Up to [local] / src / sys / netinet
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.104 / (download) - annotate - [select for diffs], Sun Apr 14 20:46:27 2024 UTC (8 weeks, 1 day ago) by bluhm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.103: +3 -3 lines
Diff to previous 1.103 (colored)
Run raw IP input in parallel. Running raw IPv4 input with shared net lock in parallel is less complex than UDP. Especially there is no socket splicing. New ip_deliver() may run with shared or exclusive net lock. The last parameter indicates the mode. If is is running with shared netlock and encounters a protocol that needs exclusive lock, the packet is queued. Old ip_ours() always queued the packet. Now it calls ip_deliver() with shared net lock, and if that cannot handle the packet completely, the packet is queued and later processed with exclusive net lock. In case of an IPv6 header chain, that switches from shared to exclusive processing, the next protocol and mbuf offset are stored in a mbuf tag. OK mvs@
Revision 1.103 / (download) - annotate - [select for diffs], Thu Jan 11 14:15:12 2024 UTC (4 months, 4 weeks ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.102: +2 -2 lines
Diff to previous 1.102 (colored)
Use domain name for socket lock. Syzkaller with witness complains about lock ordering of pf lock with socket lock. Socket lock for inet is taken before pf lock. Pf lock is taken before socket lock for route. This is a false positive as route and inet socket locks are distinct. Witness does not know this. Name the socket lock like the domain of the socket, then rwlock name is used in witness lo_name subtype. Make domain names more consistent for locking, they were not used anyway. Regardless of witness problem, unique lock name for each socket type make sense. Reported-by: syzbot+34d22dcbf20d76629c5a@syzkaller.appspotmail.com Reported-by: syzbot+fde8d07ba74b69d0adfe@syzkaller.appspotmail.com OK mvs@
Revision 1.102 / (download) - annotate - [select for diffs], Thu Jul 6 04:55:05 2023 UTC (11 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.101: +2 -2 lines
Diff to previous 1.101 (colored)
big update to pfsync to try and clean up locking in particular. moving pf forward has been a real struggle, and pfsync has been a constant source of pain. we have been papering over the problems for a while now, but it reached the point that it needed a fundamental restructure, which is what this diff is. the big headliner changes in this diff are: - pfsync specific locks this is the whole reason for this diff. rather than rely on NET_LOCK or KERNEL_LOCK or whatever, pfsync now has it's own locks to protect it's internal data structures. this is important because pfsync runs a bunch of timeouts and tasks to push pfsync packets out on the wire, or when it's handling requests generated by incoming pfsync packets, both of which happen outside pf itself running. having pfsync specific locks around pfsync data structures makes the mutations of these data structures a lot more explicit and auditable. - partitioning to enable future parallelisation of the network stack, this rewrite includes support for pfsync to partition states into different "slices". these slices run independently, ie, the states collected by one slice are serialised into a separate packet to the states collected and serialised by another slice. states are mapped to pfsync slices based on the pf state hash, which is the same hash that the rest of the network stack and multiq hardware uses. - no more pfsync called from netisr pfsync used to be called from netisr to try and bundle packets, but now that there's multiple pfsync slices this doesnt make sense. instead it uses tasks in softnet tqs. - improved bulk transfer handling there's shiny new state machines around both the bulk transmit and receive handling. pfsync used to do horrible things to carp demotion counters, but now it is very predictable and returns the counters back where they started. - better tdb handling the tdb handling was pretty hairy, but hrvoje has kicked this around a lot with ipsec and sasyncd and we've found and fixed a bunch of issues as a result of that testing. - mpsafe pf state purges this was committed previously, but because the locks pfsync relied on weren't clear this just caused a ton of bugs. as part of this diff it's now reliable, and moves a big chunk of work out from under KERNEL_LOCK, which in turn improves the responsiveness and throughput of a firewall even if you're not using pfsync. there's a bunch of other little changes along the way, but the above are the big ones. hrvoje has done performance testing with this diff and notes a big improvement when pfsync is not in use. performance when pfsync is enabled is about the same, but im hoping the slices means we can scale along with pf as it improves. lots (months) of testing by me and hrvoje on pfsync boxes tests and ok sashan@ deraadt@ says this is a good time to put it in
Revision 1.101 / (download) - annotate - [select for diffs], Thu May 18 09:59:43 2023 UTC (12 months, 3 weeks ago) by mvs
Branch: MAIN
Changes since 1.100: +1 -2 lines
Diff to previous 1.100 (colored)
Revert ip_sysctl() unlocking. Lock order issue was triggered in UVM layer.
Revision 1.100 / (download) - annotate - [select for diffs], Tue May 16 19:36:00 2023 UTC (12 months, 3 weeks ago) by mvs
Branch: MAIN
Changes since 1.99: +2 -1 lines
Diff to previous 1.99 (colored)
Introduce temporary PR_MPSYSCTL flag to mark (*pr_sysctl)() handler MP safe. We have may of them, so use flag instead of pushing kernel lock within. Unlock ip_sysctl(). Still take kernel lock within IPCTL_MRTSTATS case. It looks like `mrtstat' protection is inconsistent, so keep locking as it was. Since `mrtstat' are counters, it make sense to rework them into per CPU counters with separate diffs. Feedback and ok from bluhm@
Revision 1.99 / (download) - annotate - [select for diffs], Mon Aug 15 09:11:38 2022 UTC (21 months, 3 weeks ago) by mvs
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.98: +18 -52 lines
Diff to previous 1.98 (colored)
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs. Based on reverted diff from guenther@. ok bluhm@
Revision 1.98 / (download) - annotate - [select for diffs], Fri Feb 25 23:51:03 2022 UTC (2 years, 3 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.97: +35 -18 lines
Diff to previous 1.97 (colored)
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
Revision 1.97 / (download) - annotate - [select for diffs], Fri Feb 25 08:36:01 2022 UTC (2 years, 3 months ago) by guenther
Branch: MAIN
Changes since 1.96: +18 -35 lines
Diff to previous 1.96 (colored)
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this. Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts. ok mvs@ bluhm@
Revision 1.96 / (download) - annotate - [select for diffs], Sun Oct 24 22:59:47 2021 UTC (2 years, 7 months ago) by bluhm
Branch: MAIN
Changes since 1.95: +4 -4 lines
Diff to previous 1.95 (colored)
Remove code duplication by merging the v4 and v6 input functions for ah, esp, and ipcomp. Move common code into ipsec_protoff() which finds the offset of the next protocol field in the previous header. OK tobhe@
Revision 1.95 / (download) - annotate - [select for diffs], Tue May 25 22:45:09 2021 UTC (3 years ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)
As network features are not added dynamically, the domain structures are constant. Having more const makes MP review easier. More pointers are mapped read-only in the kernel image. OK deraadt@ mvs@
Revision 1.94 / (download) - annotate - [select for diffs], Mon Nov 4 23:52:28 2019 UTC (4 years, 7 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.93: +1 -20 lines
Diff to previous 1.93 (colored)
remove mobileip(4) noone seems to use it, and we should not encourage people to use it by having it available. it's been disabled for most of the last release and noones asked for it in 6.6, so i'm taking that as an ok for this removal.
Revision 1.93 / (download) - annotate - [select for diffs], Mon Jul 15 12:40:42 2019 UTC (4 years, 10 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.92: +2 -1 lines
Diff to previous 1.92 (colored)
Initialize struct inpcb pool not on demand, but during initialization. Removes a global variable and avoids MP problems. OK mpi@ visa@
Revision 1.92 / (download) - annotate - [select for diffs], Thu Jun 13 08:12:11 2019 UTC (5 years ago) by claudio
Branch: MAIN
Changes since 1.91: +2 -1 lines
Diff to previous 1.91 (colored)
Copy the user provided sockaddr into a normalized sockaddr in rtrequest() before adding it to the routing table. The rtable code is doing memcmp() of those rt_dest sockaddrs so it is important that they are stored in a canonical form. To do this struct domain is extended to include the sockaddr size for this address family. OK bluhm@ anton@ Reported-by: syzbot+10fe9cd8d0211c562ead@syzkaller.appspotmail.com
Revision 1.91 / (download) - annotate - [select for diffs], Mon Nov 19 10:15:04 2018 UTC (5 years, 6 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.90: +1 -2 lines
Diff to previous 1.90 (colored)
Retire dom_rtkeylen from struct domain. Nothing is using this anymore. It was used by the original patricia tree. OK mpi@
Revision 1.90 / (download) - annotate - [select for diffs], Sat Feb 10 08:12:01 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored)
rework gif to be more consistent. while here, give us support for mpls in gif on ipv6. this moves all the gif handling into if_gif, eg, the mpls handling is no longer in ip_etherip.c. ok claudio@
Revision 1.89 / (download) - annotate - [select for diffs], Wed Feb 7 01:09:57 2018 UTC (6 years, 4 months ago) by dlg
Branch: MAIN
Changes since 1.88: +11 -4 lines
Diff to previous 1.88 (colored)
split mobileip(4) out from the gre(4) driver. having mobileip in gre makes it hard to cut gre up. the current mobileip code is also broken, so this is def and improvement. it also makes it easy to disable and remove mobileip in the future. ok claudio@ henning@
Revision 1.88 / (download) - annotate - [select for diffs], Thu Nov 23 13:45:46 2017 UTC (6 years, 6 months ago) by mpi
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)
Constify protocol tables and remove an assert now that ip_deliver() is mp-safe. ok bluhm@, visa@
Revision 1.87 / (download) - annotate - [select for diffs], Fri Nov 17 18:22:52 2017 UTC (6 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.86: +2 -2 lines
Diff to previous 1.86 (colored)
Rename etherip sysctl handler, there's no conflict with ip_ether.c any more ok visa@ mpi@
Revision 1.86 / (download) - annotate - [select for diffs], Fri Nov 17 18:20:49 2017 UTC (6 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.85: +2 -2 lines
Diff to previous 1.85 (colored)
Rename functions that now handle only MPLS-in-IP ok visa@ mpi@
Revision 1.85 / (download) - annotate - [select for diffs], Fri Nov 17 14:51:13 2017 UTC (6 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.84: +1 -14 lines
Diff to previous 1.84 (colored)
Drop all Ethernet-in-IP support from gif(4) As a result, ip_ether.c now only deals with MPLS-in-IP. The next commits will move & rename stuff to make this clear. ok visa@ mpi@
Revision 1.84 / (download) - annotate - [select for diffs], Fri Nov 17 13:36:04 2017 UTC (6 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.83: +1 -2 lines
Diff to previous 1.83 (colored)
Move etherip counters and their allocation to etherip(4) gif(4) now depends on etherip(4) but this is a temporary drawback: we can get rid of etherip_init(), called from the protocol switch, and ip_ether.c should stop using etherip counters once it is clear that this file doesn't handle ethernet-in-IP any more. ok visa@ as part of a larger diff, ok mpi@
Revision 1.83 / (download) - annotate - [select for diffs], Wed Nov 15 16:52:44 2017 UTC (6 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.82: +1 -2 lines
Diff to previous 1.82 (colored)
Make etherip(4) the single driver responsible for etherip sysctl entries. One step needed to completely remove ethernet-in-IP support from gif(4). No functional changes. ok visa@ as part of a larger diff, ok mpi@
Revision 1.82 / (download) - annotate - [select for diffs], Fri Nov 10 02:37:14 2017 UTC (6 years, 7 months ago) by visa
Branch: MAIN
Changes since 1.81: +2 -1 lines
Diff to previous 1.81 (colored)
Use percpu counters with etheripstat. Input and OK jca@, OK florian@
Revision 1.81 / (download) - annotate - [select for diffs], Sun Nov 5 13:19:59 2017 UTC (6 years, 7 months ago) by florian
Branch: MAIN
Changes since 1.80: +1 -2 lines
Diff to previous 1.80 (colored)
Finish off pr_drain functions, they haven't been used since 2006. OK mpi
Revision 1.80 / (download) - annotate - [select for diffs], Thu Nov 2 14:01:18 2017 UTC (6 years, 7 months ago) by florian
Branch: MAIN
Changes since 1.79: +23 -4 lines
Diff to previous 1.79 (colored)
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking. Suggested by, comments & OK mpi
Revision 1.79 / (download) - annotate - [select for diffs], Thu May 18 10:56:45 2017 UTC (7 years ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.78: +3 -3 lines
Diff to previous 1.78 (colored)
The function name ip4_input() is confusing as it also handles IPv6 packets. This is the IP in IP protocol input function, so call it ipip_input(). Rename the existing ipip_input() to ipip_input_gif() as it is the input function used by the gif interface. Pass the address family to make it consistent with pr_input. Use __func__ in debug print and panic messages. Move all ipip prototypes to the ip_ipip.h header file. OK dhill@ mpi@
Revision 1.78 / (download) - annotate - [select for diffs], Wed May 17 15:39:36 2017 UTC (7 years ago) by bluhm
Branch: MAIN
Changes since 1.77: +19 -35 lines
Diff to previous 1.77 (colored)
The large and nested GIF #ifdef in protosw made it hard to figure out what is going on. There were also some inconsistencies that seem to be oversights. Use more specific the #ifdefs. OK mpi@
Revision 1.77 / (download) - annotate - [select for diffs], Tue May 9 13:33:50 2017 UTC (7 years, 1 month ago) by bluhm
Branch: MAIN
Changes since 1.76: +1 -19 lines
Diff to previous 1.76 (colored)
Remove rip_output() and rip6_output() from inetsw and inet6sw. The rip_output() function is never called via the pr_output pointer. rip_usrreq(PRU_SEND) calls rip_output() directly. raw_usrreq() is never called from inetsw. Situation in inet and inet6 is analog. OK claudio@ mikeb@
Revision 1.76 / (download) - annotate - [select for diffs], Mon Mar 13 20:18:21 2017 UTC (7 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.75: +26 -5 lines
Diff to previous 1.75 (colored)
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
Revision 1.75 / (download) - annotate - [select for diffs], Fri Mar 10 07:29:25 2017 UTC (7 years, 3 months ago) by jca
Branch: MAIN
Changes since 1.74: +5 -3 lines
Diff to previous 1.74 (colored)
percpu counters for ip_ipip.c ok bluhm@ dhill@ mpi@
Revision 1.74 / (download) - annotate - [select for diffs], Thu Mar 2 08:58:24 2017 UTC (7 years, 3 months ago) by mpi
Branch: MAIN
Changes since 1.73: +10 -6 lines
Diff to previous 1.73 (colored)
Convert domain declarations to C99 initializers. ok dhill@, florian@, bluhm@
Revision 1.73 / (download) - annotate - [select for diffs], Wed Feb 22 19:34:42 2017 UTC (7 years, 3 months ago) by dhill
Branch: MAIN
Changes since 1.72: +228 -99 lines
Diff to previous 1.72 (colored)
Use c99 struct initialization with protosw. This makes it easier to grep for a member, such as .pr_usrreq, and know which functions to review. ok mpi@ bluhm@ jca@
Revision 1.72 / (download) - annotate - [select for diffs], Sun Jan 29 19:58:47 2017 UTC (7 years, 4 months ago) by bluhm
Branch: MAIN
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
Revision 1.71 / (download) - annotate - [select for diffs], Thu Dec 22 11:04:44 2016 UTC (7 years, 5 months ago) by rzalamena
Branch: MAIN
Changes since 1.70: +1 -11 lines
Diff to previous 1.70 (colored)
Remove PIM support from the multicast stack. ok mpi@
Revision 1.70 / (download) - annotate - [select for diffs], Thu Dec 3 21:57:59 2015 UTC (8 years, 6 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)
Get rid of rt_mask() and stop allocating a "struct sockaddr" for every route entry in ART. rt_plen() now represents the prefix length of a route entry and should be used instead. For now use a "struct sockaddr_in6" to represent the mask when needed, this should be then replaced by the prefix length and RTA_NETMASK only used for compatibility with userland. ok claudio@
Revision 1.69 / (download) - annotate - [select for diffs], Thu Dec 3 12:42:03 2015 UTC (8 years, 6 months ago) by goda
Branch: MAIN
Changes since 1.68: +13 -1 lines
Diff to previous 1.68 (colored)
Implement etherip(4) driver This commit is not removing the existing EtherIP part of gif(4) and it keeps EtherIP of gif(4) working. ok jbg@ sthen@ mpi@ reyk@ yasuoka@
Revision 1.68 / (download) - annotate - [select for diffs], Wed Oct 7 10:50:35 2015 UTC (8 years, 8 months ago) by mpi
Branch: MAIN
Changes since 1.67: +3 -3 lines
Diff to previous 1.67 (colored)
Initialize the routing table before domains. The routing table is not an optional component of the network stack and initializing it inside the "routing domain" requires some ugly introspection in the domain interface. This put the rtable* layer at the same level of the if* level. These two subsystem are organized around the two global data structure used in the network stack: - the global &ifnet list, to be used in process context only, and - the routing table which can be read in interrupt context. This change makes the rtable_* layer domain-aware and extends the "struct domain" such that INET, INET6 and MPLS can specify the length of the binary key used in lookups. This allows us to keep, or move towards, AF-free route and rtable layers. While here stop the madness and pass the size of the maximum key length in *byte* to rn_inithead0(). ok claudio@, mikeb@
Revision 1.67 / (download) - annotate - [select for diffs], Mon Sep 28 08:32:05 2015 UTC (8 years, 8 months ago) by mpi
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)
Merge gif(4)'s tentacles in a single file. Tested by <mxb AT alumni DOT chalmers DOT se>. ok dlg@
Revision 1.66 / (download) - annotate - [select for diffs], Fri Sep 4 08:43:39 2015 UTC (8 years, 9 months ago) by mpi
Branch: MAIN
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)
Make every subsystem using a radix tree call rn_init() and pass the length of the key as argument. This way every consumer of the radix tree has a chance to explicitly initialize the shared data structures and no longer rely on another subsystem to do the initialization. As a bonus ``dom_maxrtkey'' is no longer used an die. ART kernels should now be fully usable because pf(4) and IPSEC properly initialized the radix tree. ok chris@, reyk@
Revision 1.65 / (download) - annotate - [select for diffs], Sun Aug 30 10:39:16 2015 UTC (8 years, 9 months ago) by mpi
Branch: MAIN
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored)
Use a global table for domains instead of building a list at run time. As a side effect there's no need to run if_attachdomain() after the list of domains has been built. ok claudio@, reyk@
Revision 1.64 / (download) - annotate - [select for diffs], Sat Jul 18 15:51:17 2015 UTC (8 years, 10 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.63: +3 -10 lines
Diff to previous 1.63 (colored)
Abstract the routing table internals behind an rtable_* API. Code abusing the radix internals for the routing table should now includes <net/rtable.h> and only deal with "struct rtentry". Code using a radix tree for another purpose can still include <net/radix.h>. Inputs from and ok claudio@, mikeb@
Revision 1.63 / (download) - annotate - [select for diffs], Fri Dec 5 15:50:04 2014 UTC (9 years, 6 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.62: +2 -1 lines
Diff to previous 1.62 (colored)
Explicitly include <net/if_var.h> instead of pulling it in <net/if.h>. ok mikeb@, krw@, bluhm@, tedu@
Revision 1.62 / (download) - annotate - [select for diffs], Thu Nov 20 14:51:42 2014 UTC (9 years, 6 months ago) by krw
Branch: MAIN
Changes since 1.61: +1 -4 lines
Diff to previous 1.61 (colored)
Yet more #include de-duplication. ok deraadt@ tedu@
Revision 1.61 / (download) - annotate - [select for diffs], Tue Jul 22 11:06:10 2014 UTC (9 years, 10 months ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.60: +1 -2 lines
Diff to previous 1.60 (colored)
Fewer <netinet/in_systm.h> !
Revision 1.60 / (download) - annotate - [select for diffs], Tue Dec 17 02:41:07 2013 UTC (10 years, 5 months ago) by matthew
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)
Change ip_output()'s non-optional arguments to be standard arguments instead of variable arguments. Allows stricter type checking by the compiler at call sites and also saves a bit of code size on some platforms (e.g., ~200 bytes on amd64). ok mikeb
Revision 1.59 / (download) - annotate - [select for diffs], Wed Apr 24 10:17:08 2013 UTC (11 years, 1 month ago) by mpi
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)
Instead of having various extern declarations for protocol variables, declare them once in their corresponding header file.
Revision 1.58 / (download) - annotate - [select for diffs], Thu Jan 17 16:30:10 2013 UTC (11 years, 4 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)
Expand the socket splicing functionality from TCP to UDP. Merge the code relevant for UDP from sosend() and soreceive() into somove(). That allows the kernel to directly transfer the UDP data from one socket to another. OK claudio@
Revision 1.57 / (download) - annotate - [select for diffs], Mon Oct 15 11:11:32 2012 UTC (11 years, 7 months ago) by mikeb
Branch: MAIN
Changes since 1.56: +1 -23 lines
Diff to previous 1.56 (colored)
Another 'notyet' is being promoted to 'notever'. An NSC HYPERchannel remnant from the CSRG times bites the dust. ok deraadt, reyk
Revision 1.56 / (download) - annotate - [select for diffs], Thu Mar 31 10:36:42 2011 UTC (13 years, 2 months ago) by jasper
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)
- use nitems(); no binary change ok claudio@
Revision 1.55 / (download) - annotate - [select for diffs], Fri Jan 7 17:50:42 2011 UTC (13 years, 5 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)
Add socket option SO_SPLICE to splice together two TCP sockets. The data received on the source socket will automatically be sent on the drain socket. This allows to write relay daemons with zero data copy. ok markus@
Revision 1.54 / (download) - annotate - [select for diffs], Sun Aug 29 09:24:38 2010 UTC (13 years, 9 months ago) by gollo
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
Fix kernel compiling with disabled IPSEC and enabled GIF/MPLS OK: claudio@, bob@, sthen@, thib@
Revision 1.53 / (download) - annotate - [select for diffs], Tue May 11 09:36:07 2010 UTC (14 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.52: +15 -8 lines
Diff to previous 1.52 (colored)
Massiv cleanup of the gif(4) mess. Move encapsulation into gif_output() where it is not necessary to guess protocols by looking at the first nibble. in_gif_output() will encapsulate the packet but not send it. Because of etherip support and the way the bridge works a minimal hack is needed in gif_start() to ensure that the bridged packets are encapsulated as well. This actually started with the idea to add MPLS support but that turned out to be not as simple as in the gre(4) case. Tested by myself (IP, IPv6, etherip, MPLS), sthen@ (IP, IPv6), naddy (IPv6) OK sthen@
Revision 1.52 / (download) - annotate - [select for diffs], Tue Jan 12 23:33:24 2010 UTC (14 years, 5 months ago) by yasuoka
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)
Add input and user protocol hook to handle GRE packets by pipex. ok @dlg
Revision 1.51 / (download) - annotate - [select for diffs], Sun Oct 4 16:08:37 2009 UTC (14 years, 8 months ago) by michele
Branch: MAIN
Changes since 1.50: +13 -1 lines
Diff to previous 1.50 (colored)
Add (again) support for divert sockets. They allow you to: - queue packets from pf(4) to a userspace application - reinject packets from the application into the kernel stack. The divert socket can be bound to a special "divert port" and will receive every packet diverted to that port by pf(4). The pf syntax is pretty simple, e.g.: pass on em0 inet proto tcp from any to any port 80 divert-packet port 1 A lot of discussion have happened since my last commit that resulted in many changes and improvements. I would *really* like to thank everyone who took part in the discussion especially canacar@ who spotted out which are the limitations of this approach. OpenBSD divert(4) is meant to be compatible with software running on top of FreeBSD's divert sockets even though they are pretty different and will become even more with time. discusses with many, but mainly reyk@ canacar@ deraadt@ dlg@ claudio@ beck@ tested by reyk@ and myself ok reyk@ claudio@ beck@ manpage help and ok by jmc@
Revision 1.50 / (download) - annotate - [select for diffs], Tue Sep 8 17:52:17 2009 UTC (14 years, 9 months ago) by michele
Branch: MAIN
Changes since 1.49: +0 -6 lines
Diff to previous 1.49 (colored)
I had not enough oks to commit this diff. Sorry.
Revision 1.49 / (download) - annotate - [select for diffs], Tue Sep 8 17:00:41 2009 UTC (14 years, 9 months ago) by michele
Branch: MAIN
Changes since 1.48: +7 -1 lines
Diff to previous 1.48 (colored)
Add support for divert sockets. They allow you to: - queue packets from pf(4) to a userspace application - reinject packets from the application into the kernel stack. The divert socket can be bound to a special "divert port" and will receive every packet diverted to that port by pf(4). The pf syntax is pretty simple, e.g.: pass on em0 inet proto tcp from any to any port 80 divert-packet port 8000 test, bugfix and ok by reyk@ manpage help and ok by jmc@ no objections from many others.
Revision 1.48 / (download) - annotate - [select for diffs], Tue May 6 08:47:35 2008 UTC (16 years, 1 month ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
remove tcp_drain code since it's not longer used; ok henning, feedback thib
Revision 1.47 / (download) - annotate - [select for diffs], Fri Dec 14 18:33:40 2007 UTC (16 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.46: +4 -4 lines
Diff to previous 1.46 (colored)
add sysctl entry points into various network layers, in particular to provide netstat(1) with data it needs; ok claudio reyk
Revision 1.46 / (download) - annotate - [select for diffs], Wed Jun 6 09:58:12 2007 UTC (17 years ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.45: +1 -13 lines
Diff to previous 1.45 (colored)
remove ifdef'd out ipx-in-ip registration
Revision 1.45 / (download) - annotate - [select for diffs], Fri Dec 23 13:01:23 2005 UTC (18 years, 5 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0,
OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.44: +1 -5 lines
Diff to previous 1.44 (colored)
Remove unnecessary #ifdef MROUTING blocks. OK brad@ markus@
Revision 1.44 / (download) - annotate - [select for diffs], Thu Jul 14 02:09:46 2005 UTC (18 years, 11 months ago) by uwe
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.43: +3 -15 lines
Diff to previous 1.43 (colored)
More netccitt and netns removals; OK henning, brad, mickey
Revision 1.43 / (download) - annotate - [select for diffs], Fri Jan 14 14:51:27 2005 UTC (19 years, 5 months ago) by mcbride
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.42: +11 -1 lines
Diff to previous 1.42 (colored)
Add kernel support for Protocol Independant Multicast (PIM) Information: http://netweb.usc.edu/pim/ From Pavlin Radoslavov <pavlin@icir.org> ok deraadt@ brad@
Revision 1.42 / (download) - annotate - [select for diffs], Tue Dec 7 20:38:47 2004 UTC (19 years, 6 months ago) by mcbride
Branch: MAIN
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
Convert carp(4) to behave more like a regular interface, much in the same style as vlan(4). carp interfaces no longer require the physical interface to be on the same subnet as the carp interface, or even that the physical interface has an adress at all, so CARP can now be used on /30 networks. ok deraadt@ henning@
Revision 1.41 / (download) - annotate - [select for diffs], Fri Sep 17 11:32:53 2004 UTC (19 years, 8 months ago) by msf
Branch: MAIN
Changes since 1.40: +1 -13 lines
Diff to previous 1.40 (colored)
Remove option EON from kernel and options(4) ok henning@
Revision 1.40 / (download) - annotate - [select for diffs], Sat Jul 17 13:24:58 2004 UTC (19 years, 10 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.39: +1 -13 lines
Diff to previous 1.39 (colored)
netiso traces hide everywhere... millert ok
Revision 1.25.2.7 / (download) - annotate - [select for diffs], Sat Jun 5 23:11:25 2004 UTC (20 years ago) by niklas
Branch: SMP
Changes since 1.25.2.6: +10 -1 lines
Diff to previous 1.25.2.6 (colored) to branchpoint 1.25 (colored) next main 1.26 (colored)
Merge with the trunk
Revision 1.39 / (download) - annotate - [select for diffs], Sun Apr 25 02:48:04 2004 UTC (20 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: SMP_SYNC_B,
SMP_SYNC_A
Changes since 1.38: +11 -2 lines
Diff to previous 1.38 (colored)
radix tree with multipath support. from kame. deraadt ok user visible changes: - you can add multiple routes with same key (route add A B then route add A C) - you have to specify gateway address if there are multiple entries on the table (route delete A B, instead of route delete A) kernel change: - radix_node_head has an extra entry - rnh_deladdr takes extra argument TODO: - actually take advantage of multipath (rtalloc -> rtalloc_mpath)
Revision 1.25.2.6 / (download) - annotate - [select for diffs], Thu Feb 19 10:57:23 2004 UTC (20 years, 3 months ago) by niklas
Branch: SMP
Changes since 1.25.2.5: +26 -1 lines
Diff to previous 1.25.2.5 (colored) to branchpoint 1.25 (colored)
Merge of current from two weeks agointo the SMP branch
Revision 1.38 / (download) - annotate - [select for diffs], Mon Dec 15 07:11:30 2003 UTC (20 years, 6 months ago) by mcbride
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.37: +14 -1 lines
Diff to previous 1.37 (colored)
Add initial support for pf state synchronization over the network. Implemented as an in-kernel multicast IP protocol. Turn it on like this: # ifconfig pfsync0 up syncif fxp0 There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls. NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers. Much more to come. ok deraadt@
Revision 1.37 / (download) - annotate - [select for diffs], Fri Oct 17 21:04:58 2003 UTC (20 years, 7 months ago) by mcbride
Branch: MAIN
Changes since 1.36: +13 -1 lines
Diff to previous 1.36 (colored)
Common Address Redundancy Protocol Allows multiple hosts to share an IP address, providing high availability and load balancing. Based on code by mickey@, with additional help from markus@ and Marco_Pfatschbacher@genua.de ok deraadt@
Revision 1.25.2.5 / (download) - annotate - [select for diffs], Sat Jun 7 11:06:08 2003 UTC (21 years ago) by ho
Branch: SMP
Changes since 1.25.2.4: +2 -6 lines
Diff to previous 1.25.2.4 (colored) to branchpoint 1.25 (colored)
Sync SMP branch to -current
Revision 1.36 / (download) - annotate - [select for diffs], Mon Jun 2 23:28:14 2003 UTC (21 years ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.35: +2 -6 lines
Diff to previous 1.35 (colored)
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
Revision 1.25.2.4 / (download) - annotate - [select for diffs], Fri Mar 28 00:06:54 2003 UTC (21 years, 2 months ago) by niklas
Branch: SMP
Changes since 1.25.2.3: +7 -7 lines
Diff to previous 1.25.2.3 (colored) to branchpoint 1.25 (colored)
Sync the SMP branch with 3.3
Revision 1.32.4.3 / (download) - annotate - [select for diffs], Tue Oct 29 00:36:47 2002 UTC (21 years, 7 months ago) by art
Branch: UBC
Changes since 1.32.4.2: +8 -8 lines
Diff to previous 1.32.4.2 (colored) to branchpoint 1.32 (colored) next main 1.33 (colored)
sync to -current
Revision 1.32.4.2 / (download) - annotate - [select for diffs], Tue Jun 11 03:31:36 2002 UTC (22 years ago) by art
Branch: UBC
Changes since 1.32.4.1: +2 -2 lines
Diff to previous 1.32.4.1 (colored) to branchpoint 1.32 (colored)
Sync UBC branch to -current
Revision 1.35 / (download) - annotate - [select for diffs], Sun Jun 9 16:26:10 2002 UTC (22 years ago) by itojun
Branch: MAIN
CVS Tags: UBC_SYNC_B,
UBC_SYNC_A,
OPENBSD_3_3_BASE,
OPENBSD_3_3,
OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.34: +8 -8 lines
Diff to previous 1.34 (colored)
whitespace
Revision 1.25.2.3 / (download) - annotate - [select for diffs], Wed Mar 6 02:15:07 2002 UTC (22 years, 3 months ago) by niklas
Branch: SMP
Changes since 1.25.2.2: +3 -3 lines
Diff to previous 1.25.2.2 (colored) to branchpoint 1.25 (colored)
Merge in trunk
Revision 1.34 / (download) - annotate - [select for diffs], Fri Mar 1 22:29:29 2002 UTC (22 years, 3 months ago) by provos
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)
remove tcp_fasttimo and convert delayed acks to the timeout(9) API instead. adapated from netbsd. okay angelos@
Revision 1.32.4.1 / (download) - annotate - [select for diffs], Thu Jan 31 22:55:45 2002 UTC (22 years, 4 months ago) by niklas
Branch: UBC
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
Merge in -current, builds on i386, otherwise untested
Revision 1.33 / (download) - annotate - [select for diffs], Sat Jan 12 00:51:59 2002 UTC (22 years, 5 months ago) by ericj
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
add rediraccept and redirtimeout sysctl's. rediraccept allows one to ignore ICMP_REDIRECT redirtimeout sets a timeout on the routing entries pretaining to ICMP_REDIRECT, this timeout is defaulted to 10 minutes. (same as ipv6) From NetBSD. millert@ ok
Revision 1.25.2.2 / (download) - annotate - [select for diffs], Wed Oct 31 03:29:03 2001 UTC (22 years, 7 months ago) by nate
Branch: SMP
Changes since 1.25.2.1: +6 -1 lines
Diff to previous 1.25.2.1 (colored) to branchpoint 1.25 (colored)
Sync the SMP branch to something just after 3.0
Revision 1.32 / (download) - annotate - [select for diffs], Wed Aug 8 15:07:04 2001 UTC (22 years, 10 months ago) by jjbg
Branch: MAIN
CVS Tags: UBC_BASE,
OPENBSD_3_0_BASE,
OPENBSD_3_0
Branch point for: UBC
Changes since 1.31: +1 -3 lines
Diff to previous 1.31 (colored)
Remove IPCOMP option, it's now part of IPSEC option. You still need to enable ipcomp via sysctl to use it. deraadt@ ok.
Revision 1.31 / (download) - annotate - [select for diffs], Thu Jul 5 16:45:54 2001 UTC (22 years, 11 months ago) by jjbg
Branch: MAIN
Changes since 1.30: +8 -1 lines
Diff to previous 1.30 (colored)
IPComp support. angelos@ ok.
Revision 1.25.2.1 / (download) - annotate - [select for diffs], Wed Jul 4 10:54:34 2001 UTC (22 years, 11 months ago) by niklas
Branch: SMP
Changes since 1.25: +43 -28 lines
Diff to previous 1.25 (colored)
Merge in -current from two days ago in the SMP branch. As usual with merges, they do not indicate progress, so do not hold your breath for working SMP, and do not mail me and ask about the state of it. It has not changed. There is work ongoing, but very, very slowly. The commit is done in parts as to not lock up the tree in too big chunks at a time.
Revision 1.30 / (download) - annotate - [select for diffs], Sun Jun 24 18:22:47 2001 UTC (22 years, 11 months ago) by provos
Branch: MAIN
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
path mtu discovery for ipsec. on receiving a need fragment icmp match against active tdb and store the ipsec header size corrected mtu
Revision 1.29 / (download) - annotate - [select for diffs], Fri Jun 8 03:53:45 2001 UTC (23 years ago) by angelos
Branch: MAIN
Changes since 1.28: +2 -6 lines
Diff to previous 1.28 (colored)
Cut down on include files.
Revision 1.28 / (download) - annotate - [select for diffs], Tue Jun 5 02:31:35 2001 UTC (23 years ago) by deraadt
Branch: MAIN
Changes since 1.27: +38 -14 lines
Diff to previous 1.27 (colored)
repair copyright notices for NRL & cmetz; cmetz
Revision 1.27 / (download) - annotate - [select for diffs], Wed May 30 02:12:27 2001 UTC (23 years ago) by deraadt
Branch: MAIN
Changes since 1.26: +1 -6 lines
Diff to previous 1.26 (colored)
Remove ipf. Darren Reed has interpreted his (old, new, whichever) licence in a way that makes ipf not free according to the rules we established over 5 years ago, at www.openbsd.org/goals.html (and those same basic rules govern the other *BSD projects too). Specifically, Darren says that modified versions are not permitted. But software which OpenBSD uses and redistributes must be free to all (be they people or companies), for any purpose they wish to use it, including modification, use, peeing on, or even integration into baby mulching machines or atomic bombs to be dropped on Australia. Furthermore, we know of a number of companies using ipf with modification like us, who are now in the same situation, and we hope that some of them will work with us to fill this gap that now exists in OpenBSD (temporarily, we hope).
Revision 1.26 / (download) - annotate - [select for diffs], Fri May 25 22:08:23 2001 UTC (23 years ago) by itojun
Branch: MAIN
Changes since 1.25: +3 -3 lines
Diff to previous 1.25 (colored)
recover old acecept(2) behavior (no ECONNABORTED) for unix domain socket. it is to be friendly with postfix daemon-to-daemon communication (not 100% sure if which behavior is correct, specwise). patch similar to netbsd.
Revision 1.25 / (download) - annotate - [select for diffs], Thu Jan 27 08:09:08 2000 UTC (24 years, 4 months ago) by angelos
Branch: MAIN
CVS Tags: SMP_BASE,
OPENBSD_2_9_BASE,
OPENBSD_2_9,
OPENBSD_2_8_BASE,
OPENBSD_2_8,
OPENBSD_2_7_BASE,
OPENBSD_2_7
Branch point for: SMP
Changes since 1.24: +3 -5 lines
Diff to previous 1.24 (colored)
Merge "old" and "new" ESP and AH in two files (one for each). Fix a couple of buglets with ingress flow deletion. tcpdump on enc0 should now show all outgoing packets *before* being processed, and all incoming packets *after* being processed. Good to be in Canada (land of the free commits).
Revision 1.24 / (download) - annotate - [select for diffs], Fri Jan 21 03:15:05 2000 UTC (24 years, 4 months ago) by angelos
Branch: MAIN
Changes since 1.23: +4 -4 lines
Diff to previous 1.23 (colored)
Rename the ip4_* routines to ipip_*, make it so GIF tunnels are not affected by net.inet.ipip.allow (the sysctl formerly known as net.inet.ip4.allow), rename the VIF ipip_input to ipip_mroute_input.
Revision 1.23 / (download) - annotate - [select for diffs], Mon Jan 17 05:17:24 2000 UTC (24 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.22: +6 -6 lines
Diff to previous 1.22 (colored)
fix "traceroute -P 41", outgoing side. incoming side needs fix in ip4_input(). Requested from: Niels Provos <provos@citi.umich.edu>
Revision 1.22 / (download) - annotate - [select for diffs], Tue Jan 11 07:57:23 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.21: +1 -3 lines
Diff to previous 1.21 (colored)
The entry for IP4 should always be there.
Revision 1.21 / (download) - annotate - [select for diffs], Fri Jan 7 21:38:01 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.20: +19 -43 lines
Diff to previous 1.20 (colored)
GRE/MobileIP input routine processing, from NetBSD (with a few changes). Also, minor cleanup in in_proto.c
Revision 1.20 / (download) - annotate - [select for diffs], Sun Jan 2 09:06:11 2000 UTC (24 years, 5 months ago) by angelos
Branch: MAIN
Changes since 1.19: +3 -5 lines
Diff to previous 1.19 (colored)
Fix non-IPSEC kernel compilation (or part of it).
Revision 1.19 / (download) - annotate - [select for diffs], Tue Dec 21 11:11:16 1999 UTC (24 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.18: +6 -1 lines
Diff to previous 1.18 (colored)
fix non-IPsec compilation. (too complex #ifdef...)
Revision 1.18 / (download) - annotate - [select for diffs], Tue Dec 21 09:00:52 1999 UTC (24 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.17: +7 -9 lines
Diff to previous 1.17 (colored)
reuse encapsulate/decapsulate routine in ip_ip4.c from gif interface (outer=IPv4 case). tested with (inner=IPv6, outer=IPv4) case. BUG ALERT: in_gif_output() assumes about ipe4_output()'s behavior too much. I mean, "tdb" is configured with certain knowledge about ipe4_output()'s behavior.
Revision 1.17 / (download) - annotate - [select for diffs], Thu Dec 9 03:46:59 1999 UTC (24 years, 6 months ago) by angelos
Branch: MAIN
Changes since 1.16: +9 -2 lines
Diff to previous 1.16 (colored)
We can't use the gif interface input routine for IPIP/IP6IP encapsulation.
Revision 1.16 / (download) - annotate - [select for diffs], Wed Dec 8 06:50:19 1999 UTC (24 years, 6 months ago) by itojun
Branch: MAIN
CVS Tags: kame_19991208
Changes since 1.15: +69 -4 lines
Diff to previous 1.15 (colored)
bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details. GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
Revision 1.15 / (download) - annotate - [select for diffs], Thu Oct 28 03:21:51 1999 UTC (24 years, 7 months ago) by angelos
Branch: MAIN
Changes since 1.14: +9 -1 lines
Diff to previous 1.14 (colored)
Add IPPROTO_ETHERIP in the protocol switch; comment out INET6 IPv4-IPv4 handling that was re-using ipv4_input() instead of using ip4_input() from netinet/ip_ip4.c
Revision 1.14 / (download) - annotate - [select for diffs], Tue Apr 20 20:06:11 1999 UTC (25 years, 1 month ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.13: +3 -9 lines
Diff to previous 1.13 (colored)
Merge MROUTING and IPSEC wrt handling of IP-in-IP tunnelled packets. Fix a panic case in the MROUTING code too. Drop M_TUNNEL support, nothing ever uses it.
Revision 1.13 / (download) - annotate - [select for diffs], Sun Apr 11 19:41:36 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5
Changes since 1.12: +5 -10 lines
Diff to previous 1.12 (colored)
Introduce net.inet.{ah,esp}.enable sysctl controls that are off by default. If you are going to use either of AH or ESP or both, enable these in /etc/sysctl.conf. Also correct the IPSec debugging sysctl code, it is now named net.inet.ip.encdebug. Some corrected function signatures too.
Revision 1.12 / (download) - annotate - [select for diffs], Fri Apr 9 23:28:45 1999 UTC (25 years, 2 months ago) by niklas
Branch: MAIN
Changes since 1.11: +3 -2 lines
Diff to previous 1.11 (colored)
The kernel parts of a sysctl that can switch on/off IP-in-IP (protocol 4) support, when IPSEC is compiled in. The default is disabled. Turn on with: sysctl -w net.inet.ip4.allow=1 ***Only*** do this if you are really knowing what you do! This control does not control the tunnel modes of ESP and AH.
Revision 1.11 / (download) - annotate - [select for diffs], Wed Feb 24 22:32:58 1999 UTC (25 years, 3 months ago) by angelos
Branch: MAIN
Changes since 1.10: +1 -2 lines
Diff to previous 1.10 (colored)
Remove encap.h include; saner debugging printfs; fix buglets; work with pfkeyv2.
Revision 1.10 / (download) - annotate - [select for diffs], Fri Jan 8 01:00:34 1999 UTC (25 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.9: +31 -1 lines
Diff to previous 1.9 (colored)
INET6 hooks; NRL/cmetz
Revision 1.9 / (download) - annotate - [select for diffs], Thu Jul 30 03:53:22 1998 UTC (25 years, 10 months ago) by angelos
Branch: MAIN
CVS Tags: OPENBSD_2_4_BASE,
OPENBSD_2_4
Changes since 1.8: +5 -5 lines
Diff to previous 1.8 (colored)
Forgot this one with the previous batch of commits; use ip4_input() instead of ipip_input() whenever possible, it seems more stable.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Mar 18 10:16:25 1998 UTC (26 years, 3 months ago) by provos
Branch: MAIN
CVS Tags: OPENBSD_2_3_BASE,
OPENBSD_2_3
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)
Fix tunnel mode input processing (use ip4_input instead of ipe4_input), fix some old code leftovers in ah_new_input (adjust to variable hash length), avoid double ip encapsulation in tunnel mode. Problems reportd by Petr Novak <petr@internet.cz>.
Revision 1.7 / (download) - annotate - [select for diffs], Thu Feb 20 01:07:46 1997 UTC (27 years, 3 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_2_BASE,
OPENBSD_2_2,
OPENBSD_2_1_BASE,
OPENBSD_2_1
Changes since 1.6: +31 -1 lines
Diff to previous 1.6 (colored)
IPSEC package by John Ioannidis and Angelos D. Keromytis. Written in Greece. From ftp.funet.fi:/pub/unix/security/net/ip/BSDipsec.tar.gz
Revision 1.6 / (download) - annotate - [select for diffs], Tue Oct 8 07:33:25 1996 UTC (27 years, 8 months ago) by niklas
Branch: MAIN
CVS Tags: OPENBSD_2_0_BASE,
OPENBSD_2_0
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
Prototype & Stylistic fixes for high -W gcc levels
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jul 18 05:00:57 1996 UTC (27 years, 11 months ago) by dm
Branch: MAIN
Changes since 1.4: +6 -1 lines
Diff to previous 1.4 (colored)
ipfilter 3.1.0
Revision 1.4 / (download) - annotate - [select for diffs], Wed Apr 24 06:00:43 1996 UTC (28 years, 1 month ago) by mickey
Branch: MAIN
Changes since 1.3: +13 -1 lines
Diff to previous 1.3 (colored)
Add IPXIP entry, to not to get cvs confused in the future.
Revision 1.3 / (download) - annotate - [select for diffs], Mon Mar 4 08:21:53 1996 UTC (28 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)
From NetBSD: Fix PR/2095 options MROUTING did not compile.
Revision 1.2 / (download) - annotate - [select for diffs], Sun Mar 3 22:30:33 1996 UTC (28 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.1: +8 -6 lines
Diff to previous 1.1 (colored)
From NetBSD: 960217 merge
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Oct 18 08:53:11 1995 UTC (28 years, 8 months ago) by deraadt
CVS Tags: netbsd_1_1
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
initial import of NetBSD tree
Revision 1.1 / (download) - annotate - [select for diffs], Wed Oct 18 08:53:11 1995 UTC (28 years, 8 months ago) by deraadt
Branch: MAIN
Initial revision