freebsd-dev/sys
billf 94a4d9c403 The TCP header-specific section suffered a little bit of bitrot recently:
When we recieve a fragmented TCP packet (other than the first) we can't
extract header information (we don't have state to reference). In a rather
unelegant fashion we just move on and assume a non-match.

Recent additions to the TCP header-specific section of the code neglected
to add the logic to the fragment code so in those cases the match was
assumed to be positive and those parts of the rule (which should have
resulted in a non-match/continue) were instead skipped (which means
the processing of the rule continued even though it had already not
matched).

Fault can be spread out over Rich Steenbergen (tcpoptions) and myself
(tcp{seq,ack,win}).

rwatson sent me a patch that got me thinking about this whole situation
(but what I'm committing / this description is mine so don't blame him).
2001-02-27 10:20:44 +00:00
..
alpha Rename switch_trampoline() to fork_trampoline() on the alpha and ia64. 2001-02-22 16:56:53 +00:00
amd64 Make the kernel actually compile and link under a.out, using 2001-02-25 07:44:39 +00:00
arm/include Correct disordering which is corresponding to bde's fix to 2001-02-17 14:51:11 +00:00
boot Whenever the user might be offered a chance to quit through 2001-02-22 11:22:14 +00:00
cam o Support AUTO SENSE correctly. 2001-02-25 12:40:30 +00:00
coda Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
compat MFS: bring the consistent `compat_3_brand' support into -CURRENT 2001-02-24 22:20:11 +00:00
compile
conf Add a 'clobber' target.. Like 'clean' but it takes out even the config 2001-02-27 08:13:32 +00:00
contrib fix duplicate rcsid 2001-02-04 15:25:15 +00:00
crypto This commit was generated by cvs2svn to compensate for changes in r67957, 2000-10-30 11:03:32 +00:00
ddb Use macro API for <sys/queue.h> 2000-12-30 22:06:19 +00:00
dev add functions for sound drivers to use for locking and setting up interrupt 2001-02-27 07:45:09 +00:00
fs Display the Joliet Extension 'level' in the log message. 2001-02-23 03:43:05 +00:00
geom Fix a braino in ccd's clone routine. 2001-01-29 06:18:14 +00:00
gnu Remove the leading underscore from all symbols defined in x86 asm 2001-02-25 06:29:04 +00:00
i4b Preceed/preceeding are not english words. Use precede or preceding. 2001-02-18 10:25:42 +00:00
i386 Add and document the LINPROCFS option, so that we can build linprocfs 2001-02-27 08:11:28 +00:00
ia64 sched_swi -> swi_sched 2001-02-24 19:09:37 +00:00
isa Fixed style bugs in clock.c rev.1.164 and cpu.h rev.1.52-1.53 -- declare 2001-02-19 03:00:34 +00:00
isofs/cd9660 Display the Joliet Extension 'level' in the log message. 2001-02-23 03:43:05 +00:00
kern Cast nfds to u_int before range checking it in order to catch negative 2001-02-27 00:50:20 +00:00
libkern RIP <machine/lock.h>. 2001-02-11 10:44:09 +00:00
miscfs o Move per-process jail pointer (p->pr_prison) to inside of the subject 2001-02-21 06:39:57 +00:00
modules Remove some cruft 2001-02-27 07:40:09 +00:00
msdosfs Change and clean the mutex lock interface. 2001-02-09 06:11:45 +00:00
net Protect against negative numbers as well 2001-02-26 09:52:43 +00:00
netatalk Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
netatm Preceed/preceeding are not english words. Use precede and preceding. 2001-02-18 10:43:53 +00:00
netgraph Allow a changed MAC address to show up in ifconfig by changing it 2001-02-26 09:31:54 +00:00
netinet The TCP header-specific section suffered a little bit of bitrot recently: 2001-02-27 10:20:44 +00:00
netinet6 More IP option length validation. 2001-02-26 03:41:13 +00:00
netipx Another round of the <sys/queue.h> FOREACH transmogriffer. 2001-02-04 16:08:18 +00:00
netkey fixed possibility of panic at key_acquire(). 2001-01-14 17:25:08 +00:00
netnatm Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
netncp Implement m_getm() which will perform an "all or nothing" mbuf + cluster 2001-02-14 05:13:04 +00:00
netns * Rename M_WAIT mbuf subsystem flag to M_TRYWAIT. 2000-12-21 21:44:31 +00:00
nfs Switch to using a struct xucred instead of a struct xucred when not 2001-02-18 13:30:20 +00:00
nfsclient Switch to using a struct xucred instead of a struct xucred when not 2001-02-18 13:30:20 +00:00
nfsserver Switch to using a struct xucred instead of a struct xucred when not 2001-02-18 13:30:20 +00:00
ntfs Change and clean the mutex lock interface. 2001-02-09 06:11:45 +00:00
nwfs Change and clean the mutex lock interface. 2001-02-09 06:11:45 +00:00
pc98 Supported pcmcia modem card. 2001-02-25 08:55:07 +00:00
pccard Move ti1031 to the 16-bit bridge section 2001-02-07 01:16:40 +00:00
pci Workaround to prevent VMware from melting down. The pseudo PCnet interface 2001-02-26 22:23:55 +00:00
posix4 Lock need_resched with sched_lock. 2001-02-22 13:46:09 +00:00
powerpc Rename switch_trampoline() to fork_trampoline() on the alpha and ia64. 2001-02-22 16:56:53 +00:00
rpc
svr4 This patchset fixes a large number of file descriptor race conditions. 2000-11-18 21:01:04 +00:00
sys Make "md" and "mdctl" macroized parameters. 2001-02-25 13:12:57 +00:00
tools Simplify this a bit so that it doesn't have to generate silly redundant 2000-12-06 06:59:38 +00:00
ufs Add a NOTE_REVOKE flag for vnodes, which is triggered from within vclean(). 2001-02-23 20:06:01 +00:00
vm Introduce per-swap area accounting in the VM system, and export 2001-02-23 18:46:21 +00:00
Makefile