d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d6fe462ac1
freebsd-dev/sys/net
History
Andrew Thompson 85ce729794 Add a bridge interface flag called PRIVATE where any private port can not 
communicate with another private port.

All unicast/broadcast/multicast layer2 traffic is blocked so it works much the
same way as using firewall rules but scales better and is generally easier as
firewall packages usually do not allow ARP blocking.

An example usage would be having a number of customers on separate vlans
bridged with a server network. All the vlans are marked private, they can all
communicate with the server network unhindered, but can not exchange any
traffic whatsoever with each other.

Approved by:	re (rwatson)
2007-08-01 00:33:52 +00:00
..
bpf_filter.c Avoid unwanted sign extension of indexed byte load in bpf code. 2006-05-28 20:00:02 +00:00
bpf_jitter.c Add BPF Just-In-Time compiler support for ng_bpf(4). 2005-12-07 21:30:47 +00:00
bpf_jitter.h Add BPF Just-In-Time compiler support for ng_bpf(4). 2005-12-07 21:30:47 +00:00
bpf.c Replace references to NET_CALLOUT_MPSAFE with CALLOUT_MPSAFE, and remove 2007-07-28 07:31:30 +00:00
bpf.h Add three new ioctl(2) commands for bpf(4). 2007-02-26 22:24:14 +00:00
bpfdesc.h Add three new ioctl(2) commands for bpf(4). 2007-02-26 22:24:14 +00:00
bridgestp.c Check the correct port to see if synced is true. 2007-06-22 23:28:33 +00:00
bridgestp.h Change the passing of callbacks to a struct in case this needs to be extended in the future. 2007-03-09 19:34:55 +00:00
bsd_comp.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
ethernet.h Sync ether_ioctl() with ioctl(2) and ifnet.if_ioctl 2007-05-29 12:40:45 +00:00
fddi.h
firewire.h
ieee8023ad_lacp.c Allow the LACP state to be queried from userland which at the moment is the 2007-07-05 09:18:57 +00:00
ieee8023ad_lacp.h Allow the LACP state to be queried from userland which at the moment is the 2007-07-05 09:18:57 +00:00
if_arc.h Use ANSI C function protypes and declarations for if_arcsubr. 2006-04-12 07:44:31 +00:00
if_arcsubr.c Use ANSI C function protypes and declarations for if_arcsubr. 2006-04-12 07:44:31 +00:00
if_arp.h - Store pointer to the link-level address right in "struct ifnet" 2005-11-11 16:04:59 +00:00
if_atm.h
if_atmsubr.c Remove obfuscating OpenBSD/NetBSD/BSDI/FreeBSD 2.x/FreeBSD 5.x ifdefs 2006-12-01 22:45:43 +00:00
if_bridge.c Add a bridge interface flag called PRIVATE where any private port can not 2007-08-01 00:33:52 +00:00
if_bridgevar.h Add a bridge interface flag called PRIVATE where any private port can not 2007-08-01 00:33:52 +00:00
if_clone.c Revise network interface cloning to take an optional opaque 2006-07-09 06:04:01 +00:00
if_clone.h Revise network interface cloning to take an optional opaque 2006-07-09 06:04:01 +00:00
if_disc.c Fix some statements in disc(4) and about it: 2007-03-26 09:10:28 +00:00
if_dl.h
if_edsc.c Give a hint that softc can contain many things besides ifp. 2007-03-26 09:05:10 +00:00
if_ef.c Return mbuf pointer or NULL from ip_fastforward() as the mbuf pointer 2006-01-18 14:24:39 +00:00
if_enc.c Various bpf(4) related fixes to catch places up to the new bpf(4) 2006-12-29 13:59:50 +00:00
if_ethersubr.c First in a series of changes to remove the now-unused Giant compatibility 2007-07-27 11:59:57 +00:00
if_faith.c With exception of the if_name() macro, all definitions in net_osdep.h 2006-08-04 21:27:40 +00:00
if_fddisubr.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
if_fwsubr.c Remove GIANT_REQUIRED for upcoming changes in FireWire stack. 2007-06-05 14:15:45 +00:00
if_gif.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
if_gif.h Add some initial locking to gif(4). It doesn't covers the whole driver, 2006-01-30 08:39:09 +00:00
if_gre.c Sync comments to code: we now use priv_check() rather than suser() to 2007-06-26 23:01:01 +00:00
if_gre.h
if_iso88025subr.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
if_lagg.c - Propagate the largest set of interface capabilities supported by all lagg 2007-07-30 20:17:22 +00:00
if_lagg.h - Propagate the largest set of interface capabilities supported by all lagg 2007-07-30 20:17:22 +00:00
if_llc.h Move the __packed declarations. This makes sizeof(struct llc) 8 again 2006-12-01 17:50:11 +00:00
if_loop.c Use __NO_STRICT_ALIGNMENT, instead of special casing ia64 and sparc64. 2007-02-09 00:09:35 +00:00
if_media.c - Introduce ifmedia_baudrate(), which returns correct baudrate of the 2006-02-14 12:10:03 +00:00
if_media.h Update 802.11 wireless support: 2007-06-11 03:36:55 +00:00
if_mib.c Add a new leaf to the net.link.generic.ifdata.%d sysctl to retrieve 2006-01-04 12:57:09 +00:00
if_mib.h Add a new leaf to the net.link.generic.ifdata.%d sysctl to retrieve 2006-01-04 12:57:09 +00:00
if_ppp.c Continue pre-7.0 privilege cleanup: update suser(9) comments to be priv(9) 2007-07-02 15:44:30 +00:00
if_ppp.h
if_pppvar.h Use callout mechanism instead of timeout()/untimeout(). 2006-12-05 18:54:21 +00:00
if_sl.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
if_slvar.h
if_sppp.h
if_spppfr.c
if_spppsubr.c Cast the ioctl define to the type of the variable being switched on. 2007-06-10 04:53:13 +00:00
if_stf.c Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h 2006-10-22 11:52:19 +00:00
if_stf.h
if_tap.c Add a sysctl net.link.tap.up_on_open which defaults to zero; when it 2007-03-19 18:17:31 +00:00
if_tap.h Fix our ioctl(2) implementation when the argument is "int". New 2006-09-27 19:57:02 +00:00
if_tapvar.h
if_tun.c Clean up after tun(4) properly; remove routes whose ifp is set to 2007-02-05 11:15:52 +00:00
if_tun.h
if_types.h Remove IPX over IP tunneling support, which allows IPX routing over IP 2007-06-13 14:01:43 +00:00
if_var.h The struct if_data members ifi_recvquota and ifi_xmitquota have been 2007-05-16 18:37:37 +00:00
if_vlan_var.h Prepare for 802.1p: 2007-02-28 22:05:30 +00:00
if_vlan.c Now <net/if_arp.h> is unused here. 2007-03-19 18:01:39 +00:00
if.c First in a series of changes to remove the now-unused Giant compatibility 2007-07-27 11:59:57 +00:00
if.h Add IFCAP_LRO flag for drivers to announce their TCP Large Receive Offload 2007-06-11 20:08:11 +00:00
iso88025.h
netisr.c First in a series of changes to remove the now-unused Giant compatibility 2007-07-27 11:59:57 +00:00
netisr.h
pfil.c Somewhat re-factor the read/write locking mechanism associated with the packet 2006-02-02 03:13:16 +00:00
pfil.h Correct the definition of PFIL_HOOKED() so that it compares 2007-06-08 12:43:25 +00:00
pfkeyv2.h Commit the change from FAST_IPSEC to IPSEC. The FAST_IPSEC 2007-07-03 12:13:45 +00:00
ppp_comp.h
ppp_deflate.c This patch fixes a problem, which exists if you have IPSEC in your kernel 2006-02-27 16:56:22 +00:00
ppp_defs.h
ppp_tty.c Use callout mechanism instead of timeout()/untimeout(). 2006-12-05 18:54:21 +00:00
radix.c The code in rn_walktree_from() that checks if we backed up too far 2006-02-07 20:25:39 +00:00
radix.h
raw_cb.c raw_disconnect() now disconnects but does not detach the raw pcb. As a 2006-06-02 08:27:15 +00:00
raw_cb.h
raw_usrreq.c Sweep kernel replacing suser(9) calls with priv(9) calls, assigning 2006-11-06 13:42:10 +00:00
route.c Add missing \n to printf 2007-06-11 12:19:34 +00:00
route.h - Fill in the correct rtm_index for RTM_ADD and RTM_CHANGE messages. 2006-03-15 19:39:09 +00:00
rtsock.c Fix regression in rev. 1.140. 2007-03-27 19:36:12 +00:00
slcompress.c
slcompress.h
slip.h
zlib.c
zlib.h