d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0454a53d65
freebsd-dev/sys/netinet
History
Andre Oppermann 099dd0430b Bring back the full packet destination manipulation for 'ipfw fwd' 
with the kernel compile time option:

 options IPFIREWALL_FORWARD_EXTENDED

This option has to be specified in addition to IPFIRWALL_FORWARD.

With this option even packets targeted for an IP address local
to the host can be redirected.  All restrictions to ensure proper
behaviour for locally generated packets are turned off.  Firewall
rules have to be carefully crafted to make sure that things like
PMTU discovery do not break.

Document the two kernel options.

PR:		kern/71910
PR:		kern/73129
MFC after:	1 week
2005-02-22 17:40:40 +00:00
..
libalias Sort sections. 2005-01-20 09:17:07 +00:00
accf_data.c add missing #include <sys/module.h> 2004-05-30 20:27:19 +00:00
accf_http.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
icmp6.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
icmp_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
if_atm.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
if_atm.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
if_ether.c Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
if_ether.h Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
igmp_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
igmp.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
igmp.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_cksum.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_gif.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_gif.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_pcb.c We can make code simplier after last change. 2005-02-22 08:35:24 +00:00
in_pcb.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_proto.c Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
in_rmx.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_systm.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
in.h Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
ip6.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_carp.c Remove promisc counter from parent interface in carp_clone_destroy(), 2005-02-22 16:24:55 +00:00
ip_carp.h Add CARP (Common Address Redundancy Protocol), which allows multiple 2005-02-22 13:04:05 +00:00
ip_divert.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_divert.h Convert IPDIVERT into a loadable module. This makes use of the dynamic loadability 2004-10-19 21:14:57 +00:00
ip_dummynet.c - Reduce number of arguments passed to dummynet_io(), we already have cookie 2005-01-16 11:13:18 +00:00
ip_dummynet.h - Reduce number of arguments passed to dummynet_io(), we already have cookie 2005-01-16 11:13:18 +00:00
ip_ecn.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_ecn.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_encap.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_encap.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_fastfwd.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_fw2.c Jump to common action checks after doing specific once. This fixes adding 2005-02-06 11:13:59 +00:00
ip_fw_pfil.c Add a ng_ipfw node, implementing a quick and simple interface between 2005-02-05 12:06:33 +00:00
ip_fw.h Add a ng_ipfw node, implementing a quick and simple interface between 2005-02-05 12:06:33 +00:00
ip_gre.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_gre.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_icmp.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_icmp.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_id.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_input.c Bring back the full packet destination manipulation for 'ipfw fwd' 2005-02-22 17:40:40 +00:00
ip_mroute.c When running with debug.mpsafenet=0, initialize IP multicast routing 2004-10-07 14:13:35 +00:00
ip_mroute.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip_output.c Bring back the full packet destination manipulation for 'ipfw fwd' 2005-02-22 17:40:40 +00:00
ip_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ip.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
ipprotosw.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
pim_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
pim.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
raw_ip.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_debug.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_debug.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_fsm.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_hostcache.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_input.c Remove 2 (SACK) fields from the tcpcb. These are only used by a 2005-02-17 23:04:56 +00:00
tcp_output.c Fix a TCP SACK related crash resulting from incorrect computation 2005-01-12 21:40:51 +00:00
tcp_reass.c Remove 2 (SACK) fields from the tcpcb. These are only used by a 2005-02-17 23:04:56 +00:00
tcp_sack.c Remove 2 (SACK) fields from the tcpcb. These are only used by a 2005-02-17 23:04:56 +00:00
tcp_seq.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_subr.c o Add handling of an IPv4-mapped IPv6 address. 2005-02-14 07:37:51 +00:00
tcp_syncache.c Remove clause three from tcp_syncache.c license per permission of 2005-01-30 19:28:27 +00:00
tcp_timer.c /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_timer.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcp_timewait.c o Add handling of an IPv4-mapped IPv6 address. 2005-02-14 07:37:51 +00:00
tcp_usrreq.c In the current world order, solisten() implements the state transition of 2005-02-21 21:58:17 +00:00
tcp_var.h Remove 2 (SACK) fields from the tcpcb. These are only used by a 2005-02-17 23:04:56 +00:00
tcp.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
tcpip.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
udp_usrreq.c In in_pcbconnect_setup() jailed sockets are treated specially: if local 2005-02-22 07:50:02 +00:00
udp_var.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00
udp.h /* -> /*- for license, minor formatting changes 2005-01-07 01:45:51 +00:00