Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
47,576 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

524 Commits

Author SHA1 Message Date
darrenr 9fd3093f39 don't free pointer to static struct. please pullup. 1997-11-28 00:46:39 +00:00
mrg 3300e3e43e fix compile error when "options IPNOPROVPORTS" 1997-11-27 14:03:32 +00:00
mrg 2a9598ccdf fixes for memory leaks in proxying, and byte ordering problems. from darren reed. 1997-11-25 03:14:11 +00:00
thorpej 9f18d18071 Slight change to the previous: just drop the packet in the self-connect 
case.  Sending an RST to ourselves is a little silly, considering that
we'll just attempt to remove a non-existent compressed state entry and
then drop the packet anyway.
 1997-11-21 06:41:54 +00:00
thorpej ebd40d53e1 In tcp_input(), if the PCB we lookup for an incoming packet is a listen 
socket:
- If we received a SYN,ACK, send an RST.
- If we received a SYN, and the connection attempt appears to come from
  itself, send an RST, since it cannot possibly be valid.
 1997-11-21 06:18:30 +00:00
thorpej e2a99027d2 Add missing (implied) int to a variable declaration. 1997-11-20 19:12:41 +00:00
thorpej ad1ef53725 Deal with a problem where ephemeral port shortage would case a PCB's 
local address to be set, causing all further attemps to bind that PCB
to fail.  From Koji Imada, PR #3857.
 1997-11-20 04:53:37 +00:00
mrg fc911d1529 fix checksum problems (from marc boucher via darren reed). 1997-11-17 14:33:46 +00:00
mycroft 466fb6d0db On output, if the packet length doesn't match the length in the IP header, 
drop the packet with EINVAL.
 1997-11-16 20:58:18 +00:00
mrg 84ecff38c2 merge ip-filter 3.2.1 1997-11-14 12:40:06 +00:00
mrg 61cbfaca09 import ip-filter 3.2.1 1997-11-14 08:03:01 +00:00
kml 3b9fc85803 Remove an extraneous call to rtfree() in the path mtu discovery code; 
this was causing negative reference counts on routes...
 1997-11-11 21:10:50 +00:00
kml 86275dc497 TCP MSS fixes to provide cleaner slow-start and recovery. 1997-11-08 02:35:22 +00:00
gwr 011d063b25 Get rid of the messages: "arp: zero IP addr from ..." 
If one really wants to know about those confused PCs
trying to use IP address zero, they can use tcpdump.
 1997-10-31 02:54:08 +00:00
mrg 60c28e1f95 sigh. merge ipfilter 3.2 onto the trunk. merge to the branch was a mistake. 1997-10-30 16:08:54 +00:00
mrg 44c002beb1 import ip-filter 3.2 1997-10-30 05:27:24 +00:00
kml 560395f6f4 Changes to path MTU discovery to correctly handle "needs 
fragmentation" ICMP messages that specify a new MTU size of zero
(from, say, old buggy Linux kernels).
 1997-10-29 05:28:44 +00:00
kml c8e01708d1 remove extraneous icmp_do_mtudisc 1997-10-18 21:21:28 +00:00
kml 6b86b260cb change sysctl net.inet.icmp.mtudisc to net.inet.ip.mtudisc 1997-10-18 21:18:28 +00:00
kml 323c04642b Path MTU Discovery support. This is turned off by default. 
Use sysctl -w net.inet.icmp.mtudisc=1 to turn on.
Still to come:  path removal after some period, black hole detection
 1997-10-17 22:12:14 +00:00
thorpej 10f29f9bcb Allow `subnetsarelocal' to be changed via sysctl. 1997-10-17 21:20:49 +00:00
thorpej b174d20bc1 Define IP_RETURNMTU. (Matt missed this part of his diff, I guess :-) 1997-10-14 08:38:01 +00:00
matt 8c42ff649b Add support for returning maximum supported MTU when ip_output fails with 
EMSGSIZE.
 1997-10-14 00:52:39 +00:00
explorer 80513cb5ae o Make usage of /dev/random dependant on 
pseudo-device   rnd                     # /dev/random and in-kernel generator
  in config files.

o Add declaration to all architectures.

o Clean up copyright message in rnd.c, rnd.h, and rndpool.c to include
  that this code is derived in part from Ted Tyso's linux code.
 1997-10-13 00:46:08 +00:00
explorer 790e114732 Add hooks to use the kernel random system to generate TCP sequence numbers. 1997-10-10 01:51:07 +00:00
thorpej 67a3811e05 Fix an oversight in my previous MSS-related changes: 
Basically, in silly window avoidance, don't use the raw MSS we advertised
to the peer.  What we really want here is the _expected_ size of received
segments, so we need to account for the path MTU (eventually; right now,
the interface MTU for "local" addresses and loopback or tcp_mssdflt for
non-local addresses).  Without this, silly window avoidance would never
kick in if we advertised a very large (e.g. ~64k) MSS to the peer.
 1997-10-08 16:32:48 +00:00
is fabb33431c Reimplement a test for broadcast addresses advertized, which was left out 
when rewriting the ARP system.
 1997-10-02 19:41:56 +00:00
thorpej 4ed600dbd0 Fix several annoyances related to MSS handling in BSD TCP: 
- Don't overload t_maxseg.  Previous behavior was to set it to the min
  of the peer's advertised MSS, our advertised MSS, and tcp_mssdflt
  (for non-local networks).  This breaks PMTU discovery running on
  either host.  Instead, remember the MSS we advertise, and use it
  as appropriate (in silly window avoidance).
- Per last bullet, split tcp_mss() into several functions for handling
  MSS (ours and peer's), and performing various tasks when a connection
  becomes ESTABLISHED.
- Introduce a new function, tcp_segsize(), which computes the max size
  for every segment transmitted in tcp_output().  This will eventually
  be used to hook in PMTU discovery.
 1997-09-22 21:49:55 +00:00
thorpej de572198ad Implement in_pcbrtentry() - return the route associated with a PCB. If 
one does not exist, attempt to allocate one.  This is mostly pulled from
tcp_input.c.
 1997-09-22 21:39:40 +00:00
veego 4508fb4354 Resolve conflicts from the merge of ipf 3.2beta5. 1997-09-21 18:00:54 +00:00
veego 985ac74a98 Import ip-filter 3.2beta5 1997-09-21 16:47:50 +00:00
drochner d8f1d9401e Adjust packet len in mbuf header for incoming broadcasts. 
Closes PR kern/4087 (by myself).
 1997-09-12 10:58:31 +00:00
gwr c74236bfc9 Tweaks to allow operation with an interface address of 0.0.0.0 
(needed for NFS mountroot using BOOTP to get boot parameters)
 1997-08-29 16:02:41 +00:00
matt b2b8155618 Add IPPROTO_ESP and IPPROTO_AH defines. 1997-08-27 17:05:34 +00:00
thorpej ca0bba0081 Add ICMP unreachable code #13 - "Communication Administratively Prohibited", 
per RFC 1716.  From Havard Eidnes <he@vader.runit.sintef.no>, PR #4038.
 1997-08-26 18:27:53 +00:00
mycroft e76ba36231 Make sure we install the route returned by the upcall before trying to 
forward any queued packets.  From Bill Fenner, via Brad Karp.
 1997-08-14 06:42:33 +00:00
lukem fcbcbc2234 struct loif is an array of NLOOP (from "loop.h") elements 1997-08-04 06:18:49 +00:00
is 240cc2913e Include file in place of the old netinet/if_ether.h, including stuff from 
where it is now, and adding the specialized for Ethernet version of the ARP
structure, for the benefit of programs which are externally (to us) maintained
and not (yet) ported.
XXX This should NOT be used inside the kernel.
 1997-07-29 09:10:51 +00:00
thorpej 4cef61d36b Generate dependencies for the TCP_SENDSPACE and TCP_RECVSPACE options. 1997-07-28 22:31:08 +00:00
thorpej db103f4414 Make the following tunable via sysctl, inspired by BSD/OS: 
- udp_sendspace
- udp_recvspace
 1997-07-28 22:19:53 +00:00
thorpej 758a104426 Make the following tunable via sysctl, inspired by BSD/OS: 
- tcp_sendspace
- tcp_recvspace
- tcp_mssdflt
- tcp_syn_cache_limit
- tcp_syn_bucket_limit
- tcp_syn_cache_timer
 1997-07-28 22:18:48 +00:00
thorpej 402ae96361 Garbage-collect some "extern"s. 1997-07-28 22:07:38 +00:00
thorpej e794123006 Fix a rather severe bug in handling of incoming SYNs for peer/port values 
which happen to have a TCB in TIME_WAIT, where an mbuf which had been
advanced past the IP+TCP headers and TCP options would be reused as if
it had not been advanced.  Problem found by Juergen Hannken-Illjes, who
also suggested a work-around on which this fix is based.
 1997-07-28 01:07:48 +00:00
thorpej efa8881dbe Pull SYN_cache_branch down into the main line. 1997-07-23 21:26:40 +00:00
kleink 512b9c1d90 Nuke an `#ifdef sparc' conditional around ntohs() usage: this (1) is incomplete 
and (2) makes no difference anyway.  Also, minor KNF.
 1997-07-21 16:53:47 +00:00
kleink b2bead304f Fix a misplaced brace which caused NAT list corruption; from Dave Huang 
<khym@bga.com> in PR kern/3872.
 1997-07-16 11:06:07 +00:00
mrg 02e5531ec7 put back IPFILTER_DEFAULT_BLOCK, as documented in options(4). 1997-07-08 05:54:02 +00:00
veego 29fcbcb000 Use FR_PASS for IPF_DEFAULT_PASS. This can be overwritten with an 
options IPF_DEFAULT_PASS=FR_BLOCK in your config file.
 1997-07-07 23:08:22 +00:00
fvdl 413872caa0 Get rid of (void) cast to KFREE, as it may be a macro, in which case 
the cast will be a syntax error.
 1997-07-07 22:21:21 +00:00
phil ccfe711608 Protect against double inclusion. PR 3524. 1997-07-07 20:57:46 +00:00
thorpej ba90103dd6 The fingerprint of (*fr_checkp)() is the same if compiling in kernel 
or user code.
 1997-07-06 22:32:34 +00:00
thorpej e0acb98b94 Fix an old and obscure TCP bug, brought to my attention by Bill Fenner, 
fixed in FreeBSD by John Polstra:

Fix a bug (apparently very old) that can cause a TCP connection to
be dropped when it has an unusual traffic pattern.  For full details
as well as a test case that demonstrates the failure, see the
referenced PR (FreeBSD's kern/3998).

   Under certain circumstances involving the persist state, it is
   possible for the receive side's tp->rcv_nxt to advance beyond its
   tp->rcv_adv.  This causes (tp->rcv_adv - tp->rcv_nxt) to become
   negative.  However, in the code affected by this fix, that difference
   was interpreted as an unsigned number by max().  Since it was
   negative, it was taken as a huge unsigned number.  The effect was
   to cause the receiver to believe that its receive window had negative
   size, thereby rejecting all received segments including ACKs.  As
   the test case shows, this led to fruitless retransmissions and
   eventually to a dropped connection.  Even connections using the
   loopback interface could be dropped.  The fix substitutes the signed
   imax() for the unsigned max() function.

Bill informs me that his research indicates this bug appeared in Reno.
 1997-07-06 07:04:34 +00:00
thorpej b19b36aff5 Restore original RCS IDs. 1997-07-06 05:29:13 +00:00
thorpej 329a831bd5 Deal with a bogus warning from -Wuninitialized. 1997-07-06 05:14:08 +00:00
thorpej 0feb054b62 - Add a missing #ifdef SOLARIS 
- Properly prototype ipfilterattach()/iplattach().
 1997-07-06 05:13:40 +00:00
thorpej c68633278f - Add a prototype for fixskip() so that this file compiles. 
- Fix, ONCE AGAIN, semantics of ipfilterattach().  This time, not only
  was it semantically broken, it wasn't even close to compiling!
 1997-07-06 05:13:00 +00:00
thorpej 3fb8ff16e8 The sheer number of #ifdef's around it should have been a hint that 
#include <machine/mtpr.h> isn't something you're supposed to do in
NetBSD.
 1997-07-06 05:11:28 +00:00
thorpej ab01c534f6 Fix a bug caught by gcc: add parenthesis to properly group a test. 1997-07-06 05:10:41 +00:00
thorpej 90c43e78e2 Import yet another missing piece of IPFilter 3.2beta1. 1997-07-06 05:02:26 +00:00
thorpej 5a85b0d9fa Import ip_auth.h from IPFilter 3.2beta1; this was missed during the 
upgrade.
 1997-07-06 04:58:52 +00:00
darrenr 729f0dc597 fix conflicts from import 1997-07-05 05:38:14 +00:00
thorpej 9bf15b8b78 Don't adjust ip->ip_len before calling icmp_error(); icmp_error() already 
does this.  Per Stevens in TCP/IP Illustrated Vol. 2, p.774, submitted
by Koji Imada <koji@math.human.nagoya-u.ac.jp>.
 1997-06-24 19:31:34 +00:00
thorpej a0e791807e Eliminate use of dtom() from the network code, allowing more flexible 
use of mbuf external storage and increasing performance (by eliminating
an m_pullup() for clusters in the IP reassembly code).

Changes from Koji Imada <koji@math.human.nagoya-u.ac.jp>, in PR #3628
and #3480, with ever-so-slight integration changes by me.
 1997-06-24 02:25:59 +00:00
thorpej b791871522 Increment icmpstat.icps_badlen for bad length of ICMP_MASKREQ, per 
Stevens in TCP/IP Illustrated vol. 2, p.319.  Submitted by
Koji Imada <koji@math.human.nagoya-u.ac.jp> in PR #3712.
 1997-06-24 01:26:19 +00:00
kleink b8377e5395 As per RFC 793, don't retransmit the FIN during a simultaneous close. 
From Thorsten Frueauf <frueauf@ira.uka.de> and W. Richard Stevens in PR/3737
and TCP/IP Illustrated, Vol. 2, respectively.
 1997-06-18 10:05:44 +00:00
mrg c258d0d05e make it "options IPFILTER_DEFAULT_BLOCK". 1997-06-16 13:38:05 +00:00
kleink 8fb48a5db9 Eliminate a superflouus `if' statement: when detaching the TCP protocol from 
a socket, just calling tcp_disconnect() on the tcpcb will do the right thing.
From Thorsten Frueauf <frueauf@ira.uka.de> and W. Richard Stevens in PR/3738
resp. TCP/IP Illustrated, Vol. 2.
 1997-06-12 18:41:14 +00:00
kml 6a233e37f6 Fix urgent pointer overflow problems when used with large windows 1997-06-03 16:17:09 +00:00
thorpej 5b0d69d6a8 In ipl_disable(), don't conditionalize the "fr_checkp = fr_savep" 
operation, since:
	- in ipl_enable(), "fr_savep = fr_checkp" is not conditionalized
	  in the same way (not at all), and
	- without this change, it was not possible to enable, disable,
	  and reenable ipfilter.
 1997-06-01 06:57:09 +00:00
thorpej a464ced388 Change the aps_tout member of struct ap_session from time_t to u_long 
so that it can be passed to the filter rule aging functions, which
expect a pointer to a u_long.  (time_t is an int on the alpha.)
 1997-05-28 04:59:34 +00:00
thorpej fa7df10d8b Put the #ifndef _KERNEL prototype of get_unit() in <netinet/ip_fil.h> 
since it is needed by other files, in order to compile on 64-bit
architectures.
 1997-05-28 04:48:47 +00:00
thorpej 41d4822677 Resolve conflicts from merge of 3.2a7, take 2. Also, eliminate some 
silly differences between the NetBSD copy of the code and the
vendor branch, keeping only those which are necessary.  Of those
differences that currently exist, several "portability to NetBSD"
issues, which will be fed back to the ipfilter author.
 1997-05-28 00:17:11 +00:00
gwr 3cb60b969d Allow revarpwhoami() to be called multiple times. 
(Just return the answer if we already have it.)
Without this, the RB_ASKNAME loop fails on every
call to nfs_mountroot after the first call.
 1997-05-27 23:14:44 +00:00
thorpej 67a6c44c15 Make this compile on 32-bit architectures again: 
- Pull in includes to get appropriate prototypes.
 1997-05-27 01:24:31 +00:00
thorpej faeb45fcca Make this compile on 32-bit architectures: 
- Add prototypes.
- Add a forward-decl to avoid a cyclic dependency graph.
 1997-05-27 01:23:50 +00:00
thorpej 03e37a1874 Make this compile on 32-bit architectures: 
- Deal with lame gcc -Wuninitialized warning (which is incorrect)
- Add parens around assignments within conditionals.
 1997-05-27 01:22:52 +00:00
thorpej 77a115108c Make this compile on 32-bit architecutres again: 
- Get arguments to ioctl right (cmd is a u_long in NetBSD)
 1997-05-27 01:21:33 +00:00
thorpej 55323c48ca Make this compile on 32-bit architectures again: 
- Add prototypes.
- Get arguments to ioctl right (cmd is a u_long in NetBSD)
 1997-05-27 01:20:46 +00:00
thorpej 5d1bb7474a Make this compile on 32-bit architectures: 
- Add prototypes.
- garbage-collect unused variables.
 1997-05-27 01:19:48 +00:00
thorpej 6c873135ee Make this compile on 32-bit architectures again: 
- garbage-collect unused variables.
 1997-05-27 01:18:47 +00:00
thorpej e8e871e8ca Make this compile on 32-bit architectures again: 
- Don't prototype functions that don't exist, and do prototype those
  that do.
- Get ioctl arguments right (cmd is a u_long in NetBSD).
 1997-05-27 01:17:04 +00:00
thorpej a09051fa6d Make this compile on 32-bit architectures again: 
- Fix a really obvious error: ipl_enable() disappeared, but the guts of
  the function were scrunched into the "no-op" BSD pseudo-device attach
  routine.  Would not compile, because of non-void return from a void
  function.  Fixed by reincarnating ipl_enable(), and reimplementing
  the no-op pseudo-device attach.
- #ifdef as appropriate to remove unused variable warnings.
- Call ipl_enable() in iplinit(), rather than the no-op ipfilterattach().
 1997-05-27 01:15:21 +00:00
thorpej 8ead9b88e8 Make this compile on 32-bit architectures again: 
- garbage-collect unused variables, or #ifdef them as appropriate.
 1997-05-27 01:09:13 +00:00
darrenr ea9bbec5f5 remove extra #endif 1997-05-26 17:57:21 +00:00
darrenr 27be4b8f04 Import new sources for 3.2alpha7 
(blah, someone want to clean away /cvsroot/sys/netinet ?)
 1997-05-26 15:18:15 +00:00
darrenr 29fab67628 fix conflicts 1997-05-25 12:40:11 +00:00
christos 118a33df24 - Fix indentation of the nested conditionals. It was inconsistent in places. 
- Make this compile and work without IPFILTER_LOG, and disable logging by
  default. This can be re-enabled now as a kernel option.
 1997-04-15 00:44:42 +00:00
christos ae60a7c343 Fix SPLNET() conditional to work for NetBSD1_0+, not just the named versions. 1997-04-15 00:42:54 +00:00
christos 0659cacda6 Move the mtod calls *after* we've made sure that the packet has passed the 
filter successfully. Otherwise it can be NULL if the filter blocked it,
and we die. How did this ever work?
 1997-04-15 00:41:52 +00:00
jtk e096ee0e10 add newlines at end of debugging log messages which were missing them 1997-04-07 01:48:30 +00:00
cgd ce54b19fd3 include <stdlib.h> if !_KERNEL for malloc declaration/proto 1997-04-04 01:53:22 +00:00
cgd c492daaa6e fix ... potentially fatal typo (s/unix/unit/) 1997-04-03 00:57:03 +00:00
augustss c56286529c Make it compile again by removing a cast to void of KFREE(). KFREE expands 
to a statement, not an expression.
 1997-04-01 00:07:07 +00:00
thorpej 0684baea63 Define control device names here; they're needed by kernel and userland. 1997-03-29 19:50:51 +00:00
darrenr 4d1eb7820e use IPLLOG instead of ipllog to easily mask parameters, fix up prototype 
problems for compiling to user programs.
 1997-03-29 04:39:15 +00:00
thorpej 169a339c7d Centralize the check for NetBSD PFIL_HOOKS code into ip_fil.h, and use 
it consistently.
 1997-03-29 03:05:14 +00:00
thorpej 7845ea0d16 Fix an ... interesting bug that resulted from namespace collision. 
Description:

	- A BSD pseudo-device initialization routine is declared as
		void <pseudo-device name>attach __P((int count));
	  in ioconf.c by config(8).  main() calls these functions
	  from a table.

	- IP Filter has functions iplattach() and ipldetach() (or,
	  in the NetBSD case, were erroneously renamed ipfilterattach()
	  and ipfilterdetach()).  These functions are used to establish
	  and disestablish the IP Filter "filter rule check" hook in
	  the IP input/output stream.  They are declared:
		int iplattach __P((void));
		int ipldetach __P((void));
	  ..and are expected to return a value by iplioctl().

	- When main() calls (by sheer coincidence!) iplattach(),
	  the filter hook is established, and the IP Filter machinery
	  labeled as "initialized".  This causes all packets, whether or
	  not the user intents to use filter rules, to be passed to
	  the filter rule checker if "ipfilter" is configured into the
	  kernel.

	- As a result of the above, a kludge existed to default to
	  passing all packets (I can only assume that when this was
	  originally committed, the symptom of the bug was noticed by
	  the integrator, but the bug not actually found/fixed).

	- In iplioctl(), if the SIOCFRENB ioctl is issued with an
	  argument of "enable" (i.e. user executed "ipf -E"), iplattach()
	  will notice that the machinery is already initialized and
	  return EBUSY.

Fix:

	- Rename iplattach()/ipldetach() to ipl_enable() and ipl_disable().

	- Create a pseudo-device entry stub named ipfilterattach()
	  (NetBSD case) or iplattach() (all other).  This is a noop; none
	  of the machinery should be initialized until the caller expicitly
	  enables the filter with ipf -E.  Add a comment to note that.
 1997-03-29 01:57:55 +00:00
thorpej f30d8f327f Resolve conflicts from merge. 
XXX !!! XXX !!!
I noticed a few semi-serious bugs while doing this merge, one of which
has existed for a fairly long time.  Some of them are addressed in this
commit (because they caused the kernel to not compile), and are annoted
by "XXX" and "--thorpej".  The other one will be addressed shortly in
a future commit, and, as far as I can tell, affects all operating systems
which IP Filter supports.
 1997-03-29 00:54:55 +00:00
is 4555777c80 Fix several bugs related to the new ARP code, and ARCnet ARP support. 
Among other, add ARPHRD_ARCNET definition, make sure the hardware type is
set on outgoing ARP packets, make sure we dont send out replies as broadcasts.
 1997-03-23 01:22:35 +00:00
cgd a8bb00476f ioctl commands are u_longs 1997-03-18 07:14:45 +00:00
is 57f2f47e2c move if_arc.h to sys/net 1997-03-16 23:27:07 +00:00
is 07b064e02e New ARP system, supports IPv4 over any hardware link. 
Some of the stuff (e.g., rarpd, bootpd, dhcpd etc., libsa) still will
only support Ethernet. Tcpdump itself should be ok, but libpcap needs
lot of work.

For the detailed change history, look at the commit log entries for
the is-newarp branch.
 1997-03-15 18:09:08 +00:00
mrg 78cd2f6f78 allow src-routed packetd by default, per host requirements 1997-02-26 04:09:32 +00:00
cjs 8a449a258b Add net.inet.ip.allowsrcrt option which allows/drops all source 
routed packets. This currently defaults to `drop,' but once we
verify  that all applications that rely on determining remote IP
addresses for authentication are dropping the connection when they
see a source route option (not just disabling the source route
option), we can turn this back on and conform with the host
requirements.
 1997-02-25 08:35:41 +00:00
scottr 54b157939d Don't include ipfilter.h if building an LKM. 1997-02-19 23:07:57 +00:00
cjs 788bcc9857 Fix bug in sysctl net.inet.ip.forwsrcrt handing: now you can read it 
if securelevel > 0. (Thanks, cgd.)
 1997-02-19 08:30:04 +00:00
mrg 4c8bfe2630 pseudo-device ipfilter brings in PFIL_HOOKS. 1997-02-18 20:49:32 +00:00
thorpej b21c166228 ioctl cmd arguments are u_long, not int. Pointed out by 
Fred L. Templin <templin@nas.nasa.gov>
 1997-01-29 02:16:23 +00:00
mikel 9be91c7fb4 fix my typo; found by Klaus Klein <kleink@layla.inka.de> 1997-01-17 17:06:06 +00:00
mikel 313f6180e6 add prototypes for ethers(3) functions; fixes PR 2471. 
fix suggested by Jason Thorpe.
 1997-01-17 08:17:57 +00:00
gwr e1cb27e32f sync with if_ether.h 1997-01-15 18:19:35 +00:00
thorpej 9df1988ac8 Implement the IP_RECVIF socket option: supply a datagram packet's incoming 
interface using a sockaddr_dl in a control mbuf.

Implement SO_TIMESTAMP for IP datagrams.

Move packet information option processing into a generic function
so that they work with multicast UDP and raw IP as well as unicast UDP.

Contributed by Bill Fenner <fenner@parc.xerox.com>.
 1997-01-11 05:21:07 +00:00
veego d61e3f8c25 ipl[attach|detach]->ipfilter[attach|detach] for the pseudo-device change 1997-01-08 21:45:39 +00:00
mrg 9cc6a2a495 remove some old debugging statements. 1997-01-07 10:51:01 +00:00
veego 473d4f54d1 Add $NetBSD$ id's and restore the orginal Id's. 1997-01-05 21:32:18 +00:00
veego 25bcda3b52 Add $NetBSD$ id's and restore the orginal Id's. 1997-01-05 21:32:17 +00:00
veego 47517abd07 Add $NetBSD$ id's and restore the orginal Id's. 1997-01-05 21:32:14 +00:00
mrg c1067a3f4b initial import of darren reed's ip-filter, version 3.1.2. 1997-01-05 13:47:59 +00:00
mrg 5e5291f97b always reassign ip after calling function. 1996-12-20 09:08:16 +00:00
mrg 04ce281a19 in pfil_hooks: always reassign ip after calling hook. 1996-12-20 09:08:14 +00:00
mrg 15eaee8d6f in pfil_hooks: always reassign ip after calling hook. 1996-12-20 08:39:29 +00:00
mrg a24be0b669 remove pfil_bad. 1996-12-20 08:39:27 +00:00
mycroft ef60fc0bad Minor change to a comment. 1996-12-11 01:55:50 +00:00
mycroft 315bb1ab50 Fix RTT scaling problems introduced with Brakmo and Peterson changes. 1996-12-10 18:20:19 +00:00
mycroft a26a19aeda Return EAGAIN if binding with no specified port and the pool is empty. 1996-12-10 11:38:42 +00:00
thorpej 096b0d6c6e In udp_output(), sanity check the length of the packet to be transmitted. 
If it's larger than IP_MAXPACKET, return an error condition.
Based on a patch from Bill Fenner <fenner@parc.xerox.com>
 1996-10-25 06:35:16 +00:00
thorpej 59bbc2199e In rip_output(), sanity check the length of the packet to be transmitted. 
If it's larger than IP_MAXPACKET, return an error condition.
Based on a patch from Bill Fenner <fenner@parc.xerox.com>
 1996-10-25 06:33:36 +00:00
thorpej e55c8a9c7e Before concatenating frags, sanity check the length of the packet. If it's 
larger than IP_MAXPACKET, discard it.
Based on a patch from Bill Fenner <fenner@parc.xerox.com>
 1996-10-25 06:30:32 +00:00
thorpej 65c188b3c7 Make length and offset fields unsigned. From Kevin M. Lahey <kml@nas.nasa.gov> 
Add a counter to IP stats, to count packets which are discarded on the
grounds that they are too large.
 1996-10-25 06:24:16 +00:00
thorpej ee34a9ab6d Make length and offset fields unsigned. From Kevin M. Lahey <kml@nas.nasa.gov> 1996-10-25 06:22:24 +00:00
veego b962d9a3eb Fix a panic from the pfil_hooks. 1996-10-22 11:27:05 +00:00
ws 31bdb14ed5 Rename recently checked in KGDB to IPKDB to resolve conflicts with older KGDB 1996-10-16 19:32:08 +00:00
christos ad67e04154 backout previous kprintf change 1996-10-13 16:50:51 +00:00
christos 5545959d0b backout previous kprintf changes 1996-10-13 02:03:00 +00:00
is 08899f4a1b Fix a mbuf leak in ip_output(). 
Scenario: If ip_insertoptions() prepends a new mbuf to the chain, the
bad: label's m_freem(m0) still would free only the original mbuf chain
if the transmission failed for, e.g., no route to host; resulting in
one lost mbuf per failed packet. (The original posting included a
demonstration program).

Original report of this bug was by jinmei@isl.rdc.toshiba.co.jp
(JINMEI Tatuya) on comp.bugs.4bsd.
 1996-10-11 18:19:08 +00:00
christos 6d7ad25bea printf -> kprintf, sprintf -> ksprintf 1996-10-10 23:12:43 +00:00
christos 2768f040b3 - fix NSIP; it referenced non-existing functions. 1996-10-10 23:04:26 +00:00
thorpej 63a2506f79 Merge netbsd-1-2 branch back into mainline. 1996-10-09 01:15:04 +00:00
ws 093a00671f Add (and change) machine independent files for KGDB support 1996-09-30 16:16:45 +00:00
perry 17fcad6b2c commit fix in pr 2772 -- the IP input code was assuming that the 
reserved (must be zero) flag must necessarily be zero. We now define
an IP_RF (by analogy to IP_DF and IP_MF) and mask it out when necessary.
 1996-09-21 19:44:32 +00:00
mycroft d6121891ef Overlay inp_faddr and inp_laddr into the header prototype. 1996-09-17 17:10:20 +00:00
mycroft 457b1b1333 Make sure the sin_zero fields are filled. 1996-09-16 17:45:17 +00:00
mycroft 9bfa240a98 Hash unconnected PCBs. 1996-09-15 18:11:06 +00:00
mrg a5f00f16bc move the packet filter hooks in to a saner location. while i'm here, rename 
PACKET_FILTER to PFIL_HOOKS.
 1996-09-14 14:40:20 +00:00
mrg 4b851a2d9b remove an unused variable. 1996-09-14 12:35:07 +00:00
mrg df4a844f44 forward decl. struct mbuf (for now). 1996-09-12 23:11:40 +00:00
explorer f5a52c4260 Move an #ifdef _KERNEL up above all the packet filter stuff. This 
could very well break the packet filter stuff, but it will make things
like rcp.c compile, and rcp.c should not need to include sys/mbuf.h
to do so...
 1996-09-12 22:56:03 +00:00
mycroft da2cd7eb82 If we're in SYN-SENT or SYN-RECEIVED state, don't reset the keepalive 
timer until we transition to ESTABLISHED state.  Suggested by TCP/IP
vol 3.
 1996-09-10 23:26:05 +00:00
mycroft 9bb1acd303 Rework the token bucket filter to use a list of packets rather than a static 
array.  Also, fix several memory leaks.  From Bill Fenner.
 1996-09-09 17:14:04 +00:00
mycroft 23437fc3d2 Cosmetic changes, some from Bill Fenner. 1996-09-09 17:09:50 +00:00
mycroft 62a6cce9ca Add in_nullhost() and in_hosteq() macros, to hide some protocol 
details.  Also, fix a bug in TCP wrt SYN+URG packets.
 1996-09-09 14:51:07 +00:00
mycroft f5c7d8bcc1 Save 68 bytes of the packet for ICMP, not 64. From Laine Stump, PR 2296. 1996-09-08 15:49:43 +00:00
mrg e27343e07d fix a couple of minor nits after discussions with jason. 1996-09-07 04:55:16 +00:00
mrg ae47956db0 add packet filter interface code. see pfil(9) for more details. you 
need the PACKET_FILTER option to enable this code.  currently, ipfilter
version 3.1.1-beta has been converted to use this new interface.
 1996-09-06 05:07:43 +00:00
perry 94a217e163 Commit PR 2671, which adds an "IPNOPRIVPORTS" config option that turns 
off the code that normally only allows root to bind low TCP
ports. Useful on firewalls and such.
 1996-09-05 18:10:03 +00:00
thorpej 3ca11aa1ad Fix some DIAGNOSTIC printf() formats; ntohl() provides a 32-bit quantity, 
and should be printed with %x, not %lx.
 1996-08-14 03:46:44 +00:00
neil 78bddbd393 Prototypes and definitions for ICMP Router Discovery, From FreeBSD. 
rdisc coming soon! :-)
 1996-08-03 15:48:18 +00:00
cgd 9764a289cd print result of ntohl/htonl as a long. (makes -Wformat work on the 
Alpha.)
 1996-07-10 18:13:35 +00:00
chuck 26cf9de9d5 ported ATM to FreeBSD 2.2-960612-SNAP 1996-07-03 17:17:10 +00:00
chuck cc499a99d9 change: 
- change asock to rxhand and adjust all for this [esp atm_input]
 1996-06-29 20:07:05 +00:00
chuck a08c95305d fixes/new stuff: 
[1] if user tries to enter in a bogus PVC don't leave it in the routing
        table ... remove it
[2] change ioctl arg to include rxso for lower layer
[3] add hooks (inside "NATM" ifdef) for native mode atm sockets so that
        they don't clash with IP PVCs.   [i am still debugging the native
        mode atm socket protosw code]
 1996-06-26 04:18:44 +00:00
mycroft 865bfae299 Return ENOPROTOOPT rather than picking pseudo-random error values. 
Don't allow SIOCGET{VIF,SG}CNT from sockets other than the multicast router.
Restructure rip_ctloutput() like ip_ctloutput(), and fix memory leaks.
 1996-06-23 12:12:44 +00:00
chuck d9c6fd68b8 network support for ATM networks (ATM == Async Transfer Mode, not 
Automatic Teller Machine).

Currently supports PVCs only (no ATM ARP either).
 1996-06-22 01:47:35 +00:00
pk ecbb3b2eb2 Prototype new rip_*() functions. 1996-05-28 23:27:04 +00:00
mycroft 91ac291d97 Move some code into a separate rip_bind() function. 1996-05-24 19:03:13 +00:00
mycroft 9347e648d8 udp_output() doesn't actually take control data, so don't pretend it does. 1996-05-23 17:05:45 +00:00
mycroft f399db63a4 Make sure the control mbufs are freed in all cases. 1996-05-23 17:03:27 +00:00
mycroft 60395beed8 Fix a race condition in PRU_DISCONNECT. 
Rearrange the code to deal with unconnected sockets slightly.
Other minor changes.
 1996-05-23 16:22:32 +00:00
mycroft e930766cdc Minor changes. 1996-05-23 16:13:19 +00:00
mycroft aee4be7a7f Minor changes to make this more like other protocols. Also, fix some return 
values.
 1996-05-23 16:12:15 +00:00
mycroft a8ba1d063c A few style changes to match netiso and netns. 1996-05-22 14:42:27 +00:00
mycroft 49d52c9b1c Pass a proc pointer down to the usrreq and pcbbind functions for PRU_ATTACH, PRU_BIND and 
PRU_CONTROL.  The usrreq interface really needs to be split up, but this will have to wait.
Remove SS_PRIV completely.
 1996-05-22 13:54:55 +00:00
mrg 4e25d1d20b if the sender set a cksum, check it, regardless if we care to 
generate and send them ourselves.  from rich stevens.
 1996-05-20 16:56:20 +00:00
mycroft e901286aad When sending an ARP request, use the interface address for the route, rather 
than the first address assigned.  This gives slightly different behaviour in
the presence of aliases.  From Bill Fenner, via Pete Bentley.
 1996-05-11 12:59:55 +00:00
thorpej 4edabe2501 Changed struct ifnet to have a pointer to the softc of the underlying 
device and a printable "external name" (name + unit number), thus eliminating
if_name and if_unit.  Updated interface to (*if_watchdog)() and (*if_reset)()
to take a struct ifnet *, rather than a unit number.
 1996-05-07 02:40:22 +00:00
jonathan 24a8c21b53 fixes for -Wall -Wmissing-prototypes: 
include <sys/systm.h> to get a prototyped declaration of printf().
include <netinet/in.h> to get a prototyped declaration of in_cksum().
 1996-04-08 19:55:37 +00:00
christos dd7163922a Fix db_printf formats 1996-03-30 21:53:19 +00:00
christos 2769793c13 Fix printf format args. 1996-03-16 23:53:58 +00:00
mrg 32cdb91fa3 two more local addr changes, all done differently now (idea from charles) 1996-02-26 23:16:42 +00:00
mrg 86b9b4d6be if we are connecting *to* an address of any local interface, default the 
local address of the socket to the same address.
 1996-02-26 08:25:47 +00:00
christos b2cc81b8fe Fix PR/2095 options MROUTING did not compile. 1996-02-18 18:58:32 +00:00
christos 14d9cd33af netinet prototypes 1996-02-13 23:40:59 +00:00
mycroft 0a47ede0fe Ignore FIN if not yet connected. 1996-01-31 05:56:56 +00:00
mycroft ac01b2f206 Add a comment describing the previous. 1996-01-31 05:42:37 +00:00
mycroft a4e1bceb84 If we close from FIN_WAIT_2 state, make sure we don't leave the socket 
around forever if we don't get a final FIN.  From Arne Juul, PR 1659.
 1996-01-31 05:37:29 +00:00
mycroft 67e78477db Build a hash table of PCBs. Hash function needs tweaking. 1996-01-31 03:49:23 +00:00
thorpej 535abd80a2 Add a net.inet.ip.directed-broadcast sysctl as suggested by 
Darren Reed <darrenr@vitruvius.arbld.unimelb.edu.au> in PR #1227.
This change is slightly different than the one submitted by Darren in
that the DIRECTED_BROADCAST compile-time option will behave like it used
to so that existing configurations utilizing it won't have to change.
 1996-01-16 04:17:30 +00:00
thorpej 4b359df8c4 Add net.inet.ip.forwsrcrt: if zero, the system will not forward 
source-routed packets.  Note this value is protected by kernel security
level; it can only be changed if securelevel < 1.
 1996-01-15 21:11:46 +00:00
pk c069674663 Handle PRU_CONTROL (David Maltz; PR#1664). 1995-11-30 16:42:18 +00:00
cgd dfad729a16 make netinet work on systems where pointers and longs are 64 bits 
(like the alpha).  Biggest problem: IP headers were overlayed with
structure which included pointers, and which therefore didn't overlay
properly on 64-bit machines.  Solution: instead of threading pointers
through IP header overlays, add a "queue element" structure to do
the threading, and point it at the ip headers.
 1995-11-21 01:07:34 +00:00
thorpej 7884abf9e5 Implement tcp_sysctl(). Add a sysctl option to enable/disable RFC1323 
extensions to TCP.  From John Kohl <jtk@kolvir.blrc.ma.us>.
 1995-09-30 07:02:00 +00:00
mycroft 873ed30f83 so_pcb should be a void *. 1995-08-17 02:57:20 +00:00
mycroft 5482957905 splnet --> splsoftnet 1995-08-12 23:59:09 +00:00
mycroft 68735fd022 Encapsulate the test for sending a notification in a macro, sb_notify(). 1995-08-04 01:09:57 +00:00
cgd 5b435dbf05 null mbuf pointer could cause system crash; avoid it. From 
Torsten Duwe <duwe@immd4.informatik.uni-erlangen.de>.
 1995-07-01 03:44:55 +00:00
cgd 23e75a550d fix typo 1995-06-26 08:46:16 +00:00
cgd f90cf78fba convert pcb lists to CIRCLEQs, so that the end can be looked at more 
easily, and so that the original (insque/remque) logic can be effectively
mimiced.  (This fixes a bug in the previous set of list changes.)
also (since terminator is no longer null) reinstate uninitted list checks,
but mark them XXX.
 1995-06-18 20:01:08 +00:00
mycroft cd7edee1ca in_pcbnotify*() don't return anything. 1995-06-12 06:49:55 +00:00
mycroft 351cfd5ed8 Fix bogon in previous. 1995-06-12 06:48:54 +00:00
mycroft 22687aa834 Change in_pcbnotify*() to take an errno value. Make inetctlerrmap[] an 
array on ints, not u_chars.
 1995-06-12 06:46:34 +00:00
mycroft 10a4696964 Oops. Make source quench work again. 1995-06-12 06:24:21 +00:00
mycroft c88cf97b34 Clear the MFC entry's statistical counters when doing an upcall. 1995-06-12 03:05:12 +00:00
mycroft 6897f39ae9 Various cleanup, including: 
* Convert several data structures to use queue.h.
* Split in_pcbnotify() into two parts; one for notifying a specific PCB, and
one for notifying all PCBs for a particular foreign address.
 1995-06-12 00:46:47 +00:00
mycroft f9337c3f1e Oops. Decrement rtt earlier. 1995-06-11 21:36:04 +00:00
mycroft 2be9b519ac As suggested by Brakmo and Peterson: 
* Don't add the extra 1/8 of the mss when ramping up the congestion window.
* Scale the RTT values slightly to adjust for rounding errors.
* Set the lower bound of the RTO to RTT+2.
 1995-06-11 20:39:22 +00:00
mycroft 4ce5bb3dd4 Check for inflated congestion window during header prediction, per Bramko and 
Peterson.
 1995-06-11 09:36:28 +00:00
mycroft 3a8e9c62b8 Remove ip_ifmatrix completely. 1995-06-07 16:01:15 +00:00
cgd d4f62dcb69 update from Ignatios Souvatzis 1995-06-07 00:13:52 +00:00
mycroft 4906fd756f Simplify ipip_input() a bit. Don't blow away the vif cache if someone sends 
us a bogus packet.
 1995-06-04 07:38:19 +00:00
mycroft e30d6fd798 Simply tbf_control() a bit. 1995-06-04 07:20:47 +00:00
mycroft b8c4ea6580 Eliminate compiler warnings. 1995-06-04 06:55:30 +00:00
mycroft e201372b7d For consistency, set sin_len for SIOC{ADD,DEL}MULTI. 1995-06-04 06:46:05 +00:00
mycroft 51a0da73db Remove one more bogus cast. 1995-06-04 06:03:53 +00:00
mycroft 41703012d6 Don't cast things unnecessarily. 1995-06-04 05:58:20 +00:00
mycroft 0a99592372 Clean up many more casts. 1995-06-04 05:06:49 +00:00
mycroft 06a9ea20e8 Clean up a lot of ugly casts. 1995-06-04 04:35:29 +00:00
mycroft 489f42a2d8 Dynamically allocate the deencapsulation interfaces. Abstract the code to 
reset a vif into a separate function.
 1995-06-02 04:23:05 +00:00
mycroft 4516e8c845 Don't use INADDR_* constants in case labels. 1995-06-01 21:46:27 +00:00
mycroft eb216fd6c2 Avoid byte-swapping IP addresses at run time. 1995-06-01 21:35:34 +00:00
mycroft 2eaf92b3e5 Add missing ntohl() in multicast test. 1995-06-01 15:59:04 +00:00
mycroft ba9883ec57 Integrate multicast 3.5 distribution, with several bugs fixed and general 
cleanup.  This is a (working) snapshot of work in progress.
 1995-05-31 21:50:34 +00:00
mycroft a54e2ffa20 Add IPPROTO_IP. Fix comment for IP_MULTICAST_IF. 1995-05-31 07:39:33 +00:00
mycroft f49ddb8b04 Implement IGMP v2. Based on the Multicast 3.5 distribution. 1995-05-31 06:08:17 +00:00
cgd dd614d8474 parenthesize macro arg usage 1995-05-16 05:26:36 +00:00
cgd 0bfc08ac63 oops; forgot a '{' 1995-05-15 02:09:58 +00:00
cgd 05af191f3b spacing fixups and KNF. #define ether address size, so it's not 
hardcoded as '6' all over.
 1995-05-15 01:30:44 +00:00
cgd cd172a4d08 KNF 1995-05-15 01:25:21 +00:00
cgd b4cd363b69 simplify ip_output() out-of-memory condition slightly, and style nits. 1995-05-15 01:24:53 +00:00
cgd e7164bb2fd "routine" precedence has a value of 0. 1995-05-15 01:22:44 +00:00
cgd 2c1e3c655f drop (and record) malformed IP fragments. Fixes pr 1030 (differently). 1995-05-14 08:23:00 +00:00
cgd c03b53c2e8 spacing cleaup. also, minor type mixup fixups. 1995-04-17 05:32:52 +00:00
chopps 999aa2cc32 update arc_input() proto to match reality. 1995-04-14 17:09:39 +00:00
cgd 1e2fe7fa41 oops; missed the chance to fix a cast, that then becamse a compiler warning. 1995-04-13 20:09:23 +00:00
cgd 80929f8527 be a bit more careful and explicit with types. (basically a large no-op.) 1995-04-13 06:35:38 +00:00
cgd b5b72d26ea be a bit more careful and explicit with types. (basically a large no-op.) 1995-04-13 06:25:36 +00:00
mycroft 8b77f9cd5f Remove some explicit references to loif. 1995-04-11 04:30:47 +00:00
mycroft 2f30839b62 Remove now unneeded #ifdef. Prototype new function. 1995-04-10 00:06:54 +00:00
mycroft 99cd177c88 Add a common function to initialize ARP-related variables. `Insired' 
by Garrett Wollman.
 1995-04-07 22:26:04 +00:00
briggs 6efcd1b6d4 KERNEL -> _KERNEL 1995-03-29 21:57:43 +00:00
jtc 7c04233887 KERNEL -> _KERNEL 1995-03-26 20:23:52 +00:00
glass e553431826 Default linger time was 120 clock ticks instead of the intended 
2 minutes.
[Bug pointed out by Wright/Stevens in TCP/IP Illustrated Vol II]
 1995-03-21 07:48:14 +00:00
glass af55380e5a remove references to arptnew. fix spelling error 1995-03-06 19:06:05 +00:00
glass 14e57cebfa Fix for two bad tests in the raw IP socket input code. Only affected 
raw sockets that were bound to a local address and/or connected to a
foreign address.   Fix from Dan McDonald <danmcd@itd.nrl.navy.mil>
 1995-03-02 09:33:40 +00:00
chopps 7908b4858d add prototypes 1995-03-02 09:14:38 +00:00
glass 48b5b94c4f fix some typos. from frank@fwi.uva.nl (Frank van der Linden) 1995-02-27 09:10:24 +00:00
glass f634dc196b preliminary arcnet support. uses lame but RFC address resolution 1995-02-23 07:19:49 +00:00
mycroft 153c5e083f Fix a condition where we sometimes sent a FIN too early. Also, a small 
optimization.
 1995-01-23 20:18:35 +00:00
mycroft 4d0a512f67 Fix mbuf leak in rip_ctloutput(). 1995-01-12 06:23:45 +00:00
mycroft 22ab689dfe Fix off by one error in in_socktrim(), reported by Karn Fox. 1994-11-03 14:57:35 +00:00
mycroft 63bb09e6da Don't return received data to the user until the initial handshake is complete. 
Also use TCPS_HAVEESTABLISHED() in a few other places.
 1994-10-14 16:01:48 +00:00