Commit Graph

69 Commits

Author SHA1 Message Date
ume
f42236b6b4 Make ip6fw zero work.
PR:		bin/20522
2000-08-10 20:41:33 +00:00
peter
b7f2298948 GRRR! Fix the 'panic: ip6_init' caused by darrenr's incomplete changes
for the pfil hooks.  The protosw and ip6protosw structures were out of
sync with each other. :-(
2000-08-02 01:02:42 +00:00
darrenr
15d51f1af8 activate pfil_hooks and covert ipfilter to use it 2000-07-31 13:11:42 +00:00
itojun
f02f494cc7 s/IPSEC_IPV6FWD/IPSEC/. this avoids unexpected behavior on ipv6 fowarding.
(even if you ask for tunnel-mode encryption packets will go out in clear)
sync with kame.
2000-07-16 07:56:54 +00:00
itojun
11dc2aeee2 remove m_pulldown statistics, which is highly experimental and does not
belong to *bsd-merged tree
2000-07-12 16:39:13 +00:00
itojun
6d7ecaafbb correct rtentry reference count in in6_ifloop_request().
if you reconfigure inet6 too much, the reference count can go
into negative by mistake.  KAME in6.c 1.98 -> 1.99.
2000-07-12 05:20:41 +00:00
grog
3f9910e628 Suppress a warning message about trigraphs.
Approved-by: itojun
2000-07-07 04:09:51 +00:00
itojun
75f2912ef1 add list of KAME files - may not be 100% correct 2000-07-05 19:05:19 +00:00
itojun
b3718c2652 split net.inet6.ip6.rtexpire (and others) from net.inet.ip.*.
From: Andrzej Bialecki <abial@webgiro.com>
2000-07-05 01:40:29 +00:00
itojun
971489845b correct compilation with IPSEC_IPV6FWD.
From: Ollivier Robert <roberto@keltia.freenix.fr>
2000-07-05 01:14:45 +00:00
itojun
7babc58a35 sync with kame tree as of july00. tons of bug fixes/improvements.
API changes:
- additional IPv6 ioctls
- IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8).
  (also syntax change)
2000-07-04 16:35:15 +00:00
phk
29e5a8dc50 Previous commit changing SYSCTL_HANDLER_ARGS violated KNF.
Pointed out by:	bde
2000-07-04 11:25:35 +00:00
phk
b09ca1a9bb Style police catches up with rev 1.26 of src/sys/sys/sysctl.h:
Sanitize SYSCTL_HANDLER_ARGS so that simplistic tools can grog our
sources:

        -sysctl_vm_zone SYSCTL_HANDLER_ARGS
        +sysctl_vm_zone (SYSCTL_HANDLER_ARGS)
2000-07-03 09:35:31 +00:00
ume
ea69c418ff Inhibit successful DAD messages and "no default interface" messages.
It seems that people find them too noisy.
(ND6_DEBUG will enable them)

Obtained from:	KAME Project
2000-06-22 19:04:41 +00:00
itojun
975250ce54 correct bad TTL with packets generated by v4 mapped udp. from kame 2000-06-22 16:48:59 +00:00
jake
5e208b0c18 Back out the previous change to the queue(3) interface.
It was not discussed and should probably not happen.

Requested by:		msmith and others
2000-05-26 02:09:24 +00:00
archie
d6172f3d67 Just need to pass the address family to if_simloop(), not the whole sockaddr. 2000-05-24 21:16:56 +00:00
jake
1d685644e0 Change the way that the queue(3) structures are declared; don't assume that
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
2000-05-23 20:41:01 +00:00
bde
1171526deb Fixed missing prototype for inet6_rthdr_reverse(). 2000-05-11 16:57:45 +00:00
ps
ae7066d440 Add missing include machine/in_cksum.h.
Submitted by:	n_hibma
2000-05-09 16:56:51 +00:00
phk
d7e981e734 Remove unneeded #include <sys/kernel.h> 2000-04-29 15:36:14 +00:00
phk
43018e3fb6 Remove ~25 unneeded #include <sys/conf.h>
Remove ~60 unneeded #include <sys/malloc.h>
2000-04-19 14:58:28 +00:00
sumikawa
9cfe1d9943 even if nd6_nud_hint is called, do not change a neighbor's status
unless the old status is probably reachable (i.e. the link-layer address
has already been resolved).

Obtained from:	KAME Project
2000-04-17 20:24:06 +00:00
shin
9c5b4ed6cb Support per socket based IPv4 mapped IPv6 addr enable/disable control.
Submitted by: ume
2000-04-01 22:35:47 +00:00
green
c94880b6e7 in6_pcb.c:
Remove a bogus (redundant, just weird, etc.) key_freeso(so).
	There are no consumers of it now, nor does it seem there
	ever will be.

in6?_pcb.c:
	Add an if (inp->in6?p_sp != NULL) before the call to
	ipsec[46]_delete_pcbpolicy(inp).  In low-memory conditions
	this can cause a crash because in6?_sp can be NULL...
2000-03-22 02:27:30 +00:00
shin
caf0de77a2 Backout the previous change to __KAME_VERSION (FreeBSD4.x addition),
because this is now 5.0-current.
2000-03-13 10:07:30 +00:00
shin
88c7b24d55 Change __KAME_VERSION value. Added the word "FreeBSD4.x" to identify the
system with other platform and/or other version of FreeBSD, which is also
integrated KAME code based on another date.

Approved by: jkh
2000-03-12 20:27:26 +00:00
shin
bca85718e8 Forbid include of netinet6/ip6.h from user-land, and if included,
print an error message which say, "include netinet/ip6.h".
This is postponed to apply to avoid tcpdump compile error.
Now apply this because tcpdump has been already fixed.

Approved by: jkh

Obtained from: KAME project
2000-03-11 20:44:53 +00:00
shin
001b19366d Replace m_pkthdr.rcvif with oif when oif is not NULL, to count
icmp6 error statistics based on sending interface.
This also prevent kernel panic when rcvif is not initialized after M_PKTHDR().
(The initialization issue also need to be fixed in the future.)

Approved by: jkh

Submitted by: k-sugyou@kame.net
2000-03-11 20:03:22 +00:00
shin
b26783ad69 Initialize mbuf pointer at getting ipsec policy.
Without this, kernel will panic at getsockopt() of IPSEC_POLICY.
Also make compilable libipsec/test-policy.c which tries getsockopt() of
IPSEC_POLICY.

Approved by: jkh

Submitted by: sakane@kame.net
2000-03-09 14:57:16 +00:00
shin
28ca97aab9 Update icmp node info query message bit order of query types,
according to draft-ietf-ipngwg-icmp-name-lookups-04 to 05 change.
This is necessary before 4.0, because,
  -This change is non backword compatible
  -Other KAME derived platforms applied 05
  -Author of the draft said he never do backword imcompatible changes
   again.

Approved by: jkh

Obtained from: KAME project
2000-03-09 14:47:21 +00:00
shin
d72ee94428 CMSG_XXX macros alignment fixes to follow RFC2292.
Approved by: jkh

Submitted by: Partly from tech@openbsd
Reviewed by: itojun
2000-03-03 11:13:12 +00:00
shin
e40eef5f33 At detaching IPv6 raw socket, also finish IPv6 multicast router.
Approved by: jkh

Submitted by: fenner
2000-02-27 18:35:10 +00:00
peter
dd4b87e5a8 Clean up some loose ends in the network code, including the X.25 and ISO
#ifdefs.  Clean out unused netisr's and leftover netisr linker set gunk.
Tested on x86 and alpha, including world.

Approved by:	jkh
2000-02-13 03:32:07 +00:00
shin
405dcaec84 Prototype fix for IPsec authentication related functions
Some of IPsec authentication related functions should have
  'const' for its 2nd argument, but not now.
  But if someone try to use them, and passed const data for
  those functions, then much bogus compile warnings will be
  generated.
  So those funcs prototype should be modified.

Requested by: archie
Approved by: jkh
2000-02-10 19:35:53 +00:00
shin
d2be148516 Forbid include of soem inet6 header files from wrong place
KAME put INET6 related stuff into sys/netinet6 dir, but IPv6
  standard API(RFC2553) require following files to be under sys/netinet.
    netinet/ip6.h
    netinet/icmp6.h
  Now those header files just include each following files.
    netinet6/ip6.h
    netinet6/icmp6.h

  Also KAME has netinet6/in6.h for easy INET6 common defs
  sharing between different BSDs, but RFC2553 requires only
  netinet/in.h should be included from userland.
  So netinet/in.h also includes netinet6/in6.h inside.

  To keep apps portability, apps should not directly include
  above files from netinet6 dir.
  Ideally, all contents of,
    netinet6/ip6.h
    netinet6/icmp6.h
    netinet6/in6.h
  should be moved into
    netinet/ip6.h
    netinet/icmp6.h
    netinet/in.h
  but to avoid big changes in this stage, add some hack, that
    -Put some special macro define into those files under neitnet
    -Let files under netinet6 cause error if it is included
     from some apps, and, if the specifal macro define is not
     defined.
     (which should have been defined if files under netinet is
     included)
    -And let them print an error message which tells the
     correct name of the include file to be included.

  Also fix apps which includes invalid header files.

Approved by: jkh

Obtained from: KAME project
2000-02-10 19:33:58 +00:00
shin
3854b68bae IPv6 prefix assignment bug fixes.
(1)When all related IPv6 addresses are removed,
       then remove the associated IPv6 prefix.
    (2)When multiple IPv6 link local addrs exist for a same
       interface , then let its IPv6 prefix have multiple
       interface id, and create multiple IPv6 global addrs with same
       interface id.
    (3)When a new IPv6 link local addr is assigned for an
       interface, then let its IPv6 prefix also have the
       interface id of the new IPv6 link local addr, and
       create new IPv6 global addrs with same interface id.

Approved by: jkh
2000-02-07 01:45:30 +00:00
shin
5829c1a74e Permit site local addr in IPv6 source address selection rule.
KAME source addr selection rule had a problem to treat IPv6 site
  local addr.
  The rule is completely rewritten recently and the above problem
  is also fixed, but rewriting same code part in freebsd4.0 is too
  dangerous in this stage, so just add workaround to avoid
  the problem. Just add code for IPv6 site local addresses into IPv6
  source addr selection algorythm part.
2000-02-07 01:32:41 +00:00
shin
f1bf15ce6f Add ip6fw.
Yes it is almost code freeze, but as the result of many thought, now I
think this should be added before 4.0...

make world check, kernel build check is done.

Reviewed by: green
Obtained from: KAME project
2000-01-29 13:54:44 +00:00
shin
6b9e691ac7 Backout diffs which should not be included. 2000-01-28 13:16:34 +00:00
shin
db90f105e6 #This is a null commit to give correct description for the previous change.
#Please forget the strange log message of the previous commit .

IPv6 multicast routing.
  kernel IPv6 multicast routing support.
  pim6 dense mode daemon
  pim6 sparse mode daemon
  netstat support of IPv6 multicast routing statistics

  Merging to the current and testing with other existing multicast routers
  is done by Tatsuya Jinmei <jinmei@kame.net>, who writes and maintainances
  the base code in KAME distribution.

  Make world check and kernel build check was also successful.

Obtained from: KAME project
2000-01-28 12:17:49 +00:00
shin
0f6d8ac67b Sorry I didn't commit these files at the commit just a few minutes before.
(IPv6 multicast routing)
I think I mistakenly touched TAB and the last arg sys/netinet6 to
the cvs commit changed to sys/netinet6/in6_proto.c.
2000-01-28 05:27:14 +00:00
shin
927a0a3d01 IPv6 multicast routing.
kernel IPv6 multicast routing support.
  pim6 dense mode daemon
  pim6 sparse mode daemon
  netstat support of IPv6 multicast routing statistics

  Merging to the current and testing with other existing multicast routers
  is done by Tatsuya Jinmei <jinmei@kame.net>, who writes and maintainances
  the base code in KAME distribution.

  Make world check and kernel build check was also successful.
2000-01-28 05:10:56 +00:00
shin
c04bb719ee Added ip6_forwarding check when prefix related ioctl is called.
(prefix related ioctl should only be called on router,
because host use dynamic address and prefix configuration mechanism,
and those prefix are managed separately with ones whih are assined
manually.)
2000-01-27 10:04:28 +00:00
brian
44d675d635 Move the *intrq variables into net/intrq.c and unconditionally
include this in all kernels.  Declare some const *intrq_present
variables that can be checked by a module prior to using *intrq
to queue data.

Make the if_tun module capable of processing atm, ip, ip6, ipx,
natm and netatalk packets when TUNSIFHEAD is ioctl()d on.

Review not required by: freebsd-hackers
2000-01-24 20:39:02 +00:00
shin
5e1ee834c8 Merge a bug fix from freebsd-current; check m != NULL before touching it,
at udp6_ctlinput().
  There should be kernel panic at PCCARD suspend etc, before this bug fix.

Submitted by:  Hajimu UMEMOTO <ume@mahoroba.org>
2000-01-18 09:02:19 +00:00
shin
60b021f075 fix kernel panic at rtfree() in INET6 enabled envrionment.
This is probably due to twice rtfree() in in6_pcbdetach(),
  one for inp->in6p_route.ro_rt, and another one for inp->inp_route.ro_rt.
  But these 2 are actually shared in inpcb, so 2nd rtfree() is not necessary.
2000-01-16 18:00:06 +00:00
shin
f6057d6252 Fixed the problem that IPsec connection hangs when bigger data is sent.
-opt_ipsec.h was missing on some tcp files (sorry for basic mistake)
  -made buildable as above fix
  -also added some missing IPv4 mapped IPv6 addr consideration into
   ipsec4_getpolicybysock
2000-01-15 14:56:38 +00:00
shin
ec52241272 wrapped prototype declarations by __P(())
Submitted by: bde
2000-01-15 05:30:15 +00:00
shin
12dd87683c add forward declarations, and small cosmetic changes.
Submitted by: bde
2000-01-15 05:20:40 +00:00