![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / sys / netinet
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.148 / (download) - annotate - [select for diffs], Tue Feb 13 12:22:09 2024 UTC (3 months, 3 weeks ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.147: +1 -3 lines
Diff to previous 1.147 (colored)
Merge struct route and struct route_in6. Use a common struct route for both inet and inet6. Unfortunately struct sockaddr is shorter than sockaddr_in6, so netinet/in.h has to be exposed from net/route.h. Struct route has to be bsd visible for userland as netstat kvm code inspects inp_route. Internet PCB and TCP SYN cache can use a plain struct route now. All specific sockaddr types for inet and inet6 are embeded there. OK claudio@
Revision 1.147 / (download) - annotate - [select for diffs], Fri Feb 9 14:02:11 2024 UTC (4 months ago) by bluhm
Branch: MAIN
Changes since 1.146: +2 -2 lines
Diff to previous 1.146 (colored)
Route cache function returns hit or miss. The route_cache() function can easily return whether it was a cache hit or miss. Then the logic to perform a route lookup gets a bit simpler. Some more complicated if (ro->ro_rt == NULL) checks still exist elsewhere. Also use route cache in in_pcbselsrc() instead of filling struct route manually. OK claudio@
Revision 1.146 / (download) - annotate - [select for diffs], Mon Feb 5 12:52:11 2024 UTC (4 months ago) by aoyama
Branch: MAIN
Changes since 1.145: +4 -1 lines
Diff to previous 1.145 (colored)
Move route_cache() declaration from net/route.h to netinet/in.h. This prevents gcc3's 'parameter has incomplete type' warning that causes kernel build failure. Suggested by claudio@, ok bluhm@
Revision 1.145 / (download) - annotate - [select for diffs], Fri Nov 10 20:05:22 2023 UTC (7 months ago) by bluhm
Branch: MAIN
Changes since 1.144: +7 -1 lines
Diff to previous 1.144 (colored)
rtable_match() takes constant destination. For implementing MP safe route lookup, it helps to know which function parameters are constant. Add some const declarations, so that the compiler guarantees that sockaddr dst parameter of rtable_match() does not change. OK dlg@
Revision 1.144 / (download) - annotate - [select for diffs], Sat May 13 13:35:17 2023 UTC (12 months, 4 weeks ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.143: +2 -1 lines
Diff to previous 1.143 (colored)
Instead of implementing IPv4 header checksum creation everywhere, introduce in_hdr_cksum_out(). It is used like in_proto_cksum_out(). OK claudio@
Revision 1.143 / (download) - annotate - [select for diffs], Wed May 10 12:07:16 2023 UTC (13 months ago) by bluhm
Branch: MAIN
Changes since 1.142: +2 -1 lines
Diff to previous 1.142 (colored)
Implement TCP send offloading, for now in software only. This is meant as a fallback if network hardware does not support TSO. Driver support is still work in progress. TCP output generates large packets. In IP output the packet is chopped to TCP maximum segment size. This reduces the CPU cycles used by pf. The regular output could be assisted by hardware later, but pf route-to and IPsec needs the software fallback in general. For performance comparison or to workaround possible bugs, sysctl net.inet.tcp.tso=0 disables the feature. netstat -s -p tcp shows TSO counter with chopped and generated packets. based on work from jan@ tested by jmc@ jan@ Hrvoje Popovski OK jan@ claudio@
Revision 1.142 / (download) - annotate - [select for diffs], Tue Apr 11 00:45:09 2023 UTC (14 months ago) by jsg
Branch: MAIN
Changes since 1.141: +2 -2 lines
Diff to previous 1.141 (colored)
fix double words in comments feedback and ok jmc@ miod, ok millert@
Revision 1.141 / (download) - annotate - [select for diffs], Wed Jun 2 00:09:57 2021 UTC (3 years ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.140: +3 -1 lines
Diff to previous 1.140 (colored)
factor out the code that does basic sanity checks on ipv4 headers. this will allow these checks to be reused by bridge (where they're currently duplicated), veb, and tpmr. ok bluhm@ sashan@
Revision 1.140 / (download) - annotate - [select for diffs], Mon Jan 18 12:22:40 2021 UTC (3 years, 4 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.139: +2 -1 lines
Diff to previous 1.139 (colored)
add IPPROTO_SCTP, ok claudio@
Revision 1.139 / (download) - annotate - [select for diffs], Thu Jan 7 14:51:46 2021 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.138: +7 -1 lines
Diff to previous 1.138 (colored)
Extend IP_ADD_MEMBERSHIP to also support struct ip_mreqn. struct ip_mreqn allows to use the interface index to select the interface for multicast packets which makes it possible to use this with unnumbered interfaces. OK dlg@ robert@
Revision 1.138 / (download) - annotate - [select for diffs], Sat Aug 22 17:55:30 2020 UTC (3 years, 9 months ago) by gnezdo
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.137: +1 -45 lines
Diff to previous 1.137 (colored)
Convert ip_sysctl to sysctl_bounded_args
Revision 1.137 / (download) - annotate - [select for diffs], Mon Nov 4 23:52:28 2019 UTC (4 years, 7 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.136: +2 -2 lines
Diff to previous 1.136 (colored)
remove mobileip(4) noone seems to use it, and we should not encourage people to use it by having it available. it's been disabled for most of the last release and noones asked for it in 6.6, so i'm taking that as an ok for this removal.
Revision 1.136 / (download) - annotate - [select for diffs], Fri Oct 25 01:46:02 2019 UTC (4 years, 7 months ago) by dlg
Branch: MAIN
Changes since 1.135: +13 -13 lines
Diff to previous 1.135 (colored)
make whitespace in the IPPROTO defines consistent. no functional change.
Revision 1.135 / (download) - annotate - [select for diffs], Fri Oct 25 01:44:02 2019 UTC (4 years, 7 months ago) by dlg
Branch: MAIN
Changes since 1.134: +2 -1 lines
Diff to previous 1.134 (colored)
+#define IPPROTO_UDPLITE 136, as per RFC 3828 and the IANA allocation please don't interpret this as an intention on my part to implement UDP-Lite.
Revision 1.134 / (download) - annotate - [select for diffs], Wed Oct 23 19:58:32 2019 UTC (4 years, 7 months ago) by bluhm
Branch: MAIN
Changes since 1.133: +2 -1 lines
Diff to previous 1.133 (colored)
Kernel is missing propper input validation when configuring addresses. Fix the SIOCAIFADDR and SIOCDIFADDR ioctl(2) by implementing in_sa2sin() to validate inet address family and address length. OK visa@
Revision 1.133 / (download) - annotate - [select for diffs], Sat Oct 13 18:36:01 2018 UTC (5 years, 7 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.132: +5 -2 lines
Diff to previous 1.132 (colored)
Expose net.inet.ip.arpq.drops to help debug what's going on when a lot of packets are being dropped but non of the other counters are increasing. From Daniel Hokka Zakrisson (daniel AT hozac DOT com), thanks! OK florian, phessler
Revision 1.132 / (download) - annotate - [select for diffs], Tue Sep 11 21:04:03 2018 UTC (5 years, 9 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.131: +3 -3 lines
Diff to previous 1.131 (colored)
Convert inetctlerrmap to u_char like inet6ctlerrmap. That is also what FreeBSD does. Remove old #if 0 version of inet6ctlerrmap. OK mpi@
Revision 1.131 / (download) - annotate - [select for diffs], Tue Jul 10 11:34:12 2018 UTC (5 years, 11 months ago) by mpi
Branch: MAIN
Changes since 1.130: +4 -3 lines
Diff to previous 1.130 (colored)
Introduce new IPsec (per-CPU) statistics and refactor ESP input callbacks to be able to count dropped packet. Having more generic statistics will help troubleshooting problems with specific tunnels. Per-TDB counters are coming once all the refactoring bits are in. ok markus@
Revision 1.130 / (download) - annotate - [select for diffs], Thu Jun 7 08:46:24 2018 UTC (6 years ago) by bluhm
Branch: MAIN
Changes since 1.129: +2 -2 lines
Diff to previous 1.129 (colored)
The global zero addresses must not change, mark them constant. OK tb@ visa@
Revision 1.129 / (download) - annotate - [select for diffs], Fri Mar 2 15:52:11 2018 UTC (6 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.128: +1 -2 lines
Diff to previous 1.128 (colored)
Revert all the bits of the autocreate 127.0.0.1 on lo(4) creation for now. This needs to go back to the drawing board.
Revision 1.128 / (download) - annotate - [select for diffs], Sat Feb 10 05:32:21 2018 UTC (6 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.127: +2 -1 lines
Diff to previous 1.127 (colored)
Similar to the IPv6 case create 127.0.0.1/8 on lo(4) interfaces which act as loopback interfaces for each rdomain (including lo0). This is done when the interface is brought up. This is now also done by default (either on attach of lo0 or when creating the rdomain). OK mpi@
Revision 1.127 / (download) - annotate - [select for diffs], Mon Nov 20 10:35:24 2017 UTC (6 years, 6 months ago) by mpi
Branch: MAIN
Changes since 1.126: +2 -2 lines
Diff to previous 1.126 (colored)
Sprinkle some NET_ASSERT_LOCKED(), const and co to prepare running pr_input handlers without KERNEL_LOCK(). ok visa@
Revision 1.126 / (download) - annotate - [select for diffs], Tue Nov 14 09:30:17 2017 UTC (6 years, 6 months ago) by mpi
Branch: MAIN
Changes since 1.125: +13 -13 lines
Diff to previous 1.125 (colored)
Introduce ipsec_sysctl() and move IPsec tunables where they belong. ok bluhm@, visa@
Revision 1.125 / (download) - annotate - [select for diffs], Fri Oct 6 21:14:55 2017 UTC (6 years, 8 months ago) by bluhm
Branch: MAIN
Changes since 1.124: +1 -6 lines
Diff to previous 1.124 (colored)
Kill the divert-packet socket option IP_DIVERTFL to filter packets. It used a loop over the global list divbtable that would be hard to make MP safe. The port net/dnsfilter does not work without this, it should be converted to divert-to. Neither other ports nor base use this filter feature. ports checked by sthen@; OK mpi@ benno@
Revision 1.124 / (download) - annotate - [select for diffs], Fri Aug 11 19:53:02 2017 UTC (6 years, 10 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.123: +2 -1 lines
Diff to previous 1.123 (colored)
Validate sockaddr from userland in central functions. This results in common checks for unix, inet, inet6 instead of partial checks here and there. Some checks are already done at a higher layer, but better be paranoid with user input. OK claudio@ millert@
Revision 1.123 / (download) - annotate - [select for diffs], Tue May 30 07:50:37 2017 UTC (7 years ago) by mpi
Branch: MAIN
Changes since 1.122: +3 -2 lines
Diff to previous 1.122 (colored)
Introduce ipv{4,6}_input(), two wrappers around IP queues.
This will help transitionning to an un-KERNEL_LOCK()ed IP
forwarding path.
Disucssed with bluhm@, ok claudio@
Revision 1.122 / (download) - annotate - [select for diffs], Thu May 4 15:00:24 2017 UTC (7 years, 1 month ago) by bluhm
Branch: MAIN
Changes since 1.121: +4 -4 lines
Diff to previous 1.121 (colored)
Introduce sstosa() for converting sockaddr_storage with a type safe inline function instead of casting it to sockaddr. While there, use inline instead of __inline for all these conversions. Some struct sockaddr casts can be avoided completely. OK dhill@ mpi@
Revision 1.121 / (download) - annotate - [select for diffs], Sat Feb 4 02:54:33 2017 UTC (7 years, 4 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.120: +7 -1 lines
Diff to previous 1.120 (colored)
Move the typedefs for in_{addr,port}_t from <sys/types.h> to
<netinet/in.h> and <arpa/inet.h>
ok and ports test naddy@ (thanks!)
ok krw@ beck@ millert@
Revision 1.120 / (download) - annotate - [select for diffs], Thu Dec 22 11:04:44 2016 UTC (7 years, 5 months ago) by rzalamena
Branch: MAIN
Changes since 1.119: +2 -2 lines
Diff to previous 1.119 (colored)
Remove PIM support from the multicast stack. ok mpi@
Revision 1.119 / (download) - annotate - [select for diffs], Sun Sep 4 17:05:24 2016 UTC (7 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.118: +6 -6 lines
Diff to previous 1.118 (colored)
Implement a sockaddr_ntop() function that works like inet_ntop() but prints sockaddrs. Works for all sockaddrs so can be used to print sockaddrs nicely. OK phessler@
Revision 1.118 / (download) - annotate - [select for diffs], Tue Aug 16 22:21:17 2016 UTC (7 years, 9 months ago) by vgross
Branch: MAIN
Changes since 1.117: +3 -1 lines
Diff to previous 1.117 (colored)
Add IP_SENDSRCADDR cmsg for UDP sockets. As suggested by sthen@, IP_SENDSRCADDR == IP_RECVDSTADDR. OK sthen@ jca@ bluhm@
Revision 1.117 / (download) - annotate - [select for diffs], Tue Jun 28 17:18:24 2016 UTC (7 years, 11 months ago) by chris
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.116: +8 -2 lines
Diff to previous 1.116 (colored)
Add sysctl for arp timers: net.inet.ip.arptimeout (expire timer for resolved entries) and net.inet.ip.arpdown (expire timer for unresolved entries) ok mpi@
Revision 1.116 / (download) - annotate - [select for diffs], Wed Jun 15 19:39:34 2016 UTC (7 years, 11 months ago) by gerhard
Branch: MAIN
Changes since 1.115: +2 -1 lines
Diff to previous 1.115 (colored)
Add umb(4) - a driver for the Mobile Broadband Interface Model (MBIM) The umb(4) driver provides support for USB MBIM devices. Those devices establish connections via celluar networks such as GPRS, UMTS, and LTE. ok mpi@ sthen@ additional feedback from deraadt@ jmc@ stsp@ kettenis@
Revision 1.115 / (download) - annotate - [select for diffs], Tue Oct 20 20:22:42 2015 UTC (8 years, 7 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.114: +2 -1 lines
Diff to previous 1.114 (colored)
add a new getsockopt option IP_IPDEFTTL to retrieve the default ttl. this can be used as an alternative to sysctl net.inet.ip.ttl, in programs that use pledge(). ok reyk@, "Like this" deraadt@
Revision 1.114 / (download) - annotate - [select for diffs], Tue Apr 14 12:22:15 2015 UTC (9 years, 1 month ago) by mikeb
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.113: +5 -5 lines
Diff to previous 1.113 (colored)
Remove support for storing credentials and auth information in the kernel. This code is largely unfinished and is not used for anything. The change leaves identities as only objects referenced by ipsec_ref structure and their handling requires some changes to support more advanced matching of IPsec connections. No objections from reyk and hshoexer, with and OK markus.
Revision 1.113 / (download) - annotate - [select for diffs], Fri Apr 10 13:58:20 2015 UTC (9 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)
replace the use of ifqueues for most input queues serviced by netisr with niqueues. this change is so big because there's a lot of code that takes pointers to different input queues (eg, ether_input picks between ipv4, ipv6, pppoe, arp, and mpls input queues) and falls through to code to enqueue packets against the pointer. if i changed only one of the input queues id have to add sepearate code paths, one for ifqueues and one for niqueues in each of these places by flipping all these input queues at once i can keep the currently common code common. testing by mpi@ sthen@ and rafael zalamena ok mpi@ sthen@ claudio@ henning@
Revision 1.112 / (download) - annotate - [select for diffs], Mon Feb 9 12:18:19 2015 UTC (9 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.111: +9 -3 lines
Diff to previous 1.111 (colored)
Implement 2 sysctl to retrieve the multicast forwarding cache (mfc) and the virtual interface table (vif). Will be used by netstat soon. Looked over by guenther@
Revision 1.111 / (download) - annotate - [select for diffs], Fri Dec 5 15:50:04 2014 UTC (9 years, 6 months ago) by mpi
Branch: MAIN
Changes since 1.110: +3 -1 lines
Diff to previous 1.110 (colored)
Explicitly include <net/if_var.h> instead of pulling it in <net/if.h>. ok mikeb@, krw@, bluhm@, tedu@
Revision 1.110 / (download) - annotate - [select for diffs], Tue Nov 25 15:35:10 2014 UTC (9 years, 6 months ago) by mpi
Branch: MAIN
Changes since 1.109: +2 -2 lines
Diff to previous 1.109 (colored)
Since in_broadcast() is now used to always iterate on all the interfaces of your system, put it on a diet and kill the superfluous logic. ok mikeb@
Revision 1.109 / (download) - annotate - [select for diffs], Sat Jul 12 16:25:08 2014 UTC (9 years, 11 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.108: +10 -2 lines
Diff to previous 1.108 (colored)
Tackle the endian.h mess. Make it so that:
* you can #include <sys/endian.h> instead of <machine/endian.h>,
and ditto <endian.h> (fixes code that pulls in <sys/endian.h> first)
* those will always export the symbols that POSIX specified for
<endian.h>, including the new {be,le}{16,32,64}toh() set. c.f.
http://austingroupbugs.net/view.php?id=162
if __BSD_VISIBLE then you also get the symbols that our <machine/endian.h>
currently exports (ntohs, NTOHS, dlg's bemtoh*, etc)
* when doing POSIX compiles (not __BSD_VISIBLE), then <netinet/in.h> and
<arpa/inet.h> will *stop* exporting the extra symbols like BYTE_ORDER
and betoh*
ok deraadt@
Revision 1.108 / (download) - annotate - [select for diffs], Fri Apr 25 09:44:38 2014 UTC (10 years, 1 month ago) by mpi
Branch: MAIN
Changes since 1.107: +1 -2 lines
Diff to previous 1.107 (colored)
Kill in_localaddr(), one less usage of the global list of IPv4 addresses. This function is used only once in our tree to optimize the size of the MSS if the forward address correspond to a host on one of our subnets, but only if ip.mutdisc is disable, which is not the default! While here get rid of the "#ifdef RTV_MTU", it is here. ok henning@, mikeb@, bluhm@
Revision 1.107 / (download) - annotate - [select for diffs], Mon Apr 21 10:07:58 2014 UTC (10 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.106: +1 -7 lines
Diff to previous 1.106 (colored)
remove a define in an #ifdef notyet - "not yet" for 19 years gotta be enough. remove a define in an #ifdef notdef /* obsolete */ - 14 years are enough
Revision 1.106 / (download) - annotate - [select for diffs], Mon Apr 21 10:05:27 2014 UTC (10 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.105: +8 -9 lines
Diff to previous 1.105 (colored)
annotate all #endifs to make clear what #if(def) they end
Revision 1.105 / (download) - annotate - [select for diffs], Mon Apr 21 09:57:27 2014 UTC (10 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.104: +4 -4 lines
Diff to previous 1.104 (colored)
cosmetic changes regarding #ifdef to make things more obvious, ok reyk
Revision 1.104 / (download) - annotate - [select for diffs], Sun Apr 20 09:38:19 2014 UTC (10 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.103: +1 -32 lines
Diff to previous 1.103 (colored)
move in_cksum_phdr from in.h (under #ifdef _KERNEL, at least) to ip_output.c nothing except in_proto_cksum_out() uses it any more, and that's a good thing. was on tech for 3 months, discussed with many
Revision 1.103 / (download) - annotate - [select for diffs], Sun Apr 20 09:30:56 2014 UTC (10 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.102: +0 -16 lines
Diff to previous 1.102 (colored)
nuke in_cksum_addword() don't we all love functions implemented in header files? was under #ifdef _KERNEL at least. incremental checksum updates don't really make sense any more, this is incredibly hard to get right, and doesn't fit the way our kernel deals with the checksums these days. consequently, nothing uses in_cksum_addword any more. was on tech for 3 months, tested by & discussed with many.
Revision 1.102 / (download) - annotate - [select for diffs], Thu Jan 23 01:10:42 2014 UTC (10 years, 4 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.101: +1 -2 lines
Diff to previous 1.101 (colored)
put the in{,6}_delayed_cksum() and in{,6}_proto_cksum_out() prototypes
into consistent locations; ok henning@
Revision 1.101 / (download) - annotate - [select for diffs], Mon Nov 11 09:15:34 2013 UTC (10 years, 7 months ago) by mpi
Branch: MAIN
Changes since 1.100: +3 -1 lines
Diff to previous 1.100 (colored)
Replace most of our formating functions to convert IPv4/6 addresses from network to presentation format to inet_ntop(). The few remaining functions will be soon converted. ok mikeb@, deraadt@ and moral support from henning@
Revision 1.100 / (download) - annotate - [select for diffs], Wed Oct 23 15:12:42 2013 UTC (10 years, 7 months ago) by mpi
Branch: MAIN
Changes since 1.99: +8 -2 lines
Diff to previous 1.99 (colored)
Remove the number of in_var.h inclusions by moving some functions and global variables to in.h. ok mikeb@, deraadt@
Revision 1.99 / (download) - annotate - [select for diffs], Wed Oct 23 13:39:35 2013 UTC (10 years, 7 months ago) by mpi
Branch: MAIN
Changes since 1.98: +1 -2 lines
Diff to previous 1.98 (colored)
No need to expose twice in_socktrim(), it is only used in one file.
Revision 1.98 / (download) - annotate - [select for diffs], Mon Oct 21 12:43:17 2013 UTC (10 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.97: +1 -6 lines
Diff to previous 1.97 (colored)
Remove some historical comments.
Revision 1.97 / (download) - annotate - [select for diffs], Wed Oct 9 09:33:43 2013 UTC (10 years, 8 months ago) by mpi
Branch: MAIN
Changes since 1.96: +2 -1 lines
Diff to previous 1.96 (colored)
Introduce in_ifdetach() a function to remove all the IPv4 addresses of an interface, named after its IPv6 equivalent. Make use of it instead of removing addresses by hand when detaching or destroying an interface. As a bonus, multicast records linked to the just divorced^Wdetached interface are no longer leaked. No objection from the gang, ok mikeb@
Revision 1.96 / (download) - annotate - [select for diffs], Thu Mar 28 15:05:32 2013 UTC (11 years, 2 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.95: +29 -4 lines
Diff to previous 1.95 (colored)
Convert the satosin, sintosa, ifatoia, satosin6, sin6tosa, ifatoia6 defines into static inline functions. This allows the compiler to check the source type before casting. liked by many; OK mpi@ haesbaert@
Revision 1.95 / (download) - annotate - [select for diffs], Sun Oct 21 13:06:03 2012 UTC (11 years, 7 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.94: +5 -1 lines
Diff to previous 1.94 (colored)
Add the IP_DIVERTFL socket option on divert(4) sockets to control which packets (as in direction) of the traffic will be diverted through the divert socket. ok claudio@, henning@
Revision 1.94 / (download) - annotate - [select for diffs], Sat Sep 15 00:47:08 2012 UTC (11 years, 8 months ago) by guenther
Branch: MAIN
Changes since 1.93: +6 -1 lines
Diff to previous 1.93 (colored)
Improve POSIX/SUS compliance of <netdb.h>, <sys/socket.h>, and <sys/un.h>. Much ports testing of various versions by naddy@ and jasper@ ok matthew@, miller@
Revision 1.93 / (download) - annotate - [select for diffs], Mon Jul 16 18:05:36 2012 UTC (11 years, 10 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.92: +2 -1 lines
Diff to previous 1.92 (colored)
add IP_IPSECFLOWINFO option to sendmsg() and recvmsg(), so npppd(4) can use this to select the IPsec tunnel for sending L2TP packets. this fixes Windows (always binding to 1701) and Android clients (negotiating wildcard flows); feedback mpf@ and yasuoka@; ok henning@ and yasuoka@; ok jmc@ for the manpage
Revision 1.92 / (download) - annotate - [select for diffs], Tue Jul 10 11:49:42 2012 UTC (11 years, 11 months ago) by guenther
Branch: MAIN
Changes since 1.91: +6 -1 lines
Diff to previous 1.91 (colored)
Instead of <arpa/inet.h> pulling in <netinet/in.h>, just copy in the three things that it needed from there: INET_ADDRSTRLEN, INET6_ADDRSTRLEN, and struct in_addr. Add protecting #ifndefs to netinet6?/in6?.h for those. ok deraadt@
Revision 1.91 / (download) - annotate - [select for diffs], Tue Jun 26 06:39:27 2012 UTC (11 years, 11 months ago) by guenther
Branch: MAIN
Changes since 1.90: +18 -3 lines
Diff to previous 1.90 (colored)
Improve compliance for <arpa/inet.h> and <netinet/in.h> to define/declare all the symbols that POSIX says they must and fewer that they can't and, most importantly, to not require a specific ordering of headers. ports testing by naddy@ ok millert@ deraadt@
Revision 1.90 / (download) - annotate - [select for diffs], Wed Jul 6 01:57:37 2011 UTC (12 years, 11 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.89: +7 -1 lines
Diff to previous 1.89 (colored)
allow /31s on broadcast interfaces (eg ethernet) to work as per rfc3021. the issue in our kernel was the broadcast address calculated on the /31 caused a ton of checks for use of broadcast addresses to kick in and prevent one of the two addresses on the /31 from being used. this diff basically detects if a /31 has been configured and doesnt configure a broadcast address for it, which makes the ips usable for normal traffic. i wrote this so i could interoperate with "carrier" network gear better, and sthen wants it so he can conserve address space use. the further special casing of broadcast address handling was from claudio@ ok claudio@ markus@ sthen@ henning@
Revision 1.89 / (download) - annotate - [select for diffs], Wed Jun 15 09:11:01 2011 UTC (12 years, 11 months ago) by mikeb
Branch: MAIN
Changes since 1.88: +2 -1 lines
Diff to previous 1.88 (colored)
Add IP_RECVRTABLE socket option to be used with a IPPROTO_IP level that allows one to retrieve the original routing domain of UDP datagrams diverted by the pf via "divert-to" with a recvmsg(2). ok claudio
Revision 1.88 / (download) - annotate - [select for diffs], Mon May 2 13:48:38 2011 UTC (13 years, 1 month ago) by mikeb
Branch: MAIN
Changes since 1.87: +3 -1 lines
Diff to previous 1.87 (colored)
recognize SO_RTABLE socket option at the SOL_SOCKET level; discussed with and ok claudio
Revision 1.87 / (download) - annotate - [select for diffs], Thu Apr 28 09:56:27 2011 UTC (13 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.86: +2 -2 lines
Diff to previous 1.86 (colored)
Make in_broadcast() rdomain aware. Mostly mechanical change. This fixes the problem of binding sockets to broadcast IPs in other rdomains. OK henning@
Revision 1.86 / (download) - annotate - [select for diffs], Mon Apr 4 17:44:43 2011 UTC (13 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.85: +2 -1 lines
Diff to previous 1.85 (colored)
de-guttenberg our stack a bit we don't need 7 f***ing copies of the same code to do the protocol checksums (or not, depending on hw capabilities). claudio ok
Revision 1.85 / (download) - annotate - [select for diffs], Thu Sep 23 04:45:15 2010 UTC (13 years, 8 months ago) by yasuoka
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.84: +2 -1 lines
Diff to previous 1.84 (colored)
add a new IP level socket option IP_PIPEX. This option is used for L2TP support by pipex. OK henning@, "Carry on" blambert@
Revision 1.84 / (download) - annotate - [select for diffs], Mon Jun 7 13:26:35 2010 UTC (14 years ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.83: +8 -1 lines
Diff to previous 1.83 (colored)
unfortunately classful routing isn't 100% dead, mostly thanks to ancient netboot methods using rarp, thus only learning their IP address without mask. And of course the next step is a broadcast - which goes to the broadcast address calculated classful. *sigh*. PR6382 instead of storing a second broadcast address per ifaddr as we used to figure out wether we're dealing with a classful broadcast on the fly. the math is extremely cheap and all my previous profilings showed that cpu cycles are basically free, we're constrained by memory access. excellent analysis by Pascal Lalonde <plalonde at overnet.qc.ca> who also submitted the PR. claudio ok
Revision 1.83 / (download) - annotate - [select for diffs], Tue May 11 09:25:10 2010 UTC (14 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.82: +2 -1 lines
Diff to previous 1.82 (colored)
Add IPPROTO_MPLS for MPLS in gif(4) encapsulation. OK sthen@
Revision 1.82 / (download) - annotate - [select for diffs], Sun Oct 4 16:08:37 2009 UTC (14 years, 8 months ago) by michele
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.81: +24 -2 lines
Diff to previous 1.81 (colored)
Add (again) support for divert sockets. They allow you to: - queue packets from pf(4) to a userspace application - reinject packets from the application into the kernel stack. The divert socket can be bound to a special "divert port" and will receive every packet diverted to that port by pf(4). The pf syntax is pretty simple, e.g.: pass on em0 inet proto tcp from any to any port 80 divert-packet port 1 A lot of discussion have happened since my last commit that resulted in many changes and improvements. I would *really* like to thank everyone who took part in the discussion especially canacar@ who spotted out which are the limitations of this approach. OpenBSD divert(4) is meant to be compatible with software running on top of FreeBSD's divert sockets even though they are pretty different and will become even more with time. discusses with many, but mainly reyk@ canacar@ deraadt@ dlg@ claudio@ beck@ tested by reyk@ and myself ok reyk@ claudio@ beck@ manpage help and ok by jmc@
Revision 1.81 / (download) - annotate - [select for diffs], Tue Sep 8 17:52:17 2009 UTC (14 years, 9 months ago) by michele
Branch: MAIN
Changes since 1.80: +1 -3 lines
Diff to previous 1.80 (colored)
I had not enough oks to commit this diff. Sorry.
Revision 1.80 / (download) - annotate - [select for diffs], Tue Sep 8 17:00:41 2009 UTC (14 years, 9 months ago) by michele
Branch: MAIN
Changes since 1.79: +4 -2 lines
Diff to previous 1.79 (colored)
Add support for divert sockets. They allow you to: - queue packets from pf(4) to a userspace application - reinject packets from the application into the kernel stack. The divert socket can be bound to a special "divert port" and will receive every packet diverted to that port by pf(4). The pf syntax is pretty simple, e.g.: pass on em0 inet proto tcp from any to any port 80 divert-packet port 8000 test, bugfix and ok by reyk@ manpage help and ok by jmc@ no objections from many others.
Revision 1.79 / (download) - annotate - [select for diffs], Fri Jun 5 00:05:22 2009 UTC (15 years ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.78: +2 -2 lines
Diff to previous 1.78 (colored)
Initial support for routing domains. This allows to bind interfaces to alternate routing table and separate them from other interfaces in distinct routing tables. The same network can now be used in any doamin at the same time without causing conflicts. This diff is mostly mechanical and adds the necessary rdomain checks accross net and netinet. L2 and IPv4 are mostly covered still missing pf and IPv6. input and tested by jsg@, phessler@ and reyk@. "put it in" deraadt@
Revision 1.78 / (download) - annotate - [select for diffs], Wed Dec 24 07:41:59 2008 UTC (15 years, 5 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.77: +5 -2 lines
Diff to previous 1.77 (colored)
report the number of packets that arp resolution is holding onto until it gets a mac addr for an ip under net.inet.ip.arpqueued. ok deraadt@
Revision 1.77 / (download) - annotate - [select for diffs], Fri May 9 02:56:36 2008 UTC (16 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.76: +2 -1 lines
Diff to previous 1.76 (colored)
IP_RECVDSTPORT, allows you to get the destination port of UDP datagrams for pf(4) diverted packets; based on patch by Scot Loach; ok beck@
Revision 1.76 / (download) - annotate - [select for diffs], Fri Dec 14 18:33:40 2007 UTC (16 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.75: +138 -4 lines
Diff to previous 1.75 (colored)
add sysctl entry points into various network layers, in particular to provide netstat(1) with data it needs; ok claudio reyk
Revision 1.75 / (download) - annotate - [select for diffs], Thu Dec 13 20:00:53 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.74: +7 -4 lines
Diff to previous 1.74 (colored)
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later. discussed with deraadt@ claudio@ gilles@ ok deraadt@
Revision 1.74 / (download) - annotate - [select for diffs], Tue Sep 18 18:56:02 2007 UTC (16 years, 8 months ago) by markus
Branch: MAIN
Changes since 1.73: +8 -2 lines
Diff to previous 1.73 (colored)
allow 4095 instead of 20 multicast group memberships per socket (you need one entry for each multicast group and interface combination). this allows you to run OSPF with more than 10 interfaces. adapted from freebsd; ok claudio, henning, mpf
Revision 1.73 / (download) - annotate - [select for diffs], Wed Oct 11 09:34:51 2006 UTC (17 years, 8 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.72: +1 -0 lines
Diff to previous 1.72 (colored)
implement IP_MINTTL socket option fo tcp sockets This is for RFC3682 aka the TTL security hack - sender sets TTL to 255, receiver checks no router on the way (or, no more than expected) reduced the TTL. carp uses that technique already. modeled after FreeBSD implementation. ok claudio djm deraadt
Revision 1.72 / (download) - annotate - [select for diffs], Wed Oct 11 09:29:20 2006 UTC (17 years, 8 months ago) by henning
Branch: MAIN
Changes since 1.71: +2 -1 lines
Diff to previous 1.71 (colored)
implement IP_RECVTTL socket option. when set on raw or udp sockets, userland receives the incoming packet's TTL as ancillary data (cmsg shitz). modeled after the FreeBSD implementation. ok claudio djm deraadt
Revision 1.71 / (download) - annotate - [select for diffs], Sun Jun 18 11:47:45 2006 UTC (17 years, 11 months ago) by pascoe
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.70: +5 -2 lines
Diff to previous 1.70 (colored)
Add support for equal-cost multipath IP. To minimise path disruptions, this implements recommendations made in RFC2992 - the hash-threshold mechanism to select paths based on source/destination IP address pairs, and inserts multipath routes in the middle of the route table. To enable multipath distribution, use: sysctl net.inet.ip.multipath=1 and/or: sysctl net.inet6.ip6.multipath=1 testing norby@ ok claudio@ henning@ hshoexer@
Revision 1.70 / (download) - annotate - [select for diffs], Mon May 29 20:42:27 2006 UTC (18 years ago) by claudio
Branch: MAIN
Changes since 1.69: +2 -1 lines
Diff to previous 1.69 (colored)
Make savecontrol functions more generic and use them now for raw IP too. Additionally add the IP_RECVIF option which returns the interface a packet was received on. OK markus@ norby@
Revision 1.69 / (download) - annotate - [select for diffs], Fri May 26 20:50:41 2006 UTC (18 years ago) by deraadt
Branch: MAIN
Changes since 1.68: +1 -6 lines
Diff to previous 1.68 (colored)
rename jumbo mtu to if_hardmtu; ok brad reyk
Revision 1.68 / (download) - annotate - [select for diffs], Wed Oct 5 17:32:22 2005 UTC (18 years, 8 months ago) by norby
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.67: +5 -2 lines
Diff to previous 1.67 (colored)
Add multicast routing to GENERIC. It is now possible to enable multicast routing in the kernel with the sysctl option net.inet.ip.mforwarding=1 Based on intial work by msf@ help claudio@ ok claudio@ deraadt@
Revision 1.67 / (download) - annotate - [select for diffs], Mon Jun 6 04:49:10 2005 UTC (19 years ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.66: +1 -12 lines
Diff to previous 1.66 (colored)
another leftover from the src routing adventure a year ago
Revision 1.66 / (download) - annotate - [select for diffs], Fri May 27 04:55:28 2005 UTC (19 years ago) by mcbride
Branch: MAIN
Changes since 1.65: +6 -1 lines
Diff to previous 1.65 (colored)
Experimental support for opportunitic use of jumbograms where only some hosts on the local network support them. This adds a new socket option, SO_JUMBO, and a new route flag, RTF_JUMBO. If _both_ the socket option is set and the route for the host has RTF_JUMBO set, ip_output will fragment the packet to the largest possible size for the link, ignoring the card's MTU. The semantics of this feature will be evolving rapidly; talk to us if you intend to use it. ok deraadt@ marius@
Revision 1.65 / (download) - annotate - [select for diffs], Tue May 24 04:20:25 2005 UTC (19 years ago) by markus
Branch: MAIN
Changes since 1.64: +5 -2 lines
Diff to previous 1.64 (colored)
add net.inet.ip.ifq for monitoring and changing ifqueue; similar to netbsd ok henning
Revision 1.64 / (download) - annotate - [select for diffs], Fri Jan 14 14:51:27 2005 UTC (19 years, 5 months ago) by mcbride
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)
Add kernel support for Protocol Independant Multicast (PIM) Information: http://netweb.usc.edu/pim/ From Pavlin Radoslavov <pavlin@icir.org> ok deraadt@ brad@
Revision 1.63 / (download) - annotate - [select for diffs], Wed Nov 24 01:25:42 2004 UTC (19 years, 6 months ago) by mcbride
Branch: MAIN
Changes since 1.62: +3 -1 lines
Diff to previous 1.62 (colored)
Multicast routing cleanup from Pavlin Radoslavov - sync ip_mroute.c with NetBSD - import some FreeBSD changes to MFC entry handling - set im->im_vif correctly when sending IGMPMSG_WRONGVIF - increment mrtstat.mrts_upcalls correctly - return error from get_sg_cnt() if there is no matching forwarding entry ok henning@ brad@ naddy@
Revision 1.38.2.9 / (download) - annotate - [select for diffs], Mon Jun 7 20:41:39 2004 UTC (20 years ago) by niklas
Branch: SMP
Changes since 1.38.2.8: +11 -0 lines
Diff to previous 1.38.2.8 (colored) to branchpoint 1.38 (colored) next main 1.39 (colored)
sync to head
Revision 1.62 / (download) - annotate - [select for diffs], Sun Jun 6 16:49:09 2004 UTC (20 years ago) by cedric
Branch: MAIN
CVS Tags: SMP_SYNC_B,
SMP_SYNC_A,
OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.61: +12 -1 lines
Diff to previous 1.61 (colored)
extend routing table to be able to match and route packets based on their *source* IP address in addition to their destination address. routing table "destination" now contains a "struct sockaddr_rtin" for IPv4 instead of a "struct sockaddr_in". the routing socket has been extended in a backward-compatible way. todo: PMTU enhancements, IPv6. ok deraadt@ mcbride@
Revision 1.38.2.8 / (download) - annotate - [select for diffs], Sat Jun 5 23:11:25 2004 UTC (20 years ago) by niklas
Branch: SMP
Changes since 1.38.2.7: +32 -0 lines
Diff to previous 1.38.2.7 (colored) to branchpoint 1.38 (colored)
Merge with the trunk
Revision 1.38.2.7 / (download) - annotate - [select for diffs], Thu Feb 19 10:57:23 2004 UTC (20 years, 3 months ago) by niklas
Branch: SMP
Changes since 1.38.2.6: +10 -2 lines
Diff to previous 1.38.2.6 (colored) to branchpoint 1.38 (colored)
Merge of current from two weeks agointo the SMP branch
Revision 1.61 / (download) - annotate - [select for diffs], Sun Feb 15 11:16:08 2004 UTC (20 years, 3 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.60: +33 -1 lines
Diff to previous 1.60 (colored)
switch to sysctl_int_arr(); ok itojun, henning, miod, deraadt
Revision 1.60 / (download) - annotate - [select for diffs], Wed Dec 17 21:36:17 2003 UTC (20 years, 5 months ago) by mcbride
Branch: MAIN
Changes since 1.59: +3 -3 lines
Diff to previous 1.59 (colored)
Change pfsync IP protocol and multicast group numbers. IPPROTO_PFSYNC -> 240 INADDR_PFSYNC_GROUP -> 224.0.0.240 ok deraadt@
Revision 1.59 / (download) - annotate - [select for diffs], Mon Dec 15 07:11:30 2003 UTC (20 years, 6 months ago) by mcbride
Branch: MAIN
Changes since 1.58: +3 -1 lines
Diff to previous 1.58 (colored)
Add initial support for pf state synchronization over the network. Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@
Revision 1.58 / (download) - annotate - [select for diffs], Fri Oct 17 21:04:58 2003 UTC (20 years, 7 months ago) by mcbride
Branch: MAIN
Changes since 1.57: +8 -2 lines
Diff to previous 1.57 (colored)
Common Address Redundancy Protocol Allows multiple hosts to share an IP address, providing high availability and load balancing. Based on code by mickey@, with additional help from markus@ and Marco_Pfatschbacher@genua.de ok deraadt@
Revision 1.38.2.6 / (download) - annotate - [select for diffs], Sat Jun 7 11:06:08 2003 UTC (21 years ago) by ho
Branch: SMP
Changes since 1.38.2.5: +2 -6 lines
Diff to previous 1.38.2.5 (colored) to branchpoint 1.38 (colored)
Sync SMP branch to -current
Revision 1.57 / (download) - annotate - [select for diffs], Mon Jun 2 23:28:13 2003 UTC (21 years ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.56: +2 -6 lines
Diff to previous 1.56 (colored)
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
Revision 1.55.2.1 / (download) - annotate - [select for diffs], Tue Jun 11 03:31:36 2002 UTC (22 years ago) by art
Branch: UBC
Changes since 1.55: +11 -11 lines
Diff to previous 1.55 (colored) next main 1.56 (colored)
Sync UBC branch to -current
Revision 1.38.2.5 / (download) - annotate - [select for diffs], Thu Mar 28 14:56:45 2002 UTC (22 years, 2 months ago) by niklas
Branch: SMP
Changes since 1.38.2.4: +10 -10 lines
Diff to previous 1.38.2.4 (colored) to branchpoint 1.38 (colored)
Merge in -current from roughly a week ago
Revision 1.56 / (download) - annotate - [select for diffs], Thu Mar 14 01:27:11 2002 UTC (22 years, 3 months ago) by millert
Branch: MAIN
CVS Tags: UBC_SYNC_B,
UBC_SYNC_A,
OPENBSD_3_3_BASE,
OPENBSD_3_3,
OPENBSD_3_2_BASE,
OPENBSD_3_2,
OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.55: +11 -11 lines
Diff to previous 1.55 (colored)
First round of __P removal in sys
Revision 1.38.2.4 / (download) - annotate - [select for diffs], Tue Nov 13 22:59:58 2001 UTC (22 years, 7 months ago) by niklas
Branch: SMP
Changes since 1.38.2.3: +2 -1 lines
Diff to previous 1.38.2.3 (colored) to branchpoint 1.38 (colored)
merge in -current
Revision 1.55 / (download) - annotate - [select for diffs], Tue Nov 6 21:26:33 2001 UTC (22 years, 7 months ago) by jakob
Branch: MAIN
CVS Tags: UBC_BASE
Branch point for: UBC
Changes since 1.54: +2 -1 lines
Diff to previous 1.54 (colored)
send igmp v2 leave messages to allrouters address (PR#2164) patch based on parts from NetBSD submitted by goeran@cdg.chalmers.se
Revision 1.38.2.3 / (download) - annotate - [select for diffs], Wed Oct 31 03:29:03 2001 UTC (22 years, 7 months ago) by nate
Branch: SMP
Changes since 1.38.2.2: +18 -3 lines
Diff to previous 1.38.2.2 (colored) to branchpoint 1.38 (colored)
Sync the SMP branch to something just after 3.0
Revision 1.54 / (download) - annotate - [select for diffs], Thu Jul 5 08:40:12 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
Style
Revision 1.53 / (download) - annotate - [select for diffs], Thu Jul 5 08:31:47 2001 UTC (22 years, 11 months ago) by jjbg
Branch: MAIN
Changes since 1.52: +18 -3 lines
Diff to previous 1.52 (colored)
IPComp itself (include files). angelos@ ok.
Revision 1.38.2.2 / (download) - annotate - [select for diffs], Wed Jul 4 10:54:31 2001 UTC (22 years, 11 months ago) by niklas
Branch: SMP
Changes since 1.38.2.1: +61 -3 lines
Diff to previous 1.38.2.1 (colored) to branchpoint 1.38 (colored)
Merge in -current from two days ago in the SMP branch. As usual with merges, they do not indicate progress, so do not hold your breath for working SMP, and do not mail me and ask about the state of it. It has not changed. There is work ongoing, but very, very slowly. The commit is done in parts as to not lock up the tree in too big chunks at a time.
Revision 1.52 / (download) - annotate - [select for diffs], Mon Jun 25 00:11:57 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.51: +8 -8 lines
Diff to previous 1.51 (colored)
Use in_cksum_phdr() rather than in_cksum() -- from NetBSD
Revision 1.51 / (download) - annotate - [select for diffs], Sun Jun 24 23:41:47 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.50: +48 -1 lines
Diff to previous 1.50 (colored)
Import in_cksum_phdr() and in_cksum_addword() from NetBSD.
Revision 1.50 / (download) - annotate - [select for diffs], Sun Jun 24 23:33:55 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.49: +2 -1 lines
Diff to previous 1.49 (colored)
Import in_delayed_cksum() and convert to using it; also, don't do TCP/UDP HW checksumming if doing IP fragmentation. From NetBSD
Revision 1.49 / (download) - annotate - [select for diffs], Sat Jun 23 06:38:10 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)
Typo.
Revision 1.48 / (download) - annotate - [select for diffs], Sat Jun 23 06:37:31 2001 UTC (22 years, 11 months ago) by angelos
Branch: MAIN
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored)
Prototype for in4_cksum()
Revision 1.47 / (download) - annotate - [select for diffs], Tue Jun 12 10:57:22 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.46: +3 -2 lines
Diff to previous 1.46 (colored)
IPsec setsockopts.
Revision 1.46 / (download) - annotate - [select for diffs], Sat Jun 9 07:03:40 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.45: +3 -3 lines
Diff to previous 1.45 (colored)
Inclusion protection.
Revision 1.45 / (download) - annotate - [select for diffs], Sun May 27 05:27:01 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.44: +6 -1 lines
Diff to previous 1.44 (colored)
Add some IPsec-related IP-level socket options.
Revision 1.44 / (download) - annotate - [select for diffs], Thu May 17 18:41:46 2001 UTC (23 years ago) by provos
Branch: MAIN
Changes since 1.43: +4 -1 lines
Diff to previous 1.43 (colored)
convert mbuf and cluster allocation to pool, mostly from NetBSD okay art@ miod@
Revision 1.38.2.1 / (download) - annotate - [select for diffs], Mon May 14 22:40:07 2001 UTC (23 years, 1 month ago) by niklas
Branch: SMP
Changes since 1.38: +14 -12 lines
Diff to previous 1.38 (colored)
merge in approximately 2.9 into SMP branch
Revision 1.43 / (download) - annotate - [select for diffs], Sat Dec 9 01:32:09 2000 UTC (23 years, 6 months ago) by itojun
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9
Changes since 1.42: +1 -3 lines
Diff to previous 1.42 (colored)
remove duplicated def of INET_ADDRSTRLEN.
Revision 1.42 / (download) - annotate - [select for diffs], Tue Sep 19 03:20:57 2000 UTC (23 years, 8 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE,
OPENBSD_2_8
Changes since 1.41: +3 -5 lines
Diff to previous 1.41 (colored)
Lots and lots of changes.
Revision 1.41 / (download) - annotate - [select for diffs], Mon Sep 18 22:06:36 2000 UTC (23 years, 8 months ago) by provos
Branch: MAIN
Changes since 1.40: +6 -2 lines
Diff to previous 1.40 (colored)
Path MTU discovery based on NetBSD but with the decision to use the DF flag delayed to ip_output(). That halves the code and reduces most of the route lookups. okay deraadt@
Revision 1.40 / (download) - annotate - [select for diffs], Sun Jun 18 07:06:13 2000 UTC (23 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.39: +4 -4 lines
Diff to previous 1.39 (colored)
for mcdonald-simple-ipsec-api get/setsockopt, variable size was mixed up. in some place sizeof(u_char), and in some place sizeof(int) were used. previous code can cause problem in big endian machines. now it always uses "int" (isakmpd uses int, so it should be okay) set m_len properly on mcdonald-simple-ipsec-api getsockopt.
Revision 1.39 / (download) - annotate - [select for diffs], Thu May 25 01:22:00 2000 UTC (24 years ago) by itojun
Branch: MAIN
Changes since 1.38: +4 -2 lines
Diff to previous 1.38 (colored)
net.inet.ip.gif_ttl (and IPv6 counterpart) is never used. enforce type checking on IN6_ARE_ADDR_EQUAL.
Revision 1.38 / (download) - annotate - [select for diffs], Wed Feb 9 07:37:14 2000 UTC (24 years, 4 months ago) by itojun
Branch: MAIN
CVS Tags: SMP_BASE,
OPENBSD_2_7_BASE,
OPENBSD_2_7
Branch point for: SMP
Changes since 1.37: +3 -1 lines
Diff to previous 1.37 (colored)
improve RFC2553/2292 conformance. netinet6/{ip6,icmp6,in6}.h should not
be included.
neitnet6/{ip6,icmp6}.h includes #error statements only - i'll remove them
couple of days later.
Revision 1.37 / (download) - annotate - [select for diffs], Wed Jan 26 03:43:17 2000 UTC (24 years, 4 months ago) by deraadt
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)
new bindresvport() semantics that itojun, shin, jean-luc and i have agreed on, which will be happy for the future. bindresvport_sa() for sockaddr *, too. docs later..
Revision 1.36 / (download) - annotate - [select for diffs], Fri Jan 21 03:15:04 2000 UTC (24 years, 4 months ago) by angelos
Branch: MAIN
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)
Rename the ip4_* routines to ipip_*, make it so GIF tunnels are not affected by net.inet.ipip.allow (the sysctl formerly known as net.inet.ip4.allow), rename the VIF ipip_input to ipip_mroute_input.
Revision 1.35 / (download) - annotate - [select for diffs], Tue Jan 18 19:06:07 2000 UTC (24 years, 4 months ago) by angelos
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
Bump IPPROTO_MAX to include IPPROTO_MOBILE and IPPROTO_ETHERIP.
Revision 1.34 / (download) - annotate - [select for diffs], Tue Jan 11 01:13:49 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.33: +1 -175 lines
Diff to previous 1.33 (colored)
Remove ifdef'ed out definitions.
Revision 1.33 / (download) - annotate - [select for diffs], Mon Jan 10 06:59:21 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.32: +24 -2 lines
Diff to previous 1.32 (colored)
Add 10 new ipsec-related sysctl variables...they are currently under net.inet.ip; perhaps they should be moved under net.inet.ipsec or some such.
Revision 1.32 / (download) - annotate - [select for diffs], Mon Jan 10 04:30:52 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.31: +5 -3 lines
Diff to previous 1.31 (colored)
Add net.inet.ip.ipsec-invalid-life, default value 60 seconds; the amount of time embryonic SAs will be kept before they have to be initialized by key management (this only affects automated key management).
Revision 1.31 / (download) - annotate - [select for diffs], Sun Jan 9 22:17:56 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.30: +4 -2 lines
Diff to previous 1.30 (colored)
Add a sysctl for IPsec ingress access control (better explanation on a follow-up commit).
Revision 1.30 / (download) - annotate - [select for diffs], Fri Jan 7 21:45:22 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
Forgot the names here...
Revision 1.29 / (download) - annotate - [select for diffs], Fri Jan 7 19:37:09 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.28: +7 -5 lines
Diff to previous 1.28 (colored)
IPPROTO_GRE and IPPROTO_MOBILE definitions (from NetBSD)
Revision 1.28 / (download) - annotate - [select for diffs], Sat Dec 18 16:55:44 1999 UTC (24 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.27: +2 -1 lines
Diff to previous 1.27 (colored)
too much software forgets to include sys/socket.h, SIGH
Revision 1.27 / (download) - annotate - [select for diffs], Thu Dec 16 21:30:34 1999 UTC (24 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)
rresvport_af() and bindresvport_af()
Revision 1.26 / (download) - annotate - [select for diffs], Wed Dec 8 06:50:19 1999 UTC (24 years, 6 months ago) by itojun
Branch: MAIN
CVS Tags: kame_19991208
Changes since 1.25: +33 -2 lines
Diff to previous 1.25 (colored)
bring in KAME IPv6 code, dated 19991208.
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).
Revision 1.25 / (download) - annotate - [select for diffs], Thu Oct 28 03:29:49 1999 UTC (24 years, 7 months ago) by angelos
Branch: MAIN
Changes since 1.24: +47 -1 lines
Diff to previous 1.24 (colored)
Add etherip.allow sysctl node entry.
Revision 1.24 / (download) - annotate - [select for diffs], Thu Oct 28 01:55:12 1999 UTC (24 years, 7 months ago) by angelos
Branch: MAIN
Changes since 1.23: +2 -1 lines
Diff to previous 1.23 (colored)
Define IPPROTO_ETHERIP.
Revision 1.23 / (download) - annotate - [select for diffs], Sun Apr 11 19:41:36 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6,
OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.22: +36 -5 lines
Diff to previous 1.22 (colored)
Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default.
If you are going to use either of AH or ESP or both, enable these in
/etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now
named net.inet.ip.encdebug. Some corrected function signatures too.
Revision 1.22 / (download) - annotate - [select for diffs], Fri Apr 9 23:28:44 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
The kernel parts of a sysctl that can switch on/off IP-in-IP (protocol 4) support, when IPSEC is compiled in. The default is disabled. Turn on with: sysctl -w net.inet.ip4.allow=1 ***Only*** do this if you are really knowing what you do! This control does not control the tunnel modes of ESP and AH.
Revision 1.21 / (download) - annotate - [select for diffs], Sat Mar 27 21:04:21 1999 UTC (25 years, 2 months ago) by provos
Branch: MAIN
Changes since 1.20: +3 -1 lines
Diff to previous 1.20 (colored)
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
Revision 1.20 / (download) - annotate - [select for diffs], Wed Mar 24 02:31:03 1999 UTC (25 years, 2 months ago) by cmetz
Branch: MAIN
Changes since 1.19: +1 -2 lines
Diff to previous 1.19 (colored)
Removed old NRL convention in6a_words virtual-field from struct in6_addr. Let's not encourage the use of an obsolete convention.
Revision 1.19 / (download) - annotate - [select for diffs], Wed Feb 24 04:39:39 1999 UTC (25 years, 3 months ago) by cmetz
Branch: MAIN
Changes since 1.18: +168 -6 lines
Diff to previous 1.18 (colored)
Added in.h definitions required by IPv6 Basic API and Advanced API specs, and a few extras that are just plain useful. Note that I used u_intxx_t instead of the POSIX p1003.1g uintxx_t that those specs mandate, so as to not increase the number of outside symbol definitions that in.h depends on.
Revision 1.18 / (download) - annotate - [select for diffs], Wed Feb 17 23:51:12 1999 UTC (25 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.17: +4 -2 lines
Diff to previous 1.17 (colored)
add fragment flood protection; configureable using sysctl ip.maxqueue
Revision 1.17 / (download) - annotate - [select for diffs], Sun Jan 10 02:37:33 1999 UTC (25 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.16: +10 -5 lines
Diff to previous 1.16 (colored)
merge INPROTO_* tables
Revision 1.16 / (download) - annotate - [select for diffs], Thu Jan 7 06:13:34 1999 UTC (25 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.15: +3 -1 lines
Diff to previous 1.15 (colored)
update for ipv6
Revision 1.15 / (download) - annotate - [select for diffs], Sun Jan 3 18:20:35 1999 UTC (25 years, 5 months ago) by millert
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
use int8_t, not char in c++ case for consistency and fix indentation
Revision 1.14 / (download) - annotate - [select for diffs], Fri Jan 1 11:15:03 1999 UTC (25 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.13: +5 -1 lines
Diff to previous 1.13 (colored)
mirror OSF1 solution for ip_opts[] within struct called ip_opts; dm@, pr#681
Revision 1.13 / (download) - annotate - [select for diffs], Mon May 18 21:10:26 1998 UTC (26 years ago) by provos
Branch: MAIN
CVS Tags: OPENBSD_2_4_BASE,
OPENBSD_2_4
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
first step to the setsockopt/getsockopt interface as described in draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal userland key management applications when security services are requested. this is only for outgoing connections at the moment, incoming packets are not yet checked against the selected socket policy.
Revision 1.12 / (download) - annotate - [select for diffs], Wed Feb 11 03:58:31 1998 UTC (26 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_3_BASE,
OPENBSD_2_3
Changes since 1.11: +4 -4 lines
Diff to previous 1.11 (colored)
make IPPORT_USERRESERVED a nice fat number -> random ports look really funky.
Revision 1.11 / (download) - annotate - [select for diffs], Sun Nov 30 18:50:19 1997 UTC (26 years, 6 months ago) by millert
Branch: MAIN
Changes since 1.10: +6 -6 lines
Diff to previous 1.10 (colored)
Move in_addr_t and in_port_t to <sys/types.h> and add sa_family_t and suseconds_t types for XPG4.2.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Jul 28 15:22:30 1997 UTC (26 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_2_2_BASE,
OPENBSD_2_2
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
Make struct in_addr contain an in_addr_t since that's what in_addr_t is for (same basic type so we don't break anything).
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jul 2 00:18:55 1997 UTC (26 years, 11 months ago) by millert
Branch: MAIN
Changes since 1.8: +9 -2 lines
Diff to previous 1.8 (colored)
Move prototype for bindresvport(3) to <netiniet/in.h> as it is not rpc-specific and other stuff uses it now.
Revision 1.8 / (download) - annotate - [select for diffs], Fri Feb 28 03:44:52 1997 UTC (27 years, 3 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_2_1_BASE,
OPENBSD_2_1
Changes since 1.7: +22 -1 lines
Diff to previous 1.7 (colored)
IPsec socket API hooks are in.
Revision 1.7 / (download) - annotate - [select for diffs], Thu Feb 20 01:07:45 1997 UTC (27 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.6: +2 -0 lines
Diff to previous 1.6 (colored)
IPSEC package by John Ioannidis and Angelos D. Keromytis. Written in Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz
Revision 1.6 / (download) - annotate - [select for diffs], Mon Jul 29 02:34:29 1996 UTC (27 years, 10 months ago) by downsj
Branch: MAIN
CVS Tags: OPENBSD_2_0_BASE,
OPENBSD_2_0
Changes since 1.5: +61 -2 lines
Diff to previous 1.5 (colored)
From FreeBSD (with slightly different sysctl names): "... Allow the user to nominate one of three ranges of port numbers as candidates for selecting a local address to replace a zero port number. The ranges are selected via a setsockopt(s, IPPROTO_IP, IP_PORTRANGE, &arg) call. The three ranges are: default, high (to bypass firewalls) and low (to get a port below 1024). The default and high port ranges are sysctl settable under sysctl net.inet.ip.portrange.* [net.inet.ip.portfirst, net.inet.ip.portlast, net.inet.ip.porthifirst, and net.inet.ip.porthilast currently in OpenBSD.] This code also fixes a potential deadlock if the system accidently ran out of local port addresses. It'd drop into an infinite while loop. The secure port selection (for root) should reduce overheads and increase reliability of rlogin/rlogind/rsh/rshd if they are modified to take advantage of it."
Revision 1.5 / (download) - annotate - [select for diffs], Sun Mar 3 22:30:29 1996 UTC (28 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.4: +7 -4 lines
Diff to previous 1.4 (colored)
From NetBSD: 960217 merge
Revision 1.4 / (download) - annotate - [select for diffs], Wed Feb 21 07:10:36 1996 UTC (28 years, 3 months ago) by mickey
Branch: MAIN
Changes since 1.3: +1 -0 lines
Diff to previous 1.3 (colored)
Added INADDR_MAX_LOCAL_GROUP, since it was present in 4.4-Lite and gated wants it to there ;)
Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 28 22:42:56 1995 UTC (28 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +1 -0 lines
Diff to previous 1.2 (colored)
add inet_ntoa() to the kernel. use it to log nicer messages. idea from freebsd
Revision 1.2 / (download) - annotate - [select for diffs], Sun Nov 26 23:40:17 1995 UTC (28 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +3 -1 lines
Diff to previous 1.1 (colored)
add sysctl net.inet.ip.sourceroute option; default to 0. copied from freebsd
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Oct 18 08:53:10 1995 UTC (28 years, 8 months ago) by deraadt
CVS Tags: netbsd_1_1
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
initial import of NetBSD tree
Revision 1.1 / (download) - annotate - [select for diffs], Wed Oct 18 08:53:10 1995 UTC (28 years, 8 months ago) by deraadt
Branch: MAIN
Initial revision