipfil cut-through forwarding causes panic
1998-07-17 00:28:00 +00:00
08b5a4ecb8
Protect the ipflow_reap() call with splsoftnet.
1998-06-01 00:39:37 +00:00
f555f6d93f
Fix OBOB in IP timestamp option processing, as noted in FreeBSD PR 6738,
...
from Jennifer Dawn Meyers <jdm@enteract.com>.
1998-05-24 20:14:53 +00:00
36eac04cc0
Default IP flow to being enabled. Add a sysctl to control the maximum
...
number of flows (net.inet.ip.maxflows). If set to 0, will disable fast
path forwarding.
1998-05-04 19:24:53 +00:00
4452bc9a21
Allow packet filters to prevent a packet from creating a fast-forwarding
...
flow, by setting the "can fast forward" flag in the packet header, and
giving a chance for filters to clear the flag. If the flag is still
set after the filters have given it a chance, the packet will be used
to create a fast-forward flow entry.
1998-05-01 03:23:24 +00:00
d4d709f7d0
Add support for "fast" forwarding. Add hooks in if_ethersubr.c and
...
if_fddisubr.c to fastpath IP forwarding. If ip_forward successfully
forwards a packet, it will create a cache (ipflow) entry. ether_input
and fddi_input will first call ipflow_fastforward with the received
packet and if the packet passes enough tests, it will be forwarded (the
ttl is decremented and the cksum is adjusted incrementally).
1998-04-29 21:37:52 +00:00
37d70e3b46
defopt GATEWAY
1998-04-29 20:45:30 +00:00
eadcaa201c
change path MTU timeout value to match RFC 1191
1998-04-29 03:45:52 +00:00
1579dcec47
Add support for deletion of routes added by path MTU discovery;
...
uses new generic route timeout code. Add sysctl for timeout period.
1998-04-29 03:44:11 +00:00
45159fa631
convert pfil(9) in and out lists from <sys/queue.h> LISTs to TAILQs, and
...
change pfil_add_hook to put output filters at the tail of the queue,
while continuing to place input filters at the head of the queue. update
the two users of these functions, and document these changes.
fixes PR#4593.
1998-03-19 15:45:30 +00:00
91de585d5f
Add correct copyright notice for IP address hash change. This code is donated to TNF by the original copyright holder, Panix.
1998-02-15 18:24:23 +00:00
c9934a9084
Change list of interface IP addresses to a hash. Improves performance on hosts with a large number of IP addresses significantly.
1998-02-13 18:21:38 +00:00
4c54445530
Use offsetof() from libkern.h
1998-01-28 02:35:10 +00:00
54ea074777
Use option header file for MROUTING
1998-01-12 03:02:48 +00:00
1f8f74b669
enhance ephemeral port allocation code:
...
* support sysctl net.inet.ip.anonportmin (lowest ephemeral port)
and net.inet.ip.anonportmax (highest ephemeral port).
these can't be set to >65535, < IPPORT_RESERVED (unless IPNOPRIVPORTS
is defined), and anonportmin has to be < anonportmax.
* use a cleaner way of only cycling through the available set once;
this will be useful for when a random allocation scheme is used
* define IPPORT_ANON{MIN,MAX} instead of IPPORT_USER{LOW,HIGH}
1998-01-05 09:52:02 +00:00
6b86b260cb
change sysctl net.inet.icmp.mtudisc to net.inet.ip.mtudisc
1997-10-18 21:18:28 +00:00
10f29f9bcb
Allow `subnetsarelocal' to be changed via sysctl.
1997-10-17 21:20:49 +00:00
c74236bfc9
Tweaks to allow operation with an interface address of 0.0.0.0
...
(needed for NFS mountroot using BOOTP to get boot parameters)
1997-08-29 16:02:41 +00:00
a0e791807e
Eliminate use of dtom() from the network code, allowing more flexible
...
use of mbuf external storage and increasing performance (by eliminating
an m_pullup() for clusters in the IP reassembly code).
Changes from Koji Imada <koji@math.human.nagoya-u.ac.jp>, in PR #3628
and #3480 , with ever-so-slight integration changes by me.
1997-06-24 02:25:59 +00:00
0659cacda6
Move the mtod calls *after* we've made sure that the packet has passed the
...
filter successfully. Otherwise it can be NULL if the filter blocked it,
and we die. How did this ever work?
1997-04-15 00:41:52 +00:00
78cd2f6f78
allow src-routed packetd by default, per host requirements
1997-02-26 04:09:32 +00:00
8a449a258b
Add net.inet.ip.allowsrcrt option which allows/drops all source
...
routed packets. This currently defaults to `drop,' but once we
verify that all applications that rely on determining remote IP
addresses for authentication are dropping the connection when they
see a source route option (not just disabling the source route
option), we can turn this back on and conform with the host
requirements.
1997-02-25 08:35:41 +00:00
788bcc9857
Fix bug in sysctl net.inet.ip.forwsrcrt handing: now you can read it
...
if securelevel > 0. (Thanks, cgd.)
1997-02-19 08:30:04 +00:00
4c8bfe2630
pseudo-device ipfilter brings in PFIL_HOOKS.
1997-02-18 20:49:32 +00:00
9df1988ac8
Implement the IP_RECVIF socket option: supply a datagram packet's incoming
...
interface using a sockaddr_dl in a control mbuf.
Implement SO_TIMESTAMP for IP datagrams.
Move packet information option processing into a generic function
so that they work with multicast UDP and raw IP as well as unicast UDP.
Contributed by Bill Fenner <fenner@parc.xerox.com>.
1997-01-11 05:21:07 +00:00
04ce281a19
in pfil_hooks: always reassign ip after calling hook.
1996-12-20 09:08:14 +00:00
a24be0b669
remove pfil_bad.
1996-12-20 08:39:27 +00:00
e55c8a9c7e
Before concatenating frags, sanity check the length of the packet. If it's
...
larger than IP_MAXPACKET, discard it.
Based on a patch from Bill Fenner <fenner@parc.xerox.com>
1996-10-25 06:30:32 +00:00
b962d9a3eb
Fix a panic from the pfil_hooks.
1996-10-22 11:27:05 +00:00
5545959d0b
backout previous kprintf changes
1996-10-13 02:03:00 +00:00
6d7ad25bea
printf -> kprintf, sprintf -> ksprintf
1996-10-10 23:12:43 +00:00
17fcad6b2c
commit fix in pr 2772 -- the IP input code was assuming that the
...
reserved (must be zero) flag must necessarily be zero. We now define
an IP_RF (by analogy to IP_DF and IP_MF) and mask it out when necessary.
1996-09-21 19:44:32 +00:00
a5f00f16bc
move the packet filter hooks in to a saner location. while i'm here, rename
...
PACKET_FILTER to PFIL_HOOKS.
1996-09-14 14:40:20 +00:00
62a6cce9ca
Add in_nullhost() and in_hosteq() macros, to hide some protocol
...
details. Also, fix a bug in TCP wrt SYN+URG packets.
1996-09-09 14:51:07 +00:00
f5c7d8bcc1
Save 68 bytes of the packet for ICMP, not 64. From Laine Stump, PR 2296.
1996-09-08 15:49:43 +00:00
ae47956db0
add packet filter interface code. see pfil(9) for more details. you
...
need the PACKET_FILTER option to enable this code. currently, ipfilter
version 3.1.1-beta has been converted to use this new interface.
1996-09-06 05:07:43 +00:00
3ca11aa1ad
Fix some DIAGNOSTIC printf() formats; ntohl() provides a 32-bit quantity,
...
and should be printed with %x, not %lx.
1996-08-14 03:46:44 +00:00
9764a289cd
print result of ntohl/htonl as a long. (makes -Wformat work on the
...
Alpha.)
1996-07-10 18:13:35 +00:00
2769793c13
Fix printf format args.
1996-03-16 23:53:58 +00:00
32cdb91fa3
two more local addr changes, all done differently now (idea from charles)
1996-02-26 23:16:42 +00:00
14d9cd33af
netinet prototypes
1996-02-13 23:40:59 +00:00
535abd80a2
Add a net.inet.ip.directed-broadcast sysctl as suggested by
...
Darren Reed <darrenr@vitruvius.arbld.unimelb.edu.au> in PR #1227 .
This change is slightly different than the one submitted by Darren in
that the DIRECTED_BROADCAST compile-time option will behave like it used
to so that existing configurations utilizing it won't have to change.
1996-01-16 04:17:30 +00:00
4b359df8c4
Add net.inet.ip.forwsrcrt: if zero, the system will not forward
...
source-routed packets. Note this value is protected by kernel security
level; it can only be changed if securelevel < 1.
1996-01-15 21:11:46 +00:00
dfad729a16
make netinet work on systems where pointers and longs are 64 bits
...
(like the alpha). Biggest problem: IP headers were overlayed with
structure which included pointers, and which therefore didn't overlay
properly on 64-bit machines. Solution: instead of threading pointers
through IP header overlays, add a "queue element" structure to do
the threading, and point it at the ip headers.
1995-11-21 01:07:34 +00:00
5482957905
splnet --> splsoftnet
1995-08-12 23:59:09 +00:00
22687aa834
Change in_pcbnotify*() to take an errno value. Make inetctlerrmap[] an
...
array on ints, not u_chars.
1995-06-12 06:46:34 +00:00
6897f39ae9
Various cleanup, including:
...
* Convert several data structures to use queue.h.
* Split in_pcbnotify() into two parts; one for notifying a specific PCB, and
one for notifying all PCBs for a particular foreign address.
1995-06-12 00:46:47 +00:00
3a8e9c62b8
Remove ip_ifmatrix completely.
1995-06-07 16:01:15 +00:00
41703012d6
Don't cast things unnecessarily.
1995-06-04 05:58:20 +00:00
0a99592372
Clean up many more casts.
1995-06-04 05:06:49 +00:00
eb216fd6c2
Avoid byte-swapping IP addresses at run time.
1995-06-01 21:35:34 +00:00
0bfc08ac63
oops; forgot a '{'
1995-05-15 02:09:58 +00:00
2c1e3c655f
drop (and record) malformed IP fragments. Fixes pr 1030 (differently).
1995-05-14 08:23:00 +00:00
b5b72d26ea
be a bit more careful and explicit with types. (basically a large no-op.)
1995-04-13 06:25:36 +00:00
cf92afd66e
New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD'
1994-06-29 06:29:24 +00:00
07b4f2ab54
Update to 4.4-Lite networking code, with a few local changes.
1994-05-13 06:02:48 +00:00
94b2718bd1
PARANOID --> DIAGNOSTIC for inexpensive tests.
1994-02-14 21:43:33 +00:00
d7038296be
Multicast is no longer optional.
1994-02-02 05:58:50 +00:00
8243f1bb37
Fix some cases of NOT dealing with m_pkthdr's. This code is still suspect though, at least this fixes some panics.
1994-01-29 11:57:45 +00:00
b79490fcca
Should compile now with or without `options MULTICAST'.
1994-01-10 20:14:14 +00:00
222ebaf50e
Prototype the rest.
1994-01-09 01:06:02 +00:00
321b0c6090
More prototypes.
1994-01-08 23:50:41 +00:00
4fe12e6e88
Fix some inconsistent spacing; spaces at the end of lines, etc.
1994-01-08 21:21:28 +00:00
95b048b53a
Canonicalize all #includes.
1993-12-18 00:40:47 +00:00
aa7f3b23a8
multicast support.
...
>From Chris Maeda, cmaeda@cs.washington.edu
These patches are derived from the IP Multicast patches for BSDI.
1993-12-06 04:50:19 +00:00
45a57e79ea
more rcsid additions and file header cleanups
1993-05-20 03:49:51 +00:00
79f668c05d
make ip_input recursion checking be for -DPARANOID, and make it panic
1993-05-04 05:41:18 +00:00
61f282557f
initial import of 386bsd-0.1 sources
1993-03-21 09:45:37 +00:00
mycroft