![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sys / net
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.109 / (download) - annotate - [select for diffs], Sat Dec 23 10:52:54 2023 UTC (5 months, 2 weeks ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.108: +2 -1 lines
Diff to previous 1.108 (colored)
Backout always allocate per-CPU statistics counters for network interface descriptor. It panics during attach of em(4) device at boot.
Revision 1.108 / (download) - annotate - [select for diffs], Fri Dec 22 23:01:50 2023 UTC (5 months, 2 weeks ago) by mvs
Branch: MAIN
Changes since 1.107: +1 -2 lines
Diff to previous 1.107 (colored)
Always allocate per-CPU statistics counters for network interface descriptor. We have the mess in network interface statistics. Only pseudo drivers do per-CPU counters allocation, all other network devices use the old `if_data'. The network stack partially uses per-CPU counters and partially use `if_data', but the protection is inconsistent: some times counters accessed with exclusive netlock, some times with shared netlock, some times with kernel lock, but without netlock, some times with another locks. To make network interfaces statistics more consistent, always allocate per-CPU counters at interface attachment time and use it instead of `if_data'. At this step only move counters allocation to the if_attach() internals. The `if_data' removal will be performed with the following diffs to make review and tests easier. ok bluhm
Revision 1.107 / (download) - annotate - [select for diffs], Tue Dec 19 20:34:10 2023 UTC (5 months, 3 weeks ago) by mvs
Branch: MAIN
Changes since 1.106: +3 -3 lines
Diff to previous 1.106 (colored)
Initialize `sc_outputtask' before interface attachment. if_alloc_sadl() has sleep point, so the uninitialized `sc_outputtask` could be accessed through ioctl(2) interface. ok sashan bluhm
Revision 1.106 / (download) - annotate - [select for diffs], Sat Dec 16 22:16:02 2023 UTC (5 months, 3 weeks ago) by mvs
Branch: MAIN
Changes since 1.105: +49 -37 lines
Diff to previous 1.105 (colored)
Rework pflowioctl() lock dances. Release netlock and take `sc_lock' rwlock(9) just in the beginning of pflowioctl() and do corresponding operations in the end. Use `sc_lock' to protect `sc_dying'. We need to release netlock not only to keep locks order with `sc_lock' rwlock(9), but also because pflowioctl() calls some operations like socreate() or soclose() on udp(4) socket. Current implementation has many relocking places which breaks atomicy, so merge them into one. The `sc_lock' rwlock(9) is taken during all pflowioctl() call, so `sc_dying' atomicy is not broken. Not the ideal solution, but better then we have now. Tested by Hrvoje Popovski. Discussed with and ok from sashan
Revision 1.105 / (download) - annotate - [select for diffs], Tue Dec 12 12:38:52 2023 UTC (5 months, 4 weeks ago) by mvs
Branch: MAIN
Changes since 1.104: +3 -3 lines
Diff to previous 1.104 (colored)
slyle(9) fix. No functional changes.
Revision 1.104 / (download) - annotate - [select for diffs], Tue Dec 12 00:03:31 2023 UTC (5 months, 4 weeks ago) by mvs
Branch: MAIN
Changes since 1.103: +41 -18 lines
Diff to previous 1.103 (colored)
Turn `pflowstats' statistics counters into per-CPU counters to make them mpsafe. The weird interactions around `pflow_flows' and `sc_gcounter' replaced by simple `pflow_flows' increment. Since the flow sequence is the 32 bits integer, the `sc_gcounter' type replaced by the type of uint32_t. ok bluhm sashan
Revision 1.103 / (download) - annotate - [select for diffs], Mon Dec 11 14:25:09 2023 UTC (5 months, 4 weeks ago) by mvs
Branch: MAIN
Changes since 1.102: +10 -8 lines
Diff to previous 1.102 (colored)
Turn `pflow_softc' list into SMR list. Since the revision 1.1182 of net/pf.c netlock is not taken while export_pflow() called from pf_purge_states(). Current locks order requires netlock to be taken before PF_LOCK(), so there is no reason to turn it back into this path only for optional export_pflow() call. The `pflowif_list' foreach loop has no context switch within, so SMR list is better than mutex(9). Tested by Hrvoje Popovski. ok sashan bluhm
Revision 1.102 / (download) - annotate - [select for diffs], Fri Dec 8 23:15:44 2023 UTC (6 months ago) by mvs
Branch: MAIN
Changes since 1.101: +3 -3 lines
Diff to previous 1.101 (colored)
Add spaces around '='. style(9) fix, no functional changes.
Revision 1.101 / (download) - annotate - [select for diffs], Fri Dec 8 23:13:40 2023 UTC (6 months ago) by mvs
Branch: MAIN
Changes since 1.100: +49 -3 lines
Diff to previous 1.100 (colored)
Introduce `sc_mtx' mutex(9) to protect the most of pflow_softc structure. Protect the `send_nam', `sc_flowsrc' and `sc_flowdst' pflow_softc members by existing `sc_lock' rwlock(9). This partially fixes locking inconsistency of pflow_softc. The following work will be done with separate diffs. Also, pass `sc' instead of NULL to pflow_get_mbuf() while calling from pflow_sendout_ipfix_tmpl(). This fixes the NULL dereference. ok bluhm@
Revision 1.100 / (download) - annotate - [select for diffs], Thu Nov 9 08:53:20 2023 UTC (7 months ago) by mvs
Branch: MAIN
Changes since 1.99: +22 -38 lines
Diff to previous 1.99 (colored)
Remove delayed timeout(9) initialization. timeout_set*() only assign members of passed timeout structure, this delayed initialization provides nothing but makes code weird. ok kn
Revision 1.99 / (download) - annotate - [select for diffs], Thu Apr 13 02:19:05 2023 UTC (13 months, 4 weeks ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.98: +1 -2 lines
Diff to previous 1.98 (colored)
remove duplicate includes ok deraadt@ miod@ krw@
Revision 1.98 / (download) - annotate - [select for diffs], Wed Nov 23 15:12:27 2022 UTC (18 months, 2 weeks ago) by mvs
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.97: +21 -6 lines
Diff to previous 1.97 (colored)
Make `so' dereference safe within pflow_output_process(). sosend() has sleep points, so the kernel lock serialisation within pflow_output_process() doesn't work as expected. The pflow(4) interface associated socket `so' could be overwritten by concurrent pflowioctl() thread. Introduce pflow(4) interface's `sc_lock' rwlock(9) to make `so' dereference safe. Since the solock() of udp(4) sockets uses netlock as backend, the `sc_lock' should be taken first. This expands a little netlock relocking within pflowioctl(). pflow_sendout_mbuf() called by pflow_output_process(), now called without kernel lock held, so the mp safe counters_pkt(9) used instead of manual `if_opackets' increment. Since if_detach() does partial ifnet destruction, now it can't be called before we finish pflow_output_process() task, otherwise we introduce use after free for interface counters. In other hand, we need to deny pflowioctl() to reschedule pflow_output_process() task. The `sc_dyind' flag introduced for that. Tested by Hrvoje Popovski. ok bluhm@
Revision 1.97 / (download) - annotate - [select for diffs], Fri Nov 11 10:51:46 2022 UTC (18 months, 4 weeks ago) by dlg
Branch: MAIN
Changes since 1.96: +3 -1 lines
Diff to previous 1.96 (colored)
prepare for moving struct pf_state from pfvar.h to pfvar_priv.h pflow obviously looks at the kernel pf state structure to do it's thing, so it will need the header that provides it. i'm committing this chunk separately to the actual pf_state move to keep the commits small and simple. ok sashan@
Revision 1.96 / (download) - annotate - [select for diffs], Fri Aug 12 16:38:50 2022 UTC (21 months, 4 weeks ago) by mvs
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.95: +2 -5 lines
Diff to previous 1.95 (colored)
Remove unused fields from 'pflow_softc' structure. ok bluhm@
Revision 1.95 / (download) - annotate - [select for diffs], Fri Aug 12 16:38:09 2022 UTC (21 months, 4 weeks ago) by mvs
Branch: MAIN
Changes since 1.94: +6 -4 lines
Diff to previous 1.94 (colored)
Fix race between pflow_output_process() and pflow_clone_destroy(). Unlink pflow(4) interface from `pflowif_list' before start destruction to prevent pflow_output_process() being rescheduled. Also wait until running pflow_output_process() task finished. Problem reported and fix tested by Hrvoje Popovski. ok bluhm@
Revision 1.94 / (download) - annotate - [select for diffs], Mon Jun 6 14:45:41 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.93: +3 -4 lines
Diff to previous 1.93 (colored)
Simplify solock() and sounlock(). There is no reason to return a value for the lock operation and to pass a value to the unlock operation. sofree() still needs an extra flag to know if sounlock() should be called or not. But sofree() is called less often and mostly without keeping the lock. OK mpi@ mvs@
Revision 1.93 / (download) - annotate - [select for diffs], Fri Aug 21 22:59:27 2020 UTC (3 years, 9 months ago) by kn
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.92: +1 -2 lines
Diff to previous 1.92 (colored)
Leave default ifq_maxlen handling to ifq_init() Most clonable interface drivers (except bridge, enc, loop, pppx, switch, trunk and vlan) initialise the send queue's length to IFQ_MAXLEN during *_clone_create() even though ifq_init(), which is eventually called through if_attach(), does the same. Remove all early "ifq_set_maxlen(&ifq->if_snd, IFQ_MAXLEN);" lines to leave it to ifq_init() and have clonable drivers a tad more in sync. OK mvs
Revision 1.92 / (download) - annotate - [select for diffs], Fri Jul 10 13:26:42 2020 UTC (3 years, 11 months ago) by patrick
Branch: MAIN
Changes since 1.91: +2 -2 lines
Diff to previous 1.91 (colored)
Change users of IFQ_SET_MAXLEN() and IFQ_IS_EMPTY() to use the "new" API. ok dlg@ tobhe@
Revision 1.91 / (download) - annotate - [select for diffs], Wed Jun 24 22:03:42 2020 UTC (3 years, 11 months ago) by cheloha
Branch: MAIN
Changes since 1.90: +16 -16 lines
Diff to previous 1.90 (colored)
kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9) time_second(9) and time_uptime(9) are widely used in the kernel to quickly get the system UTC or system uptime as a time_t. However, time_t is 64-bit everywhere, so it is not generally safe to use them on 32-bit platforms: you have a split-read problem if your hardware cannot perform atomic 64-bit reads. This patch replaces time_second(9) with gettime(9), a safer successor interface, throughout the kernel. Similarly, time_uptime(9) is replaced with getuptime(9). There is a performance cost on 32-bit platforms in exchange for eliminating the split-read problem: instead of two register reads you now have a lockless read loop to pull the values from the timehands. This is really not *too* bad in the grand scheme of things, but compared to what we were doing before it is several times slower. There is no performance cost on 64-bit (__LP64__) platforms. With input from visa@, dlg@, and tedu@. Several bugs squashed by visa@. ok kettenis@
Revision 1.90 / (download) - annotate - [select for diffs], Mon Jul 30 12:22:14 2018 UTC (5 years, 10 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.89: +6 -6 lines
Diff to previous 1.89 (colored)
Use FNONBLOCK instead of SS_NBIO to check/indicate that the I/O mode for sockets is non-blocking. This allows us to G/C SS_NBIO. Having to keep the two flags in sync in a mp-safe way is complicated. This change introduce a behavior change in sosplice(), it can now always block. However this should not matter much due to the socket lock being taken beforhand. ok bluhm@, benno@, visa@
Revision 1.89 / (download) - annotate - [select for diffs], Mon Jul 16 16:54:30 2018 UTC (5 years, 10 months ago) by jasper
Branch: MAIN
Changes since 1.88: +8 -3 lines
Diff to previous 1.88 (colored)
use 'switch' rathan than an if-else construct to match on the netflow version to in pflow_get_mbuf(), to match the rest of the file ok benno@ florian@
Revision 1.88 / (download) - annotate - [select for diffs], Wed Jun 6 06:55:22 2018 UTC (6 years ago) by mpi
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)
Pass the socket to sounlock(), this prepare the terrain for per-socket locking. ok visa@, bluhm@
Revision 1.87 / (download) - annotate - [select for diffs], Mon Feb 19 08:59:52 2018 UTC (6 years, 3 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.86: +2 -2 lines
Diff to previous 1.86 (colored)
Remove almost unused `flags' argument of suser(). The account flag `ASU' will no longer be set but that makes suser() mpsafe since it no longer mess with a per-process field. No objection from millert@, ok tedu@, bluhm@
Revision 1.86 / (download) - annotate - [select for diffs], Tue Jan 9 15:24:24 2018 UTC (6 years, 5 months ago) by bluhm
Branch: MAIN
Changes since 1.85: +2 -6 lines
Diff to previous 1.85 (colored)
Creating a cloned interface could return ENOMEM due to temporary memory shortage. As it is invoked from a system call, it should not fail and wait instead. OK visa@ mpi@
Revision 1.85 / (download) - annotate - [select for diffs], Tue Oct 31 22:05:12 2017 UTC (6 years, 7 months ago) by sashan
Branch: MAIN
Changes since 1.84: +5 -5 lines
Diff to previous 1.84 (colored)
- add one more softnet taskq NOTE: code still runs with single softnet task. change definition of SOFTNET_TASKS in net/if.c, if you want to have more than one softnet task OK mpi@, OK phessler@
Revision 1.84 / (download) - annotate - [select for diffs], Fri Sep 8 05:36:53 2017 UTC (6 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.83: +2 -3 lines
Diff to previous 1.83 (colored)
If you use sys/param.h, you don't need sys/types.h
Revision 1.83 / (download) - annotate - [select for diffs], Sat Aug 12 20:27:28 2017 UTC (6 years, 10 months ago) by mpi
Branch: MAIN
Changes since 1.82: +4 -6 lines
Diff to previous 1.82 (colored)
Use the NET_LOCK() macro instead of handrolling it. Tested by Hrvoje Popovski.
Revision 1.82 / (download) - annotate - [select for diffs], Fri Aug 11 21:24:19 2017 UTC (6 years, 10 months ago) by mpi
Branch: MAIN
Changes since 1.81: +6 -7 lines
Diff to previous 1.81 (colored)
Remove NET_LOCK()'s argument. Tested by Hrvoje Popovski, ok bluhm@
Revision 1.81 / (download) - annotate - [select for diffs], Thu Aug 10 19:20:43 2017 UTC (6 years, 10 months ago) by mpi
Branch: MAIN
Changes since 1.80: +4 -1 lines
Diff to previous 1.80 (colored)
Move the solock()/sounlock() dance outside of sobind(). ok phessler@, visa@, bluhm@
Revision 1.80 / (download) - annotate - [select for diffs], Wed May 31 13:05:43 2017 UTC (7 years ago) by visa
Branch: MAIN
Changes since 1.79: +12 -10 lines
Diff to previous 1.79 (colored)
Use mbuf_queue to properly serialize access to pflow output queue. Input from mpi@, jmatthew@; OK mpi@, henning@, benno@
Revision 1.79 / (download) - annotate - [select for diffs], Tue May 30 21:57:39 2017 UTC (7 years ago) by benno
Branch: MAIN
Changes since 1.78: +4 -8 lines
Diff to previous 1.78 (colored)
remove no longer needed splnet/splx. ok florian@
Revision 1.78 / (download) - annotate - [select for diffs], Sat May 27 21:44:22 2017 UTC (7 years ago) by benno
Branch: MAIN
Changes since 1.77: +3 -2 lines
Diff to previous 1.77 (colored)
fix previous as noted by mpi, thx florian
Revision 1.77 / (download) - annotate - [select for diffs], Sat May 27 21:06:06 2017 UTC (7 years ago) by benno
Branch: MAIN
Changes since 1.76: +40 -45 lines
Diff to previous 1.76 (colored)
move sending of pflow packet into a task, seperated from the data collection by a mbuf queue. with help from mpi@ ok florian@
Revision 1.76 / (download) - annotate - [select for diffs], Mon May 15 12:26:00 2017 UTC (7 years ago) by mpi
Branch: MAIN
Changes since 1.75: +7 -1 lines
Diff to previous 1.75 (colored)
Enable the NET_LOCK(), take 3. Recursions are still marked as XXXSMP. ok deraadt@, bluhm@
Revision 1.75 / (download) - annotate - [select for diffs], Fri Mar 17 17:19:16 2017 UTC (7 years, 2 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.74: +1 -7 lines
Diff to previous 1.74 (colored)
Revert the NET_LOCK() and bring back pf's contention lock for release. For the moment the NET_LOCK() is always taken by threads running under KERNEL_LOCK(). That means it doesn't buy us anything except a possible deadlock that we did not spot. So make sure this doesn't happen, we'll have plenty of time in the next release cycle to stress test it. ok visa@
Revision 1.74 / (download) - annotate - [select for diffs], Thu Feb 16 10:15:12 2017 UTC (7 years, 3 months ago) by mpi
Branch: MAIN
Changes since 1.73: +4 -1 lines
Diff to previous 1.73 (colored)
Revert "Release the NET_LOCK() before entering per-driver ioctl() routine". This is most likely to be the cause of the deadlock seen by port builders since it's the only changed that happened after a2k17. Instead bring back pirofti@ original hack to release the NET_LOCK() inside iwm(4) and iwn(4). This fixes some splassert reported by bluhm@ Deadlock reported by naddy@ and rpe@ and ajacoutot@ confirmed the deadlock has been introduced post a2k17. Tested by and ok tb@
Revision 1.73 / (download) - annotate - [select for diffs], Tue Feb 7 15:34:47 2017 UTC (7 years, 4 months ago) by mpi
Branch: MAIN
Changes since 1.72: +1 -4 lines
Diff to previous 1.72 (colored)
No longer need to unlock the netlock since the upper layer is doing it. Found by Hrvoje Popovski.
Revision 1.72 / (download) - annotate - [select for diffs], Wed Jan 25 06:15:50 2017 UTC (7 years, 4 months ago) by mpi
Branch: MAIN
Changes since 1.71: +7 -1 lines
Diff to previous 1.71 (colored)
Enable the NET_LOCK(), take 2. Recursions are currently known and marked a XXXSMP. Please report any assert to bugs@
Revision 1.71 / (download) - annotate - [select for diffs], Tue Jan 24 10:08:30 2017 UTC (7 years, 4 months ago) by krw
Branch: MAIN
Changes since 1.70: +3 -3 lines
Diff to previous 1.70 (colored)
A space here, a space there. Soon we're talking real whitespace rectification.
Revision 1.70 / (download) - annotate - [select for diffs], Mon Jan 23 11:37:29 2017 UTC (7 years, 4 months ago) by mpi
Branch: MAIN
Changes since 1.69: +2 -1 lines
Diff to previous 1.69 (colored)
Flag pseudo-interfaces as such in order to call add_net_randomness() only once per packet. Fix a regression introduced when if_input() started to be called by every pseudo-driver. ok claudio@, dlg@
Revision 1.69 / (download) - annotate - [select for diffs], Fri Jan 20 00:51:56 2017 UTC (7 years, 4 months ago) by mpi
Branch: MAIN
Changes since 1.68: +1 -2 lines
Diff to previous 1.68 (colored)
No need to handle SIOCAIFADDR in drivers, it's never passed down to them. ok claudio@
Revision 1.68 / (download) - annotate - [select for diffs], Wed Jan 18 08:48:06 2017 UTC (7 years, 4 months ago) by florian
Branch: MAIN
Changes since 1.67: +27 -36 lines
Diff to previous 1.67 (colored)
Allow changing of sender ip/port without switching address family. With this regress tests pass again. OK benno
Revision 1.67 / (download) - annotate - [select for diffs], Wed Jan 18 08:47:00 2017 UTC (7 years, 4 months ago) by florian
Branch: MAIN
Changes since 1.66: +20 -17 lines
Diff to previous 1.66 (colored)
Allow changing of receiver ip/port without switching address family. OK benno
Revision 1.66 / (download) - annotate - [select for diffs], Tue Jan 3 10:50:56 2017 UTC (7 years, 5 months ago) by mpi
Branch: MAIN
Changes since 1.65: +152 -154 lines
Diff to previous 1.65 (colored)
Move the logic for SIOCSETPFLOW in a helper function to help with upcoming locking. ok visa@, bluhm@
Revision 1.65 / (download) - annotate - [select for diffs], Thu Dec 29 12:12:43 2016 UTC (7 years, 5 months ago) by mpi
Branch: MAIN
Changes since 1.64: +1 -10 lines
Diff to previous 1.64 (colored)
Change NET_LOCK()/NET_UNLOCK() to be simple wrappers around splsoftnet()/splx() until the known issues are fixed. In other words, stop using a rwlock since it creates a deadlock when chrome is used. Issue reported by Dimitris Papastamos and kettenis@ ok visa@
Revision 1.64 / (download) - annotate - [select for diffs], Wed Dec 21 12:28:49 2016 UTC (7 years, 5 months ago) by mikeb
Branch: MAIN
Changes since 1.63: +1 -4 lines
Diff to previous 1.63 (colored)
Remove the netlock workaround since if_detach is doing it for us now. ok mpi, bluhm
Revision 1.63 / (download) - annotate - [select for diffs], Tue Dec 20 15:07:32 2016 UTC (7 years, 5 months ago) by mpi
Branch: MAIN
Changes since 1.62: +13 -1 lines
Diff to previous 1.62 (colored)
Release the NET_LOCK() before calling any socket function since it is not recursive. This is temporary until all recursions are found and can be addressed in a correct way. With inputs from bluhm@
Revision 1.62 / (download) - annotate - [select for diffs], Tue Oct 4 13:54:32 2016 UTC (7 years, 8 months ago) by mpi
Branch: MAIN
Changes since 1.61: +6 -5 lines
Diff to previous 1.61 (colored)
Convert timeouts that need a process context to timeout_set_proc(9). The current reason is that rtalloc_mpath(9) inside ip_output() might end up inserting a RTF_CLONED route and that require a write lock. ok kettenis@, bluhm@
Revision 1.61 / (download) - annotate - [select for diffs], Fri Apr 29 08:55:03 2016 UTC (8 years, 1 month ago) by krw
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.60: +12 -2 lines
Diff to previous 1.60 (colored)
Make if_output() return EAFNOSUPPORT instead of just dropping packets and pretending the output succeeded. Packets are still dropped! Idea from jsg@ following same change to bridge(4). ok mpi@
Revision 1.60 / (download) - annotate - [select for diffs], Sat Oct 3 10:44:23 2015 UTC (8 years, 8 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.59: +135 -37 lines
Diff to previous 1.59 (colored)
IPv6 transport for pflow data. Input deraadt@ Bug fix & OK benno@
Revision 1.59 / (download) - annotate - [select for diffs], Sat Sep 12 22:07:47 2015 UTC (8 years, 9 months ago) by florian
Branch: MAIN
Changes since 1.58: +44 -58 lines
Diff to previous 1.58 (colored)
Call socreate(9) only when we have a destination ip and port. Call sobind(9) only when we have a source ip. With this we can treat sc->so != NULL as a flag if the interface is in state IFF_RUNNING. Input & OK bluhm@, OK benno@
Revision 1.58 / (download) - annotate - [select for diffs], Wed Sep 9 16:02:31 2015 UTC (8 years, 9 months ago) by florian
Branch: MAIN
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)
size for free() OK semarie@, deraadt@
Revision 1.57 / (download) - annotate - [select for diffs], Fri Sep 4 20:28:12 2015 UTC (8 years, 9 months ago) by florian
Branch: MAIN
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)
pflow_flush() still needs sc->send_nam; free it later.
Revision 1.56 / (download) - annotate - [select for diffs], Fri Sep 4 08:17:06 2015 UTC (8 years, 9 months ago) by mpi
Branch: MAIN
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)
Fix an mbuf use-after-fruit in pflow_clone_create(). Issue reported by semarie@ on bugs@ who also isolated the use-after-fruit to pflow(4) using dlg@'s tracing mbuf diff. Inputs from and ok florian@, semarie@, benno@
Revision 1.55 / (download) - annotate - [select for diffs], Tue Jul 21 03:03:10 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.54: +1 -2 lines
Diff to previous 1.54 (colored)
We don't do 'ARGSUSED' anymore
Revision 1.54 / (download) - annotate - [select for diffs], Tue Jul 21 03:00:20 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.53: +3 -5 lines
Diff to previous 1.53 (colored)
use curproc instead of proc0 pointed out by and OK bluhm@
Revision 1.53 / (download) - annotate - [select for diffs], Mon Jul 20 23:15:54 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.52: +96 -128 lines
Diff to previous 1.52 (colored)
Use the kernel socket interface (sosend(9) etc) instead of shoving packets directly into the network stack with ip_output(). The locking is intentionally left as is and will be improved in another commit. Input / OK bluhm@, OK benno@
Revision 1.52 / (download) - annotate - [select for diffs], Thu Jul 16 18:36:59 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.51: +6 -3 lines
Diff to previous 1.51 (colored)
add missing malloc check OK benno@
Revision 1.51 / (download) - annotate - [select for diffs], Tue Jun 16 11:09:39 2015 UTC (8 years, 11 months ago) by mpi
Branch: MAIN
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)
Store a unique ID, an interface index, rather than a pointer to the receiving interface in the packet header of every mbuf. The interface pointer should now be retrieved when necessary with if_get(). If a NULL pointer is returned by if_get(), the interface has probably been destroy/removed and the mbuf should be freed. Such mechanism will simplify garbage collection of mbufs and limit problems with dangling ifp pointers. Tested by jmatthew@ and krw@, discussed with many. ok mikeb@, bluhm@, dlg@
Revision 1.50 / (download) - annotate - [select for diffs], Sun Jun 7 12:02:28 2015 UTC (9 years ago) by jsg
Branch: MAIN
Changes since 1.49: +3 -3 lines
Diff to previous 1.49 (colored)
Introduce unhandled_af() for cases where code conditionally does something based on an address family and later assumes one of the paths was taken. This was initially just calls to panic until guenther suggested a function to reduce the amount of strings needed. This reduces the amount of noise with static analysers and acts as a sanity check. ok guenther@ bluhm@
Revision 1.49 / (download) - annotate - [select for diffs], Fri Dec 19 17:14:39 2014 UTC (9 years, 5 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.48: +1 -3 lines
Diff to previous 1.48 (colored)
unifdef INET in net code as a precursor to removing the pretend option. long live the one true internet. ok henning mikeb
Revision 1.48 / (download) - annotate - [select for diffs], Thu Nov 20 14:51:42 2014 UTC (9 years, 6 months ago) by krw
Branch: MAIN
Changes since 1.47: +1 -2 lines
Diff to previous 1.47 (colored)
Yet more #include de-duplication. ok deraadt@ tedu@
Revision 1.47 / (download) - annotate - [select for diffs], Tue Nov 18 02:37:31 2014 UTC (9 years, 6 months ago) by tedu
Branch: MAIN
Changes since 1.46: +1 -2 lines
Diff to previous 1.46 (colored)
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
Revision 1.46 / (download) - annotate - [select for diffs], Wed Aug 13 09:46:23 2014 UTC (9 years, 10 months ago) by blambert
Branch: MAIN
Changes since 1.45: +7 -3 lines
Diff to previous 1.45 (colored)
Bring IPFIX sequence numbers in line with the RFC; original diff from benno@. ok benno@, florian@
Revision 1.45 / (download) - annotate - [select for diffs], Tue Jul 22 11:06:09 2014 UTC (9 years, 10 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.44: +1 -2 lines
Diff to previous 1.44 (colored)
Fewer <netinet/in_systm.h> !
Revision 1.44 / (download) - annotate - [select for diffs], Sat Jul 12 18:44:22 2014 UTC (9 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.43: +3 -3 lines
Diff to previous 1.43 (colored)
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
Revision 1.43 / (download) - annotate - [select for diffs], Mon Apr 21 12:22:25 2014 UTC (10 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.42: +2 -1 lines
Diff to previous 1.42 (colored)
ip_output() using varargs always struck me as bizarre, esp since it's only ever used to pass on uint32 (for ipsec). stop that madness and just pass the uint32, 0 in all cases but the two that pass the ipsec flowinfo. ok deraadt reyk guenther
Revision 1.42 / (download) - annotate - [select for diffs], Mon Apr 14 09:06:42 2014 UTC (10 years, 1 month ago) by mpi
Branch: MAIN
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
"struct pkthdr" holds a routing table ID, not a routing domain one. Avoid the confusion by using an appropriate name for the variable. Note that since routing domain IDs are a subset of the set of routing table IDs, the following idiom is correct: rtableid = rdomain But to get the routing domain ID corresponding to a given routing table ID, you must call rtable_l2(9). claudio@ likes it, ok mikeb@
Revision 1.41 / (download) - annotate - [select for diffs], Sat Mar 29 11:26:03 2014 UTC (10 years, 2 months ago) by florian
Branch: MAIN
Changes since 1.40: +13 -440 lines
Diff to previous 1.40 (colored)
Kill pflowproto 9, it's unfixable post 2038, a better, standardized option is pflowproto 10. Also it duplicates a lot of code from pflowproto 10 and will get in the way in the future. OK benno@
Revision 1.40 / (download) - annotate - [select for diffs], Fri Jan 24 09:48:37 2014 UTC (10 years, 4 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.39: +1 -3 lines
Diff to previous 1.39 (colored)
computing the ip csum just before the bpf mtap and only if there is a consumer just to please tcpdump is stupid and not done anywhere else. kill with fire. ok benno
Revision 1.39 / (download) - annotate - [select for diffs], Tue Jan 21 21:27:14 2014 UTC (10 years, 4 months ago) by benno
Branch: MAIN
Changes since 1.38: +1 -3 lines
Diff to previous 1.38 (colored)
allow pflow(4) to determine the src IP address based on the route table if flowsrc is not set. Now works with new udp checksum code. From Nathanael Rensen (nathanael.openbsd AT list DOT polymorpheus DOT com), tweak and ok florian@
Revision 1.32.2.1 / (download) - annotate - [select for diffs], Fri Nov 8 13:44:54 2013 UTC (10 years, 7 months ago) by william
Branch: OPENBSD_5_4
Changes since 1.32: +7 -1 lines
Diff to previous 1.32 (colored) next main 1.33 (colored)
MFC: This is http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/001_pflow.patch "A crash can happen on pflow(4) interface destruction." ok sthen
Revision 1.24.2.1 / (download) - annotate - [select for diffs], Fri Nov 8 13:41:58 2013 UTC (10 years, 7 months ago) by william
Branch: OPENBSD_5_3
Changes since 1.24: +7 -1 lines
Diff to previous 1.24 (colored) next main 1.25 (colored)
MFC: This is http://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/008_pflow.patch "A crash can happen on pflow(4) interface destruction." ok sthen
Revision 1.38 / (download) - annotate - [select for diffs], Fri Nov 1 14:34:27 2013 UTC (10 years, 7 months ago) by florian
Branch: MAIN
Changes since 1.37: +2 -1 lines
Diff to previous 1.37 (colored)
Send pflow(4) packets in the correct rdomain. From Anders Berggren (anders AT halon DOT se), thanks. OK henning, benno
Revision 1.37 / (download) - annotate - [select for diffs], Sat Oct 19 10:49:31 2013 UTC (10 years, 7 months ago) by henning
Branch: MAIN
Changes since 1.36: +3 -16 lines
Diff to previous 1.36 (colored)
simplify: no need to muck with the pseudo hdr cksum any more ok lteo florian
Revision 1.36 / (download) - annotate - [select for diffs], Thu Oct 17 16:27:41 2013 UTC (10 years, 7 months ago) by bluhm
Branch: MAIN
Changes since 1.35: +1 -2 lines
Diff to previous 1.35 (colored)
The header file netinet/in_var.h included netinet6/in6_var.h. This created a bunch of useless dependencies. Remove this implicit inclusion and do an explicit #include <netinet6/in6_var.h> when it is needed. OK mpi@ henning@
Revision 1.35 / (download) - annotate - [select for diffs], Fri Sep 13 14:30:47 2013 UTC (10 years, 8 months ago) by florian
Branch: MAIN
Changes since 1.34: +20 -12 lines
Diff to previous 1.34 (colored)
Don't send flows if flowsrc is not set. Packages had a broken checksum. Since no one seems to have a use case for sending flows from INADDR_ANY disallow this. Pointed out by Nathanael Rensen on tech@, thanks. While there make the SIOCSIFFLAGS and SIOCSETPFLOW cases symmetric by only sending templates if the interface is running. OK benno@
Revision 1.34 / (download) - annotate - [select for diffs], Tue Aug 13 08:44:05 2013 UTC (10 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.33: +578 -263 lines
Diff to previous 1.33 (colored)
Split pflow version 9 and version 10 to be able to send 64 bit time values for version 10. While there mark places which will blow up in 2038. OK benno@
Revision 1.33 / (download) - annotate - [select for diffs], Sat Aug 10 18:33:21 2013 UTC (10 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.32: +7 -1 lines
Diff to previous 1.32 (colored)
Cancel timeouts on pflow interface destruction. OK benno@
Revision 1.32 / (download) - annotate - [select for diffs], Fri Jul 5 17:14:27 2013 UTC (10 years, 11 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE
Branch point for: OPENBSD_5_4
Changes since 1.31: +2 -1 lines
Diff to previous 1.31 (colored)
bring back pflow v10; broken in previous commit, sorry. ok benno@
Revision 1.31 / (download) - annotate - [select for diffs], Fri May 31 22:46:47 2013 UTC (11 years ago) by florian
Branch: MAIN
Changes since 1.30: +39 -38 lines
Diff to previous 1.30 (colored)
export the original aka untranslated address for af-to in pflow inspired by benno@'s previous diff for nat-to tests/ok benno@
Revision 1.30 / (download) - annotate - [select for diffs], Thu May 30 20:20:58 2013 UTC (11 years ago) by benno
Branch: MAIN
Changes since 1.29: +8 -4 lines
Diff to previous 1.29 (colored)
export the original aka untranslated address in pflow ok florian@ henning@
Revision 1.29 / (download) - annotate - [select for diffs], Fri May 3 15:33:47 2013 UTC (11 years, 1 month ago) by florian
Branch: MAIN
Changes since 1.28: +27 -3 lines
Diff to previous 1.28 (colored)
Export ingress/egress interface index in pflow(4). Report that this is needed for some netflow collector and tests by Chris Ivancic & Colin Ligertwood. OK mikeb@, benno@
Revision 1.28 / (download) - annotate - [select for diffs], Wed Apr 10 08:50:59 2013 UTC (11 years, 2 months ago) by mpi
Branch: MAIN
Changes since 1.27: +1 -5 lines
Diff to previous 1.27 (colored)
Remove various external variable declaration from sources files and move them to the corresponding header with an appropriate comment if necessary. ok guenther@
Revision 1.27 / (download) - annotate - [select for diffs], Thu Mar 28 23:10:05 2013 UTC (11 years, 2 months ago) by tedu
Branch: MAIN
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)
code that calls timeout functions should include timeout.h slipped by on i386, but the zaurus doesn't automagically pick it up. spotted by patrick
Revision 1.26 / (download) - annotate - [select for diffs], Thu Mar 28 16:45:16 2013 UTC (11 years, 2 months ago) by tedu
Branch: MAIN
Changes since 1.25: +1 -2 lines
Diff to previous 1.25 (colored)
no need for a lot of code to include proc.h
Revision 1.25 / (download) - annotate - [select for diffs], Tue Mar 26 13:19:25 2013 UTC (11 years, 2 months ago) by mpi
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)
Remove various read-only *maxlen variables and use IFQ_MAXLEN directly. ok beck@, mikeb@
Revision 1.24 / (download) - annotate - [select for diffs], Tue Feb 5 11:58:39 2013 UTC (11 years, 4 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE
Branch point for: OPENBSD_5_3
Changes since 1.23: +90 -35 lines
Diff to previous 1.23 (colored)
netflow v10 omitted the sysUpTime flow set header field from v9. Without it it's not possible to find out at what time a flow started/ended with only flowStartSysUpTime/flowEndSysUpTime. Fix this by using flowStartSeconds/flowEndSeconds for v10. Problem reported by Chris Ivancic and Colin Ligertwood, analyzed by benno@ Tested by benno@ against nprobe (which doesn't care that much one way or the other) Tested by Chris Ivancic against solarwinds collector. OK benno@
Revision 1.23 / (download) - annotate - [select for diffs], Wed Jan 16 09:53:19 2013 UTC (11 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.22: +6 -6 lines
Diff to previous 1.22 (colored)
switch from using softclock ticks to getnanotime when putting time on the wire for v5 packets. ok (and lots of gentle prodding from) florian@
Revision 1.22 / (download) - annotate - [select for diffs], Thu Nov 8 18:06:49 2012 UTC (11 years, 7 months ago) by gsoares
Branch: MAIN
Changes since 1.21: +3 -1 lines
Diff to previous 1.21 (colored)
wrap bpfilter portion with #if NBPFILTER > 0. fix kernel builds without bpfilter. OK sthen@ mikeb@ deraadt@ henning@
Revision 1.21 / (download) - annotate - [select for diffs], Tue Oct 30 12:09:05 2012 UTC (11 years, 7 months ago) by florian
Branch: MAIN
Changes since 1.20: +28 -19 lines
Diff to previous 1.20 (colored)
Use time_uptime for expiration values as time_second can be skewed at runtime while time_uptime is monotonic. Prevent underflows in pfsync(4) and pflow(4) by using signed variables. pfsync(4) problem pointed out by camield. Diff originally by dlg, frag and pflow bits by me. feedback dlg man page tweak jmc Various versions of the pflow bits tested by Hrvoje Popovski (hrvoje AT srce DOT hr), thanks! ok benno, henning, dlg
Revision 1.20 / (download) - annotate - [select for diffs], Wed Apr 11 17:42:53 2012 UTC (12 years, 2 months ago) by mikeb
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
fix all the suser calls which pass an incorrect p_acflag argument; figured out by and ok guenther
Revision 1.19 / (download) - annotate - [select for diffs], Thu Feb 2 12:34:37 2012 UTC (12 years, 4 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.18: +610 -43 lines
Diff to previous 1.18 (colored)
add netflow v9/ipfix support to pflow(4). large parts written by Florian Obser (florian -at- narrans -dot- de). feedback from sperreault@ gollo@ sthen@ ok from gollo@ dlg@ henning@
Revision 1.18 / (download) - annotate - [select for diffs], Fri Nov 25 12:52:10 2011 UTC (12 years, 6 months ago) by dlg
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
use time_uptime to set state creation values as time_second can be skewed at runtime by things like date(1) and ntpd. time_uptime is monotonic and therefore more useful to compare against. ok deraadt@ mikeb@
Revision 1.17 / (download) - annotate - [select for diffs], Sat Jul 9 04:11:15 2011 UTC (12 years, 11 months ago) by dhill
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.16: +11 -5 lines
Diff to previous 1.16 (colored)
honor the net.inet.udp.checksum setting. ok claudio henning yasuoka
Revision 1.16 / (download) - annotate - [select for diffs], Wed Jul 6 02:42:28 2011 UTC (12 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)
cosnistently use IFQ_SET_MAXLEN, surfaced in a discussion with + ok bluhm
Revision 1.15 / (download) - annotate - [select for diffs], Tue Apr 5 18:01:21 2011 UTC (13 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
mechanic rename M_{TCP|UDP}V4_CSUM_OUT -> M_{TCP|UDP}_CSUM_OUT
ok claudio krw
Revision 1.14 / (download) - annotate - [select for diffs], Fri Jul 2 02:40:16 2010 UTC (13 years, 11 months ago) by blambert
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)
m_copyback can fail to allocate memory, but is a void fucntion so gymnastics are required to detect that. Change the function to take a wait argument (used in nfs server, but M_NOWAIT everywhere else for now) and to return an error ok claudio@ henning@ krw@
Revision 1.13 / (download) - annotate - [select for diffs], Tue Apr 20 22:05:43 2010 UTC (14 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.12: +3 -1 lines
Diff to previous 1.12 (colored)
remove proc.h include from uvm_map.h. This has far reaching effects, as sysctl.h was reliant on this particular include, and many drivers included sysctl.h unnecessarily. remove sysctl.h or add proc.h as needed. ok deraadt
Revision 1.12 / (download) - annotate - [select for diffs], Tue Jan 12 02:47:07 2010 UTC (14 years, 5 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.11: +1 -4 lines
Diff to previous 1.11 (colored)
Remove bpfdetach() call right in front of the if_detach() call since bpfdetach() will be called in if_detach(). Diff by Gleydson Soares
Revision 1.11 / (download) - annotate - [select for diffs], Wed Jun 17 06:35:30 2009 UTC (14 years, 11 months ago) by gollo
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.10: +7 -3 lines
Diff to previous 1.10 (colored)
fix flow data values: first and last time, found by f-kons at yandex ru OK: sthen@, henning@
Revision 1.10 / (download) - annotate - [select for diffs], Fri Feb 27 11:09:36 2009 UTC (15 years, 3 months ago) by gollo
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.9: +72 -111 lines
Diff to previous 1.9 (colored)
fix mbuf problems and simplify code, well spotted and input by Alexander Sabourenkov. mbuf logic is based on claudio's recommendation Tested by Alexander Sabourenkov OK: henning@, claudio@ Theo: "In please..."
Revision 1.9 / (download) - annotate - [select for diffs], Sat Jan 3 21:47:32 2009 UTC (15 years, 5 months ago) by gollo
Branch: MAIN
Changes since 1.8: +11 -7 lines
Diff to previous 1.8 (colored)
sync flow sequence ids on all used pflow interfaces. OK henning@
Revision 1.8 / (download) - annotate - [select for diffs], Wed Nov 26 18:01:43 2008 UTC (15 years, 6 months ago) by dlg
Branch: MAIN
Changes since 1.7: +4 -1 lines
Diff to previous 1.7 (colored)
dont have bpf.h expose the kernel ticks variable wherever it is includeing. it is very confusing like this. ok deraadt@ canacar@
Revision 1.7 / (download) - annotate - [select for diffs], Tue Oct 28 15:51:27 2008 UTC (15 years, 7 months ago) by gollo
Branch: MAIN
Changes since 1.6: +38 -30 lines
Diff to previous 1.6 (colored)
add support for multiple pflow(4) interfaces OK: claudio@ henning@
Revision 1.6 / (download) - annotate - [select for diffs], Tue Oct 21 11:01:29 2008 UTC (15 years, 7 months ago) by gollo
Branch: MAIN
Changes since 1.5: +26 -20 lines
Diff to previous 1.5 (colored)
add bpf/tcpdump support to pflow(4) ok canacar@ henning@
Revision 1.5 / (download) - annotate - [select for diffs], Wed Sep 17 22:18:00 2008 UTC (15 years, 8 months ago) by gollo
Branch: MAIN
Changes since 1.4: +6 -8 lines
Diff to previous 1.4 (colored)
Solve m_free problem with a not correctly configured pflow interface leading to a kernel crash reported in PR5930 OK claudio@ henning@
Revision 1.4 / (download) - annotate - [select for diffs], Wed Sep 17 20:25:41 2008 UTC (15 years, 8 months ago) by gollo
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)
fix whitespaces ok henning@
Revision 1.3 / (download) - annotate - [select for diffs], Tue Sep 16 15:48:12 2008 UTC (15 years, 8 months ago) by gollo
Branch: MAIN
Changes since 1.2: +20 -1 lines
Diff to previous 1.2 (colored)
netstat statistics for pflow(4) via pseudo family ok cluadio@ henning@
Revision 1.2 / (download) - annotate - [select for diffs], Tue Sep 16 13:58:55 2008 UTC (15 years, 8 months ago) by gollo
Branch: MAIN
Changes since 1.1: +4 -4 lines
Diff to previous 1.1 (colored)
fix whitespace/tab typos ok henning@ claudio@
Revision 1.1 / (download) - annotate - [select for diffs], Tue Sep 9 13:56:39 2008 UTC (15 years, 9 months ago) by henning
Branch: MAIN
welcome pflow(4), a netflow v5 compatible flow export interface. flows export data gathered from pf states. initial implementation by Joerg Goltermann <jg@osn.de>, guidance and many changes by me. 'put it in' theo