![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sys / netinet
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.49, Fri Jan 21 03:15:52 2000 UTC (24 years, 4 months ago) by angelos
Branch: MAIN
CVS Tags: UBC_SYNC_B,
UBC_SYNC_A,
SMP_SYNC_B,
SMP_SYNC_A,
SMP,
HEAD
Changes since 1.48: +1 -1 lines
FILE REMOVED
Forgot to delete this.
Revision 1.48 / (download) - annotate - [select for diffs], Mon Jan 17 05:35:23 2000 UTC (24 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.47: +24 -6 lines
Diff to previous 1.47 (colored)
fix pullup and otos saving code for ip6 (ip4_input will be visited with IPv6 packet! better change the func name...)
Revision 1.47 / (download) - annotate - [select for diffs], Thu Jan 13 06:02:31 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.46: +3 -3 lines
Diff to previous 1.46 (colored)
mbuf **, not mbuf * you twit...
Revision 1.46 / (download) - annotate - [select for diffs], Thu Jan 13 05:03:45 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.45: +13 -1 lines
Diff to previous 1.45 (colored)
Add an ip4_input6() for use with IPv6 (just a wrapper for ip4_input()), add prototype, ifdef include files.
Revision 1.45 / (download) - annotate - [select for diffs], Sun Jan 2 09:31:03 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.44: +3 -2 lines
Diff to previous 1.44 (colored)
Fix ifdef IPSEC
Revision 1.44 / (download) - annotate - [select for diffs], Fri Dec 24 20:02:44 1999 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)
Return EINVAL instead of ENOBUFS if the source address is not specified.
Revision 1.43 / (download) - annotate - [select for diffs], Tue Dec 21 20:26:13 1999 UTC (24 years, 5 months ago) by provos
Branch: MAIN
Changes since 1.42: +7 -2 lines
Diff to previous 1.42 (colored)
compile without INET6, okay angelos@
Revision 1.42 / (download) - annotate - [select for diffs], Tue Dec 21 09:00:52 1999 UTC (24 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.41: +149 -39 lines
Diff to previous 1.41 (colored)
reuse encapsulate/decapsulate routine in ip_ip4.c from gif interface (outer=IPv4 case). tested with (inner=IPv6, outer=IPv4) case. BUG ALERT: in_gif_output() assumes about ipe4_output()'s behavior too much. I mean, "tdb" is configured with certain knowledge about ipe4_output()'s behavior.
Revision 1.41 / (download) - annotate - [select for diffs], Thu Dec 9 20:38:35 1999 UTC (24 years, 6 months ago) by angelos
Branch: MAIN
Changes since 1.40: +4 -4 lines
Diff to previous 1.40 (colored)
Use otos rather than writing directly to ip_tos in the IPv4 header (bitfields can be a pain).
Revision 1.40 / (download) - annotate - [select for diffs], Thu Dec 9 17:55:35 1999 UTC (24 years, 6 months ago) by downsj
Branch: MAIN
Changes since 1.39: +3 -2 lines
Diff to previous 1.39 (colored)
Move variable decls into the appropriate #ifdefs so GENERIC compiles...
Revision 1.39 / (download) - annotate - [select for diffs], Thu Dec 9 09:10:05 1999 UTC (24 years, 6 months ago) by angelos
Branch: MAIN
Changes since 1.38: +9 -3 lines
Diff to previous 1.38 (colored)
Couple of paranoid ifdefs...
Revision 1.38 / (download) - annotate - [select for diffs], Thu Dec 9 09:07:54 1999 UTC (24 years, 6 months ago) by angelos
Branch: MAIN
Changes since 1.37: +169 -50 lines
Diff to previous 1.37 (colored)
ip4e_output() can now generate any combination of IP{4,6}-in-IP{4,6}
tunnels.
Revision 1.37 / (download) - annotate - [select for diffs], Thu Dec 9 04:00:07 1999 UTC (24 years, 6 months ago) by angelos
Branch: MAIN
Changes since 1.36: +8 -13 lines
Diff to previous 1.36 (colored)
Be more careful with IPv4 multicast (make sure it's IPv4), and remove unnecessary include files.
Revision 1.36 / (download) - annotate - [select for diffs], Thu Dec 9 03:52:37 1999 UTC (24 years, 6 months ago) by angelos
Branch: MAIN
Changes since 1.35: +55 -133 lines
Diff to previous 1.35 (colored)
ip4_input() can now handle either of IP-in-IP or IP-in-IPv6 encapsulation. Eventually, this routine will be made to deal with all 4 combinations of IP/IPv6 encapsulation. gif interface support should be added here too (itojun :-), when the packet has not been received over an IPsec tunnel. ECN handling should also be done.
Revision 1.35 / (download) - annotate - [select for diffs], Wed Dec 8 06:05:32 1999 UTC (24 years, 6 months ago) by itojun
Branch: MAIN
CVS Tags: kame_19991208
Changes since 1.34: +3 -5 lines
Diff to previous 1.34 (colored)
fix field name (ip6_hdr->ip6_src). use IN6_ARE_ADDR_EQUAL for comparison.
Revision 1.34 / (download) - annotate - [select for diffs], Mon Dec 6 07:14:36 1999 UTC (24 years, 6 months ago) by angelos
Branch: MAIN
Changes since 1.33: +113 -38 lines
Diff to previous 1.33 (colored)
New ESP code that's v4 and v6 friendly.
Revision 1.33 / (download) - annotate - [select for diffs], Fri Oct 29 02:02:33 1999 UTC (24 years, 7 months ago) by angelos
Branch: MAIN
Changes since 1.32: +2 -3 lines
Diff to previous 1.32 (colored)
Remove unnecessary argument from ipe4_output() and etherip_output()
Revision 1.32 / (download) - annotate - [select for diffs], Fri Oct 29 01:50:34 1999 UTC (24 years, 7 months ago) by angelos
Branch: MAIN
Changes since 1.31: +6 -9 lines
Diff to previous 1.31 (colored)
Fix some comments.
Revision 1.31 / (download) - annotate - [select for diffs], Sun May 16 22:31:40 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.30: +32 -26 lines
Diff to previous 1.30 (colored)
Don't judge locally generated tunnel packets as spoof attempts. indent.
Revision 1.30 / (download) - annotate - [select for diffs], Wed May 12 23:18:35 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
Obvious pasto
Revision 1.29 / (download) - annotate - [select for diffs], Tue Apr 20 20:06:11 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
Changes since 1.28: +16 -1 lines
Diff to previous 1.28 (colored)
Merge MROUTING and IPSEC wrt handling of IP-in-IP tunnelled packets. Fix a panic case in the MROUTING code too. Drop M_TUNNEL support, nothing ever uses it.
Revision 1.28 / (download) - annotate - [select for diffs], Fri Apr 9 23:28:45 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.27: +55 -1 lines
Diff to previous 1.27 (colored)
The kernel parts of a sysctl that can switch on/off IP-in-IP (protocol 4) support, when IPSEC is compiled in. The default is disabled. Turn on with: sysctl -w net.inet.ip4.allow=1 ***Only*** do this if you are really knowing what you do! This control does not control the tunnel modes of ESP and AH.
Revision 1.27 / (download) - annotate - [select for diffs], Fri Apr 9 19:42:09 1999 UTC (25 years, 2 months ago) by angelos
Branch: MAIN
Changes since 1.26: +30 -3 lines
Diff to previous 1.26 (colored)
Check for local address spoofing on encapsulated packets.
Revision 1.26 / (download) - annotate - [select for diffs], Sun Apr 4 21:33:49 1999 UTC (25 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.25: +5 -1 lines
Diff to previous 1.25 (colored)
fix tunnelling; provos
Revision 1.25 / (download) - annotate - [select for diffs], Thu Feb 25 19:21:09 1999 UTC (25 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.24: +10 -5 lines
Diff to previous 1.24 (colored)
Clear the DF bit, so packets don't get dropped inside a tunnel. The real solution is probably to keep soft state; however, it's not entirely clear what a tunnel's properties with regards to fragmentation are (it may be considered a infinitely-large MTU pipe).
Revision 1.24 / (download) - annotate - [select for diffs], Wed Feb 24 23:45:51 1999 UTC (25 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.23: +5 -3 lines
Diff to previous 1.23 (colored)
Update copyright; remove a few annoying debugging printfs. Btw, OpenBSD hit 25000 commits a couple commits ago.
Revision 1.23 / (download) - annotate - [select for diffs], Wed Feb 24 22:33:04 1999 UTC (25 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.22: +36 -65 lines
Diff to previous 1.22 (colored)
Remove encap.h include; saner debugging printfs; fix buglets; work with pfkeyv2.
Revision 1.22 / (download) - annotate - [select for diffs], Fri Jan 8 21:51:21 1999 UTC (25 years, 5 months ago) by provos
Branch: MAIN
Changes since 1.21: +3 -2 lines
Diff to previous 1.21 (colored)
dont call ip_randomid() in htons().
Revision 1.21 / (download) - annotate - [select for diffs], Sat Dec 26 12:35:11 1998 UTC (25 years, 5 months ago) by provos
Branch: MAIN
Changes since 1.20: +2 -3 lines
Diff to previous 1.20 (colored)
make ip_id random but ensure that ids dont repeat for some period.
Revision 1.20 / (download) - annotate - [select for diffs], Wed Jul 29 22:18:49 1998 UTC (25 years, 10 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_2_4_BASE,
OPENBSD_2_4
Changes since 1.19: +2 -5 lines
Diff to previous 1.19 (colored)
Proper handling of IP in IP and checksumming.
Revision 1.19 / (download) - annotate - [select for diffs], Wed Jun 10 23:57:12 1998 UTC (26 years ago) by provos
Branch: MAIN
Changes since 1.18: +3 -1 lines
Diff to previous 1.18 (colored)
make the packets which were successfully processed by IPSec available to bpf via the enc0 interface, using linktype DLT_ENC.
Revision 1.18 / (download) - annotate - [select for diffs], Fri May 22 07:29:20 1998 UTC (26 years ago) by angelos
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
Set the outter IP header's ttl, not the inner.
Revision 1.17 / (download) - annotate - [select for diffs], Mon May 18 21:10:51 1998 UTC (26 years ago) by provos
Branch: MAIN
Changes since 1.16: +16 -10 lines
Diff to previous 1.16 (colored)
first step to the setsockopt/getsockopt interface as described in draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal userland key management applications when security services are requested. this is only for outgoing connections at the moment, incoming packets are not yet checked against the selected socket policy.
Revision 1.16 / (download) - annotate - [select for diffs], Wed Mar 18 10:51:36 1998 UTC (26 years, 3 months ago) by provos
Branch: MAIN
CVS Tags: OPENBSD_2_3_BASE,
OPENBSD_2_3
Changes since 1.15: +14 -3 lines
Diff to previous 1.15 (colored)
adapt function arguments to get the expected prototype.
Revision 1.15 / (download) - annotate - [select for diffs], Tue Nov 4 09:11:14 1997 UTC (26 years, 7 months ago) by provos
Branch: MAIN
Changes since 1.14: +6 -2 lines
Diff to previous 1.14 (colored)
make it easier to add additional transforms. add blowfish and cast encryption. some more info for kernfs/ipsec.
Revision 1.14 / (download) - annotate - [select for diffs], Thu Oct 2 02:31:05 1997 UTC (26 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_2_BASE,
OPENBSD_2_2
Changes since 1.13: +4 -4 lines
Diff to previous 1.13 (colored)
conditional error logging
Revision 1.13 / (download) - annotate - [select for diffs], Sun Sep 28 23:09:57 1997 UTC (26 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)
more \n in log()
Revision 1.12 / (download) - annotate - [select for diffs], Mon Jul 14 08:48:47 1997 UTC (26 years, 11 months ago) by provos
Branch: MAIN
Changes since 1.11: +6 -2 lines
Diff to previous 1.11 (colored)
global byte counters.
Revision 1.11 / (download) - annotate - [select for diffs], Fri Jul 11 23:37:58 1997 UTC (26 years, 11 months ago) by provos
Branch: MAIN
Changes since 1.10: +53 -19 lines
Diff to previous 1.10 (colored)
put old esp/ah and new esp/ah in different files. generalised way of handling transforms.
Revision 1.10 / (download) - annotate - [select for diffs], Tue Jul 1 22:12:49 1997 UTC (26 years, 11 months ago) by provos
Branch: MAIN
Changes since 1.9: +18 -41 lines
Diff to previous 1.9 (colored)
major restructuring
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jun 25 07:53:27 1997 UTC (26 years, 11 months ago) by provos
Branch: MAIN
Changes since 1.8: +3 -3 lines
Diff to previous 1.8 (colored)
hard and soft limits for SPI's per absolute timer, relative since establish, relative since first use timers, packet and byte counters. notify key mgmt on soft limits. key mgmt can now specify limits. new encap messages: EMT_RESERVESPI, EMT_ENABLESPI, EMT_DISABLESPI
Revision 1.8 / (download) - annotate - [select for diffs], Tue Jun 24 12:15:25 1997 UTC (26 years, 11 months ago) by provos
Branch: MAIN
Changes since 1.7: +14 -7 lines
Diff to previous 1.7 (colored)
handle IP options in AH + allow IP options in outgoing encapsulated packets + usage counters for later use with keymanagement processes
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jun 24 02:20:23 1997 UTC (26 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.6: +4 -3 lines
Diff to previous 1.6 (colored)
Comment reordering.
Revision 1.6 / (download) - annotate - [select for diffs], Fri Jun 20 05:41:52 1997 UTC (26 years, 11 months ago) by provos
Branch: MAIN
Changes since 1.5: +142 -142 lines
Diff to previous 1.5 (colored)
ah-sha1 + esp-3des + indentation
Revision 1.5 / (download) - annotate - [select for diffs], Wed Feb 26 03:01:04 1997 UTC (27 years, 3 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_2_1_BASE,
OPENBSD_2_1
Changes since 1.4: +3 -1 lines
Diff to previous 1.4 (colored)
I/O packet counters for IP-in-IP and AH.
Revision 1.4 / (download) - annotate - [select for diffs], Mon Feb 24 14:06:41 1997 UTC (27 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)
OpenBSD tags + some prototyping police
Revision 1.3 / (download) - annotate - [select for diffs], Sat Feb 22 15:51:18 1997 UTC (27 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.2: +9 -6 lines
Diff to previous 1.2 (colored)
Resolved a couple of open issues (just changed comments after checking RFCs).
Revision 1.2 / (download) - annotate - [select for diffs], Sat Feb 22 03:39:35 1997 UTC (27 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.1: +40 -5 lines
Diff to previous 1.1 (colored)
User-defined TTL for external IP header.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Feb 20 01:07:58 1997 UTC (27 years, 3 months ago) by deraadt
Branch: MAIN
IPSEC package by John Ioannidis and Angelos D. Keromytis. Written in Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz