Allow some nesting of ng_iface(4) interfaces and add a configuration knob.
PR: 235500 MFC after: 1 week
This commit is contained in:
parent
7cdb0b9d82
commit
938864b71b
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=343895
@ -35,7 +35,7 @@
|
|||||||
.\" $FreeBSD$
|
.\" $FreeBSD$
|
||||||
.\" $Whistle: ng_iface.8,v 1.5 1999/01/25 23:46:26 archie Exp $
|
.\" $Whistle: ng_iface.8,v 1.5 1999/01/25 23:46:26 archie Exp $
|
||||||
.\"
|
.\"
|
||||||
.Dd January 12, 2015
|
.Dd February 6, 2019
|
||||||
.Dt NG_IFACE 4
|
.Dt NG_IFACE 4
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
@ -144,6 +144,17 @@ In case when your graph ends up with some kind of serial line, either
|
|||||||
synchronous or modem, the
|
synchronous or modem, the
|
||||||
.Nm
|
.Nm
|
||||||
is the right place to turn ALTQ on.
|
is the right place to turn ALTQ on.
|
||||||
|
.Sh Nesting
|
||||||
|
.Nm
|
||||||
|
supports nesting, a configuration when traffic of one
|
||||||
|
.Nm
|
||||||
|
interface flows through the other.
|
||||||
|
The default maximum allowed nesting level is 2.
|
||||||
|
It can be changed at runtime setting
|
||||||
|
.Xr sysctl 8
|
||||||
|
variable
|
||||||
|
.Va net.graph.iface.max_nesting
|
||||||
|
to the desired level of nesting.
|
||||||
.Sh SEE ALSO
|
.Sh SEE ALSO
|
||||||
.Xr altq 4 ,
|
.Xr altq 4 ,
|
||||||
.Xr bpf 4 ,
|
.Xr bpf 4 ,
|
||||||
@ -151,6 +162,7 @@ is the right place to turn ALTQ on.
|
|||||||
.Xr ng_cisco 4 ,
|
.Xr ng_cisco 4 ,
|
||||||
.Xr ifconfig 8 ,
|
.Xr ifconfig 8 ,
|
||||||
.Xr ngctl 8
|
.Xr ngctl 8
|
||||||
|
.Xr sysctl
|
||||||
.Sh HISTORY
|
.Sh HISTORY
|
||||||
The
|
The
|
||||||
.Nm iface
|
.Nm iface
|
||||||
|
@ -68,6 +68,7 @@
|
|||||||
#include <sys/rmlock.h>
|
#include <sys/rmlock.h>
|
||||||
#include <sys/sockio.h>
|
#include <sys/sockio.h>
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
|
#include <sys/sysctl.h>
|
||||||
#include <sys/syslog.h>
|
#include <sys/syslog.h>
|
||||||
#include <sys/libkern.h>
|
#include <sys/libkern.h>
|
||||||
|
|
||||||
@ -92,6 +93,13 @@ static MALLOC_DEFINE(M_NETGRAPH_IFACE, "netgraph_iface", "netgraph iface node");
|
|||||||
#define M_NETGRAPH_IFACE M_NETGRAPH
|
#define M_NETGRAPH_IFACE M_NETGRAPH
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
static SYSCTL_NODE(_net_graph, OID_AUTO, iface, CTLFLAG_RW, 0,
|
||||||
|
"Point to point netgraph interface");
|
||||||
|
VNET_DEFINE_STATIC(int, ng_iface_max_nest) = 2;
|
||||||
|
#define V_ng_iface_max_nest VNET(ng_iface_max_nest)
|
||||||
|
SYSCTL_INT(_net_graph_iface, OID_AUTO, max_nesting, CTLFLAG_VNET | CTLFLAG_RW,
|
||||||
|
&VNET_NAME(ng_iface_max_nest), 0, "Max nested tunnels");
|
||||||
|
|
||||||
/* This struct describes one address family */
|
/* This struct describes one address family */
|
||||||
struct iffam {
|
struct iffam {
|
||||||
sa_family_t family; /* Address family */
|
sa_family_t family; /* Address family */
|
||||||
@ -355,7 +363,8 @@ ng_iface_output(struct ifnet *ifp, struct mbuf *m,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Protect from deadly infinite recursion. */
|
/* Protect from deadly infinite recursion. */
|
||||||
error = if_tunnel_check_nesting(ifp, m, NGM_IFACE_COOKIE, 1);
|
error = if_tunnel_check_nesting(ifp, m, NGM_IFACE_COOKIE,
|
||||||
|
V_ng_iface_max_nest);
|
||||||
if (error) {
|
if (error) {
|
||||||
m_freem(m);
|
m_freem(m);
|
||||||
return (error);
|
return (error);
|
||||||
|
Loading…
Reference in New Issue
Block a user