d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f8bee51a69
freebsd-dev/sys/netinet
History
Alexander V. Chernikov f8bee51a69 - Add ipfw eXtended tables permitting radix to be used for any kind of keys. 
- Add support for IPv6 and interface extended tables
- Make number of tables to be loader tunable in range 0..65534.
- Use IP_FW3 opcode for all new extended table cmds

No ABI changes are introduced. Old userland will see valid tables for
IPv4 tables and no entries otherwise. Flush works for any table.

IP_FW3 socket option is used to encapsulate all new opcodes:
 /* IP_FW3 header/opcodes */
 typedef struct _ip_fw3_opheader {
        uint16_t opcode;        /* Operation opcode */
        uint16_t reserved[3];   /* Align to 64-bit boundary */
 } ip_fw3_opheader;

New opcodes added:
 IP_FW_TABLE_XADD, IP_FW_TABLE_XDEL, IP_FW_TABLE_XGETSIZE, IP_FW_TABLE_XLIST

ipfw(8) table argument parsing behavior is changed:
 'ipfw table 999 add host' now assumes 'host' to be interface name instead of
 hostname.

New tunable:
 net.inet.ip.fw.tables_max controls number of table supported by ipfw in given
 VNET instance. 128 is still the default value.

New syntax:
ipfw add skipto tablearg ip from any to any via table(42) in
ipfw add skipto tablearg ip from any to any via table(4242) out

This is a bit hackish, special interface name '\1' is used to signal interface
table number is passed in p.glob field.

Sponsored by Yandex LLC

Reviewed by:    ae
Approved by:    ae (mentor)

MFC after:      4 weeks
2012-03-12 14:07:57 +00:00
..
cc Staticize malloc types. 2011-04-13 11:28:46 +00:00
ipfw - Add ipfw eXtended tables permitting radix to be used for any kind of keys. 2012-03-12 14:07:57 +00:00
khelp Use the full and proper company name for Swinburne University of Technology 2011-04-12 08:13:18 +00:00
libalias Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs. 2011-11-07 15:43:11 +00:00
accf_data.c
accf_dns.c
accf_http.c Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs. 2011-11-07 15:43:11 +00:00
cc.h Use the full and proper company name for Swinburne University of Technology 2011-04-12 08:13:18 +00:00
icmp6.h Correct typo in the RFC number for the constants based on IANA assignments 2012-03-04 18:47:20 +00:00
icmp_var.h
if_atm.c Bring back (most of) NATM to avoid further bitrot after r186119. 2010-12-15 22:58:45 +00:00
if_atm.h
if_ether.c Clean up some #endif comments removing from short sections. Add #endif 2012-01-22 02:13:19 +00:00
if_ether.h Move arprequest() declaration to if_ether.h. 2012-01-08 13:34:00 +00:00
igmp_var.h
igmp.c Convert all users of IF_ADDR_LOCK to use new locking macros that specify 2012-01-05 19:00:36 +00:00
igmp.h
in_cksum.c
in_debug.c Remove last remnants of classful addressing: 2011-10-15 16:28:06 +00:00
in_gif.c Update packet filter (pf) code to OpenBSD 4.5. 2011-06-28 11:57:25 +00:00
in_gif.h
in_mcast.c Remove unused variable. 2012-01-24 14:27:14 +00:00
in_pcb.c Clean up some #endif comments removing from short sections. Add #endif 2012-01-22 02:13:19 +00:00
in_pcb.h Cache SO_REUSEPORT socket option in inpcb-layer in order to avoid 2011-11-06 10:47:20 +00:00
in_pcbgroup.c Implement a CPU-affine TCP and UDP connection lookup data structure, 2011-06-06 12:55:02 +00:00
in_proto.c Bunch of fixes to pfsync(4) module load/unload: 2012-01-09 08:50:22 +00:00
in_rmx.c After some off-list discussion, revert a number of changes to the 2010-11-22 19:32:54 +00:00
in_systm.h
in_var.h Provide IA_MASKSIN() macro similar to IA_SIN() and IA_DSTSIN(). 2012-01-08 17:20:29 +00:00
in.c When using flowtable llentrys can outlive the interface with which they're associated 2012-02-23 18:21:37 +00:00
in.h Add support for IPv4 /31 prefixes, as described in RFC3021. 2011-10-15 18:41:25 +00:00
ip6.h Fix more continuous/contiguous typos (cf. r215955) 2010-11-27 21:51:39 +00:00
ip_carp.c Set vnet context in callouts and taskqueues. 2012-02-08 13:39:38 +00:00
ip_carp.h Restore a feature that was present in 5.x and 6.x, and was cleared in 2011-12-20 13:53:31 +00:00
ip_divert.c Make #error messages string-literals and remove punctuation. 2012-01-22 10:41:58 +00:00
ip_divert.h Various cleanup done in ipfw3-head branch including: 2010-01-04 19:01:22 +00:00
ip_dummynet.h whitespace fixes (trailing whitespace, bad indentation 2010-04-19 16:17:30 +00:00
ip_ecn.c
ip_ecn.h
ip_encap.c (S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument. 2009-12-28 22:56:30 +00:00
ip_encap.h
ip_fastfwd.c Use correct field to track statistics counting error as bad header length. 2010-12-05 01:09:48 +00:00
ip_fw.h - Add ipfw eXtended tables permitting radix to be used for any kind of keys. 2012-03-12 14:07:57 +00:00
ip_gre.c Make #error messages string-literals and remove punctuation. 2012-01-22 10:41:58 +00:00
ip_gre.h The NetBSD Foundation has granted permission to remove clause 3 and 4 from 2010-03-01 17:05:46 +00:00
ip_icmp.c - Fix sysctl description 2012-01-07 00:11:36 +00:00
ip_icmp.h MFP4: @176978-176982, 176984, 176990-176994, 177441 2010-04-29 11:52:42 +00:00
ip_id.c
ip_input.c Convert all users of IF_ADDR_LOCK to use new locking macros that specify 2012-01-05 19:00:36 +00:00
ip_ipsec.c Clean up some #endif comments removing from short sections. Add #endif 2012-01-22 02:13:19 +00:00
ip_ipsec.h
ip_mroute.c Change SYSINIT priorities so that ip_mroute_modevent() is executed 2012-03-04 18:59:38 +00:00
ip_mroute.h Virtualize the IPv4 multicast routing code. 2010-06-02 15:44:43 +00:00
ip_options.c Use ifa_ifwithaddr_check() rather than ifa_ifwithaddr() as we are not 2010-10-14 12:32:49 +00:00
ip_options.h
ip_output.c Cache SO_REUSEPORT socket option in inpcb-layer in order to avoid 2011-11-06 10:47:20 +00:00
ip_var.h Defer the work of freeing IPv4 multicast options from a socket to an 2011-12-29 20:41:16 +00:00
ip.h use u_char instead of u_int for short bitfields. 2010-02-01 14:13:44 +00:00
pim_var.h Virtualize the IPv4 multicast routing code. 2010-06-02 15:44:43 +00:00
pim.h
raw_ip.c As I came by and noticed add a comment that inp locking is a bit optistic 2012-01-02 09:18:58 +00:00
sctp_asconf.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_asconf.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_auth.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_auth.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_bsd_addr.c Add support for stf interfaces. 2012-03-09 13:15:40 +00:00
sctp_bsd_addr.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_cc_functions.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_constants.h Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_crc32.c 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_crc32.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_dtrace_declare.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_dtrace_define.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_header.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_indata.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_indata.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_input.c Fix a problem when using the CBAPI. 2012-01-20 13:26:11 +00:00
sctp_input.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_lock_bsd.h 1) Typo correction in comments and one spacing change. 2011-02-05 12:12:51 +00:00
sctp_os_bsd.h Document the fact that multi-FIB support for SCTP had been backed out 2012-02-03 15:39:13 +00:00
sctp_os.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_output.c Fix a bug where the wrong protocol overhead was used. This can lead 2012-02-14 12:00:34 +00:00
sctp_output.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_pcb.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_pcb.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_peeloff.c Fix a warning reported by bz@ 2012-03-09 15:42:47 +00:00
sctp_peeloff.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_ss_functions.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_structs.h Fix a typo which was already fixed by eadler in r227489. We missed 2012-02-06 10:47:12 +00:00
sctp_sysctl.c Add an SCTP sysctl "blackhole", similar to the one for TCP. 2012-01-08 09:56:24 +00:00
sctp_sysctl.h Add an SCTP sysctl "blackhole", similar to the one for TCP. 2012-01-08 09:56:24 +00:00
sctp_timer.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_timer.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_uio.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_usrreq.c Remove two clang warnings. 2012-02-18 16:06:15 +00:00
sctp_var.h Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctputil.c Two cleanups. No functional change. 2012-01-15 13:35:55 +00:00
sctputil.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
siftr.c Decompose the current single inpcbinfo lock into two locks: 2011-05-30 09:43:55 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs. 2011-11-07 15:43:11 +00:00
tcp_hostcache.h
tcp_input.c Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_lro.c Don't allow lro->len to exceed 65535, as this will result in overflow 2011-07-05 18:43:54 +00:00
tcp_lro.h Trim extra spaces before tabs. 2011-01-07 21:40:34 +00:00
tcp_offload.c
tcp_offload.h Fix typos - remove duplicate "the". 2011-02-21 09:01:34 +00:00
tcp_output.c Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_reass.c Plug a TCP reassembly UMA zone leak introduced in r226113 by only using the 2011-11-27 02:32:08 +00:00
tcp_sack.c Covers values if (BYTES_THIS_ACK(tp, th) / tp->t_maxseg) value is from 2011-03-28 19:03:56 +00:00
tcp_seq.h Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_subr.c Add multi-FIB IPv6 support to the core network stack supplementing 2012-02-03 13:08:44 +00:00
tcp_syncache.c Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_syncache.h Add spares to the network stack for FreeBSD-9: 2011-07-17 21:15:20 +00:00
tcp_timer.c Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcp_timer.h Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcp_timewait.c Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_usrreq.c Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcp_var.h Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcp.h Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcpip.h
toedev.h
udp_usrreq.c Add support for IPv6 to ipfw fwd: 2011-08-20 17:05:11 +00:00
udp_var.h Forward declare mbuf and inpcb. 2011-10-16 10:58:00 +00:00
udp.h Trim extra spaces before tabs. 2011-01-07 21:40:34 +00:00