freebsd-dev/sys/net
Kristof Provost effaab8861 netpfil: Introduce PFIL_FWD flag
Forwarded packets passed through PFIL_OUT, which made it difficult for
firewalls to figure out if they were forwarding or producing packets. This in
turn is an issue for pf for IPv6 fragment handling: it needs to call
ip6_output() or ip6_forward() to handle the fragments. Figuring out which was
difficult (and until now, incorrect).
Having pfil distinguish the two removes an ugly piece of code from pf.

Introduce a new variant of the netpfil callbacks with a flags variable, which
has PFIL_FWD set for forwarded packets. This allows pf to reliably work out if
a packet is forwarded.

Reviewed by:	ae, kevans
Differential Revision:	https://reviews.freebsd.org/D13715
2018-03-23 16:56:44 +00:00
..
altq kernel: Fix several typos and minor errors 2017-12-27 03:23:21 +00:00
bpf_buffer.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
bpf_buffer.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
bpf_filter.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
bpf_jitter.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
bpf_jitter.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
bpf_zerocopy.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
bpf_zerocopy.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
bpf.c Use count(9) api for the bpf(4) statistics. 2018-03-20 22:57:06 +00:00
bpf.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
bpfdesc.h Use count(9) api for the bpf(4) statistics. 2018-03-20 22:57:06 +00:00
bridgestp.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
bridgestp.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
dlt.h MFV r313759: license change for a few headers (4 clause BSD to 3 clause BSD). 2017-02-15 07:22:47 +00:00
ethernet.h Define ethernet type 0x88A8 as ETHERTYPE_QINQ. 2018-03-06 12:01:31 +00:00
fddi.h spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
firewire.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
ieee8023ad_lacp.c Added missing CTLFLAG_VNET to lacp default_strict_mode 2018-01-24 10:13:14 +00:00
ieee8023ad_lacp.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
ieee_oui.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_arc.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_arcsubr.c spdx: initial adoption of licensing ID tags. 2017-11-18 14:26:50 +00:00
if_arp.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_bridge.c netpfil: Introduce PFIL_FWD flag 2018-03-23 16:56:44 +00:00
if_bridgevar.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_clone.c Do not pass NULL pointer to copyout in if_clone_list. 2017-12-23 16:45:24 +00:00
if_clone.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_dead.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_debug.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_disc.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_dl.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_edsc.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_enc.c netpfil: Introduce PFIL_FWD flag 2018-03-23 16:56:44 +00:00
if_enc.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_epair.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_ethersubr.c netpfil: Introduce PFIL_FWD flag 2018-03-23 16:56:44 +00:00
if_fddisubr.c Fix build. 2017-11-19 11:21:16 +00:00
if_fwsubr.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_gif.c Do pass removing some write-only variables from the kernel. 2017-12-25 04:48:39 +00:00
if_gif.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_gre.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_gre.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_ipsec.c Introduce the concept of IPsec security policies scope. 2017-03-07 00:13:53 +00:00
if_ipsec.h Merge projects/ipsec into head/. 2017-02-06 08:49:57 +00:00
if_iso88025subr.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_lagg.c Disabled the use of flowid for lagg by default 2018-01-04 20:05:47 +00:00
if_lagg.h Remove some code, dead from the day one. 2017-05-25 23:19:09 +00:00
if_llatbl.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_llatbl.h Fix outgoing TCP/UDP packet drop on arp/ndp entry expiration. 2018-03-17 17:05:48 +00:00
if_llc.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_loop.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_me.c Do not adjust interface MTU automatically. Leave this task to the system 2017-04-11 08:56:18 +00:00
if_media.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_media.h Correct comment for IFM_IEEE80211_VHT media variant. 2018-03-15 23:32:29 +00:00
if_mib.c These files were getting sys/malloc.h and vm/uma.h with header pollution 2016-02-01 17:41:21 +00:00
if_mib.h
if_pflog.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_pfsync.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_sppp.h sys/net*: minor spelling fixes. 2016-05-03 18:05:43 +00:00
if_spppfr.c
if_spppsubr.c sys/net*: minor spelling fixes. 2016-05-03 18:05:43 +00:00
if_stf.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_tap.c Disallow TUN and TAP character device IOCTLs to modify the network device 2017-11-29 09:40:11 +00:00
if_tap.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_tapvar.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
if_tun.c Disallow TUN and TAP character device IOCTLs to modify the network device 2017-11-29 09:40:11 +00:00
if_tun.h Allow an MTU of 65535 bytes to be set via TUN[SG]IFINFO. This requires 2016-05-24 11:47:14 +00:00
if_types.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_var.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_vlan_var.h Properly define the VLAN_XXX() function macros to avoid miscompilation when 2017-11-30 11:35:22 +00:00
if_vlan.c Revert r327828, r327949, r327953, r328016-r328026, r328041: 2018-01-21 15:42:36 +00:00
if_vxlan.c Add macro for vxlan list mutex lock and unlock 2017-12-30 19:49:40 +00:00
if_vxlan.h Add support for IPv6 scoped addresses to vxlan 2017-12-30 04:03:53 +00:00
if.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if.h Garbage collect IFCAP_POLLING_NOCOUNT. It wasn't used since very 2017-12-06 23:03:34 +00:00
ifdi_if.m Update Matthew Macy contact info 2017-12-19 17:59:00 +00:00
iflib.c iflib: stop timer callout when stopping 2018-03-02 18:48:07 +00:00
iflib.h IFLIB: Make isc_magic unsigned 2018-02-21 18:57:00 +00:00
ifq.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
iso88025.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
mp_ring.c Have ifmp_ring_enqueue() abdicate instead of switch to a consumer 2017-09-23 16:46:30 +00:00
mp_ring.h Import the 'iflib' API library for network drivers. From the author: 2016-05-18 04:35:58 +00:00
mppc.h ng_mppc(4): Bring netgraph(3) MPPC compression support. 2016-06-07 15:07:00 +00:00
mppcc.c ng_mppc(4):: basic readability cleanups. 2016-07-09 02:33:45 +00:00
mppcd.c ng_mppc(4):: basic readability cleanups. 2016-07-09 02:33:45 +00:00
netisr_internal.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
netisr.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
netisr.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
netmap_user.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
netmap_virt.h Various fixes for ptnet/ptnetmap (passthrough of netmap ports). In detail: 2016-10-27 09:46:22 +00:00
netmap.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
paravirt.h
pfil.c netpfil: Introduce PFIL_FWD flag 2018-03-23 16:56:44 +00:00
pfil.h netpfil: Introduce PFIL_FWD flag 2018-03-23 16:56:44 +00:00
pfkeyv2.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
pfvar.h netpfil: Introduce PFIL_FWD flag 2018-03-23 16:56:44 +00:00
ppp_defs.h
radix_mpath.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
radix_mpath.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
radix.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
radix.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
raw_cb.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
raw_cb.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
raw_usrreq.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
rndis.h rndis: Add LINK_SPEED_CHANGE status 2017-07-24 03:59:50 +00:00
route_var.h Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
route.c Increment the route table gen count after a modify 2018-01-23 03:15:44 +00:00
route.h Reduce code duplication for inpcb route caching 2018-01-23 03:15:39 +00:00
rss_config.c rss: Remove never defined UDP_IPV4_EX 2017-10-11 06:08:01 +00:00
rss_config.h rss: Remove never defined UDP_IPV4_EX 2017-10-11 06:08:01 +00:00
rtsock.c Allow route change requests to not specify the gateway. 2018-02-21 19:13:23 +00:00
sff8436.h Add SFF-8024 Extended Specification Compliance 2015-12-28 09:26:07 +00:00
sff8472.h ifconfig(8): Display extended compliance code string for SFP transceivers 2017-12-05 18:42:07 +00:00
slcompress.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
slcompress.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
toeplitz.c
toeplitz.h
vnet.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
vnet.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00