d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
110,235 Commits 72 Branches 135 Tags 3.2 GiB
6de0f6c8b8
Commit Graph

18 Commits

Author SHA1 Message Date
Darren Reed
6de0f6c8b8 Using just m_pullup to get all of the interesting bits in packet into one 
buffer doesn't work for ipv6 packets, so use m_defrag() here instead as an
easy drop-in replacement.

PR:	70399
 2004-12-16 21:02:16 +00:00
Darren Reed
be134cb640 Mess from update & merge - don't release the ifnet lock twice, just once 
and after we're finished with it.
 2004-06-29 03:39:06 +00:00
Darren Reed
7b807523f4 Update ipfilter from 3.4.31 -> 3.4.35. Some important changes: 
* block packets that fail to create state table entries
* only allow non-fragmented packets to influence whether or not a logged
  packet is the same as the one logged before.
* correct the ICMP packet checksum fixing up when processing ICMP errors for NAT
* implement a maximum for the number of entries in the NAT table (NAT_TABLE_MAX
  and ipf_nattable_max)
* frsynclist() wasn't paying attention to all the places where interface
  names are, like it should.
* fix comparing ICMP packets with established TCP state where only 8 bytes
  of header are returned in the ICMP error.

MFC after:	1 week
 2004-06-21 22:46:36 +00:00
Warner Losh
f36cfd49ad Remove advertising clause from University of California Regent's 
license, per letter dated July 22, 1999 and email from Peter Wemm,
Alan Cox and Robert Watson.

Approved by: core, peter, alc, rwatson
 2004-04-07 20:46:16 +00:00
Warner Losh
a163d034fa Back out M_* changes, per decision of the TRB. 
Approved by: trb
 2003-02-19 05:47:46 +00:00
Darren Reed
32c7da78f7 Commit import changed from vendor branch of ipfilter to -current head 2003-02-15 06:23:45 +00:00
Alfred Perlstein
44956c9863 Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. 
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
 2003-01-21 08:56:16 +00:00
Jeffrey Hsu
b30a244c34 SMP locking for ifnet list. 2002-12-22 05:35:03 +00:00
Darren Reed
ecae20848a Finally merge in the changes from ipfilter 3.4.29 to freebsd-current. 
Main changes here are related to the ftp proxy and making that work better.
 2002-08-28 13:41:36 +00:00
Darren Reed
fde76f025d Commit changes that happened in IPFilter versions 3.4.27 - 3.4.28 2002-06-07 08:56:30 +00:00
Darren Reed
7df187a3ad Merge updates from 3.4.26 - 3.4.27. 2002-04-27 16:56:25 +00:00
Darren Reed
37d55dca34 bring in changes from 3.4.26. 2002-04-25 03:31:39 +00:00
Darren Reed
b38f3fb061 fix conflicts (mostly damn rcs id's) generated by import 2002-03-19 11:44:16 +00:00
Alfred Perlstein
20125be8b1 Backout inclusion of queue.h since rev 1.38 sys/file.h now has it 
included in the right order.
 2002-01-14 09:07:15 +00:00
Alfred Perlstein
9e209b124a Include sys/_lock.h and sys/_mutex.h to reduce namespace pollution. 
Requested by: jhb
 2002-01-13 21:37:49 +00:00
Darren Reed
c0c3937c8f IPFilter munges multicast address packets on the loopback interface. 
Submitted by:	Frank Zolf
Approved by:	jkh
MFC after:	0
 2001-09-12 22:06:36 +00:00
Darren Reed
354699e12f fix conflicts created by import 2001-07-28 11:58:26 +00:00
Jonathan Lemon
0a52f59c36 Move IPFilter into contrib. 2001-06-07 05:13:35 +00:00