Commit Graph

443 Commits

Author SHA1 Message Date
Bill Fenner
86b1d6d24d Pull up the IP header in ip_mloopback(). This makes sure that the
operations on the header inside ip_mloopback() are performed on
a private copy instead of a shared cluster.

PR:		kern/3410
1997-05-06 21:22:04 +00:00
Alexander Langer
af28de7ca8 Create the default rule with flags IP_FW_F_IN | IP_FW_F_OUT.
Closes PR#3100.
1997-05-06 02:12:18 +00:00
Garrett Wollman
a29f300e80 The long-awaited mega-massive-network-code- cleanup. Part I.
This commit includes the following changes:
1) Old-style (pr_usrreq()) protocols are no longer supported, the compatibility
glue for them is deleted, and the kernel will panic on boot if any are compiled
in.

2) Certain protocol entry points are modified to take a process structure,
so they they can easily tell whether or not it is possible to sleep, and
also to access credentials.

3) SS_PRIV is no more, and with it goes the SO_PRIVSTATE setsockopt()
call.  Protocols should use the process pointer they are now passed.

4) The PF_LOCAL and PF_ROUTE families have been updated to use the new
style, as has the `raw' skeleton family.

5) PF_LOCAL sockets now obey the process's umask when creating a socket
in the filesystem.

As a result, LINT is now broken.  I'm hoping that some enterprising hacker
with a bit more time will either make the broken bits work (should be
easy for netipx) or dike them out.
1997-04-27 20:01:29 +00:00
Peter Dufault
0ddf9be1f0 Make MOD_* macros almost consistent:
Use the name argument almost the same in all LKM types.  Maintain
the current behavior for the external (e.g., modstat) name for DEV,
EXEC, and MISC types being #name ## "_mod" and SYCALL and VFS only
#name.  This is a candidate for change and I vote just the name without
the "_mod".

Change the DISPATCH macro to MOD_DISPATCH for consistency with the
other macros.

Add an LKM_ANON #define to eliminate the magic -1 and associated
signed/unsigned warnings.

Add MOD_PRIVATE to support wcd.c's poking around in the lkm structure.

Change source in tree to use the new interface.

Reviewed by:	Bruce Evans
1997-04-06 11:14:13 +00:00
Darren Reed
beec821495 Resolve conflicts created by import. 1997-04-03 10:47:12 +00:00
Darren Reed
1fddb84ad6 Really import sys/netinet changes for IP Filter 3.2alpha4 this time. 1997-04-03 10:39:35 +00:00
Darren Reed
992cd951e8 This commit was generated by cvs2svn to compensate for changes in r24586,
which included commits to RCS files with non-trunk default branches.
1997-04-03 10:39:35 +00:00
David Greenman
ca98b82c8d Reorganize elements of the inpcb struct to take better advantage of
cache lines. Removed the struct ip proto since only a couple of chars
were actually being used in it. Changed the order of compares in the
PCB hash lookup to take advantage of partial cache line fills (on PPro).

Discussed-with: wollman
1997-04-03 05:14:45 +00:00
Bruce Evans
51a534883a Don't include <sys/ioctl.h> in the kernel. Stage 2: include
<sys/sockio.h> instead of <sys/ioctl.h> in network files.
1997-03-24 11:33:46 +00:00
Bruce Evans
fce002fdef Don't include <sys/ioctl.h> in the kernel. Stage 1: don't include
it when it is not used.  In most cases, the reasons for including it
went away when the special ioctl headers became self-sufficient.
1997-03-24 11:25:10 +00:00
David Greenman
ddd79a9790 Improved performance of hash algorithm while (hopefully) not reducing
the quality of the hash distribution. This does not fix a problem dealing
with poor distribution when using lots of IP aliases and listening
on the same port on every one of them...some other day perhaps; fixing
that requires significant code changes.
The use of xor was inspired by David S. Miller <davem@jenolan.rutgers.edu>
1997-03-03 09:23:37 +00:00
Peter Wemm
413e00145c Import ipfilter 3.1.8 kernel components 1997-03-02 15:50:35 +00:00
Peter Wemm
2236e17352 This commit was generated by cvs2svn to compensate for changes in r23285,
which included commits to RCS files with non-trunk default branches.
1997-03-02 15:50:35 +00:00
Peter Wemm
3589f3628a Replacement import of ipfilter 3.1.7 components used in kernel.
(This is to repair the vendor branching)
1997-03-02 15:49:41 +00:00
Peter Wemm
5c45aebbdc This commit was generated by cvs2svn to compensate for changes in r23282,
which included commits to RCS files with non-trunk default branches.
1997-03-02 15:49:41 +00:00
Bill Fenner
e1596dff1e Fix a comment and some commented-out code in ip_mloopback to
reflect how multicast loopback really works.
1997-02-28 19:40:48 +00:00
Garrett Wollman
b110a8a2b3 Fix #include order. 1997-02-24 20:31:25 +00:00
Peter Wemm
6875d25465 Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not
ready for it yet.
1997-02-22 09:48:43 +00:00
Garrett Wollman
cf4dae1061 Properly notice error returns from if_allmulti(). 1997-02-21 18:34:58 +00:00
Garrett Wollman
ef53690bb4 Fix potential crash where a user attempts to perform an implied
connect in TCP while sending urgent data.  It is not clear what
purpose is served by doing this, but there's no good reason why it
shouldn't work.

Submitted by:	tjevans@raleigh.ibm.com via wpaul
1997-02-21 16:30:31 +00:00
Garrett Wollman
7e05e70c2c Fix the parameters of a call to in_setsockaddr(). 1997-02-20 18:39:33 +00:00
Darren Reed
f1743588c7 change IP Filter hooks to match new 3.1.8 patches for FreeBSD 1997-02-19 14:02:27 +00:00
Garrett Wollman
117bcae7c4 Convert raw IP from mondo-switch-statement-from-Hell to
pr_usrreqs.  Collapse duplicates with udp_usrreq.c and
tcp_usrreq.c (calling the generic routines in uipc_socket2.c and
in_pcb.c).  Calling sockaddr()_ or peeraddr() on a detached
socket now traps, rather than harmlessly returning an error; this
should never happen.  Allow the raw IP buffer sizes to be
controlled via sysctl.
1997-02-18 20:46:36 +00:00
Garrett Wollman
d0390e0570 Fix the mechanism for choosing wehether to save the slow-start threshold
in the route.  This allows us to remove the unconditional setting of the
pipesize in the route, which should mean that SO_SNDBUF and SO_RCVBUF
should actually work again.  While we're at it:

- Convert udp_usrreq from `mondo switch statement from Hell' to new-style.
- Delete old TCP mondo switch statement from Hell, which had previously
  been diked out.
1997-02-14 18:15:53 +00:00
Garrett Wollman
39191c8eb8 Provide PRC_IFDOWN and PRC_IFUP support for IP. Now, when an interface
is administratively downed, all routes to that interface (including the
interface route itself) which are not static will be deleted.  When
it comes back up, and addresses remaining will have their interface routes
re-added.  This solves the problem where, for example, an Ethernet interface
is downed by traffic continues to flow by way of ARP entries.
1997-02-13 19:46:45 +00:00
Darren Reed
afed1b4988 Add IP Filter hooks (from patches). 1997-02-10 11:45:37 +00:00
Brian Somers
47c861ecc7 Don't zero ip->ip_sum during sum validation. This should only
affect programs that sit on top of divert(4) sockets.  The
multicast routing code already unconditionally zeros the sum
before recalculating.

Any code that unconditionaly sums a packet without first zeroing
the sum (assuming that it's already zero'd) will break.  No such
code seems to exist.
1997-02-06 11:14:22 +00:00
Brian Somers
d81e40431a Reset ip_divert_ignore to zero immediately after use - also,
set it in the first place, independent of whether sin->sin_port
is set.

The result is that diverted packets that are being forwarded
will be diverted once and only once on the way in (ip_input())
and again, once and only once on the way out (ip_output()) -
twice in total.  ICMP packets that don't contain a port will
now also be diverted.
1997-02-02 16:33:12 +00:00
Garrett Wollman
82c39223b9 Count multicast packets received for groups of which we are not
a member separately from generic ``can't forward'' packets.  This
would have helped me find the previous bug much faster.
1997-01-21 21:08:09 +00:00
Garrett Wollman
93e808cd76 Who had the conical hat? Correct a typo, hidden by a bad cast,
which prevented IP multicast reception from happening.
1997-01-21 19:44:46 +00:00
Joerg Wunsch
e4107dcf00 This mega-merge brings Matt Thomas' 960801 FDDI driver (almost) up
to -current.

Thanks goes to Ulrike Nitzsche <ulrike@ifw-dresden.de> for giving me
a chance to test this.  Only the PCI driver is tested though.

One final patch will follow in a separate commit.  This is so that
everything up to here can be dragged into 2.2, if we decide so.

Reviewed by:	joerg
Submitted by:	Matt Thomas <matt@3am-software.com>
1997-01-17 23:54:45 +00:00
Adam David
839cc09e53 implement "not" keyword for inverting the address logic 1997-01-16 21:04:29 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Garrett Wollman
477180fbc8 Use the new if_multiaddrs list for multicast addresses rather than the
previous hackery involving struct in_ifaddr and arpcom.  Get rid of the
abominable multi_kludge.  Update all network interfaces to use the
new machanism.  Distressingly few Ethernet drivers program the multicast
filter properly (assuming the hardware has one, which it usually does).
1997-01-13 21:26:53 +00:00
Garrett Wollman
c41ac00245 Expose more of these structures to tthe user so that netstat
doesn't walk around with its KERNEL exposed.

More commits to follow...
1997-01-03 19:53:35 +00:00
Garrett Wollman
9cb3aff230 Move the ethertypes from <netinet/if_ether.h> to <net/ethernet.h>.
Many programs need the numbers but don't need the internals of ARP.

More commits to follow...
1997-01-03 19:51:54 +00:00
Peter Wemm
c922550c95 Add INADDR_LOOPBACK, moved from <rpc/rpc.h> 1996-12-30 15:34:17 +00:00
Garrett Wollman
ee3c980de5 Some days, it just doesn't pay to get out of bed. Fix another broken
reference to the now-dead-for-real-this-time ia_next field.

Reminded by: Russell Vincent
1996-12-15 22:44:00 +00:00
Garrett Wollman
771f021675 Somehow the removal of ia_next didn't make it in the last time. Hope
it makes it in this time, and remember not to commit changes next time
late on a Friday evening!
1996-12-15 20:46:39 +00:00
Bruce Evans
cbf5d94928 Attempt to complete the fix in the previous revision. This version
fixes the problem reported by max.
1996-12-15 20:38:30 +00:00
John Dyson
97db6f8d69 Missing TAILQ mod. 1996-12-14 17:49:58 +00:00
Garrett Wollman
59562606b9 Convert the interface address and IP interface address structures
to TAILQs.  Fix places which referenced these for no good reason
that I can see (the references remain, but were fixed to compile
again; they are still questionable).
1996-12-13 21:29:07 +00:00
Garrett Wollman
294121822b Use queue macros for the list of interfaces. Next stop: ifaddrs! 1996-12-11 20:38:25 +00:00
Garrett Wollman
4963f4cd96 Include <net/if_arp.h> in the one header that requires it,
<netinet/if_ether.h>, rather than in <net/if.h>, most of whose callers
have no need of it.

Pointed-out-by:	bde
1996-12-11 17:46:33 +00:00
David Greenman
c7a6ccb33e Only pay attention to the offset and the IP_MF flag in ip_off. Pointed
out by Nathaniel D. Daw (daw@panix.com), but fixed differently by me.
1996-12-11 03:26:36 +00:00
Bill Fenner
2f1a0ba831 Allocate a header mbuf for the start of the encapsulated packet.
The rest of the code was treating it as a header mbuf, but it was
allocated as a normal mbuf.

This fixes the panic: ip_output no HDR when you have a multicast
tunnel configured.
1996-11-23 19:07:02 +00:00
Bill Fenner
254de4ea96 Reword two messages:
duplicate ip address 204.162.228.7! sent from ethernet address: 08:00:20:09:7b:1d
changed to
arp: 08:00:20:09:7b:1d is using my IP address 204.162.228.7!

and

arp info overwritten for 204.162.228.2 by 08:00:20:09:7b:1d
changed to
arp: 204.162.228.2 moved from 08:00:20:07:b6:a0 to 08:00:20:09:7b:1d

I think the new wordings are more clear and could save some support
questions.
1996-11-15 18:50:31 +00:00
Bruce Evans
ca5d5e7397 Forward-declare `struct inpcb' so that including this file doesn't cause
lots of warnings.

Should be in 2.2.   Previous version shouldn't have been in 2.2.
1996-11-12 10:02:09 +00:00
Bill Fenner
82c23eba89 Add the IP_RECVIF socket option, which supplies a packet's incoming interface
using a sockaddr_dl.

Fix the other packet-information socket options (SO_TIMESTAMP, IP_RECVDSTADDR)
to work for multicast UDP and raw sockets as well.  (They previously only
worked for unicast UDP).
1996-11-11 04:56:32 +00:00
Bill Fenner
39172c9401 Re-enable the TCP SYN-attack protection code. I was the one who didn't
understand the socket state flag.

2.2 candidate.
1996-11-10 07:37:24 +00:00
Peter Wemm
37bd2b301c Fix braino on my part. When we have three different port ranges (default,
"high" and "secure"), we can't use a single variable to track the most
recently used port in all three ranges.. :-]  This caused the next
transient port to be allocated from the start of the range more often than
it should.
1996-10-30 06:13:10 +00:00
Bill Fenner
430d30d837 Don't allow reassembly to create packets bigger than IP_MAXPACKET, and count
attempts to do so.
Don't allow users to source packets bigger than IP_MAXPACKET.
Make UDP length and ipovly's protocol length unsigned short.

Reviewed by:	wollman
Submitted by:	(partly by) kml@nas.nasa.gov (Kevin Lahey)
1996-10-25 17:57:53 +00:00
Garrett Wollman
64682bc28a Give ip_len and ip_off more natural, unsigned types. 1996-10-23 18:35:50 +00:00
Søren Schmidt
6713d4a747 Changed args to the nat functions. 1996-10-22 22:26:02 +00:00
Alexander Langer
af44ef0a2f Reword two comments. 1996-10-19 20:23:12 +00:00
Bruce Evans
5e26bd9a05 Forward-declared `struct route' for the KERNEL case so that <net/route.h>
isn't a prerequisite.

Fixed style of ifdefs.
1996-10-15 16:54:47 +00:00
Bruce Evans
4458ac71b1 Removed nested include if <sys/socket.h> from <net/if.h> and
<net/if_arp.h> and fixed the things that depended on it.  The nested
include just allowed unportable programs to compile and made my
simple #include checking program report that networking code doesn't
need to include <sys/socket.h>.
1996-10-12 19:49:43 +00:00
Alexander Langer
bfcffdaf03 Log the interface name which received the packet.
Suggested by:	Hal Snyder <hsndyer@thoughtport.com>
1996-10-12 19:38:50 +00:00
Paul Traina
a51764a8bf Fix two bugs I accidently put into the syn code at the last minute
(yes I had tested the hell out of this).

I've also temporarily disabled the code so that it behaves as it previously
did (tail drop's the syns) pending discussion with fenner about some socket
state flags that I don't fully understand.

Submitted by:	fenner
1996-10-11 19:26:42 +00:00
Garrett Wollman
5893891624 All three files: make COMPAT_IPFW==0 case work again.
ip_input.c:
	- delete some dusty code
	- _IP_VHL
	- use fast inline header checksum when possible
1996-10-07 19:21:46 +00:00
David Greenman
6d6a026b47 Improved in_pcblookuphash() to support wildcarding, and changed relavent
callers of it to take advantage of this. This reduces new connection
request overhead in the face of a large number of PCBs in the system.
Thanks to David Filo <filo@yahoo.com> for suggesting this and providing
a sample implementation (which wasn't used, but showed that it could be
done).

Reviewed by:	wollman
1996-10-07 19:06:12 +00:00
Paul Traina
ebb0cbea75 Increase robustness of FreeBSD against high-rate connection attempt
denial of service attacks.

Reviewed by:	bde,wollman,olah
Inspired by:	vjs@sgi.com
1996-10-07 04:32:42 +00:00
Paul Traina
12eafeb016 I don't understand, I committed this fix (move a counter and fixed a typo)
this evening.

I think I'm going insane.
1996-09-21 06:39:20 +00:00
Andrey A. Chernov
96d719e6e0 Syntax error: so_incom -> so_incomp 1996-09-21 06:30:06 +00:00
Paul Traina
4195b4af58 If the incomplete listen queue for a given socket is full,
drop the oldest entry in the queue.

There was a fair bit of discussion as to whether or not the
proper action is to drop a random entry in the queue.  It's
my conclusion that a random drop is better than a head drop,
however profiling this section of code (done by John Capo)
shows that a head-drop results in a significant performance
increase.

There are scenarios where a random drop is more appropriate.
If I find one in reality, I'll add the random drop code under
a conditional.

Obtained from: discussions and code done by Vernon Schryver (vjs@sgi.com).
1996-09-20 21:25:18 +00:00
Paul Traina
9c4b2574d4 Handle ICMP codes defined in RFC1812 more appropriately 1996-09-20 08:23:54 +00:00
Paul Traina
561c2ad31c Move TCPCTL_KEEPINIT to end of MIB list (sigh) 1996-09-13 23:54:03 +00:00
Paul Traina
7b40aa327d Make the misnamed tcp initial keepalive timer value (which is really the
time, in seconds, that state for non-established TCP sessions stays about)
a sysctl modifyable variable.

[part 1 of two commits, I just realized I can't play with the indices as
 I was typing this commit message.]
1996-09-13 23:51:44 +00:00
Paul Traina
7ff19458de Receipt of two SYN's are sufficient to set the t_timer[TCPT_KEEP]
to "keepidle".  this should not occur unless the connection has
been established via the 3-way handshake which requires an ACK

Submitted by:	jmb
Obtained from:	problem discussed in Stevens vol. 3
1996-09-13 18:47:03 +00:00
Garrett Wollman
f87313106d Set subnetsarelocal to false. In a classless world, the other case
is almost never useful.  (This is only a quick hack; someone should
go back and delete the entire subnetsarelocal==1 code path.)
1996-09-09 20:17:24 +00:00
David Greenman
e7c819442a Dequeue mbuf before freeing it. Fixes mbuf leak and a potential crash when
handling IP fragments.

Submitted by:	Darren Reed <avalon@coombs.anu.edu.au>
1996-09-08 13:45:49 +00:00
Alexander Langer
80afcdeef5 Fix the visibility of the sysctl variables.
Submitted by:	phk
1996-08-31 21:05:20 +00:00
Søren Schmidt
8f52c18724 Oops, send the operation type, not the name to the NAT code... 1996-08-27 20:52:27 +00:00
Poul-Henning Kamp
321a284625 Mark sockets where the kernel chose the port# for.
This can be used by netstat to behave more intelligently.
1996-08-23 18:59:07 +00:00
Søren Schmidt
fed1c7e9e4 Add hooks for an IP NAT module, much like the firewall stuff...
Move the sockopt definitions for the firewall code from
ip_fw.h to in.h where it belongs.
1996-08-21 21:37:07 +00:00
Bill Fenner
e329301e65 Add #define's for RFC1716/RFC1812 new ICMP UNREACHABLE types.
Obtained from:	LBL's tcpdump distribution
1996-08-20 23:11:30 +00:00
Paul Traina
cc98643e68 Completely rewrite handling of protocol field for firewalls, things are
now completely consistent across all IP protocols and should be quite a
bit faster.

Discussed with: fenner & alex
1996-08-13 19:43:41 +00:00
Peter Wemm
bbd42ad0e5 Add two more portrange sysctls, which control the area of the below
IPPORT_RESERVED that is used for selection when bind() is told to allocate
a reserved port.

Also, implement simple sanity checking for all the addresses set, to make
it a little harder for a user/sysadmin to shoot themselves in the feet.
1996-08-12 14:05:54 +00:00
Poul-Henning Kamp
26a8b0bf7e Megacommit to straigthen out ETHER_ mess.
I'm pretty convinced after looking at this that the majority of our
drivers are confused about the in/exclusion of ETHER_CRC_LEN :-(
1996-08-06 21:14:36 +00:00
Alexander Langer
71c011477f Filter by IP protocol.
Submitted by: fenner (with modifications by me)

Use a common prefix string for all warning messages generated during
ip_fw_ctl.
1996-08-05 02:35:04 +00:00
Garrett Wollman
5e2d069649 Eliminate some more references to separate ip_v and ip_hl fields. 1996-07-24 18:46:19 +00:00
Alexander Langer
c616bf2a71 Removed extraneous return. 1996-07-20 00:16:20 +00:00
Alexander Langer
889fe95791 Switch back to logging accepted packets with the text "Allow" instead
of "Accept"
1996-07-14 21:12:52 +00:00
David Greenman
af7a299930 Fixed two bugs in previous commit: be sure to include tcp_debug.h when
TCPDEBUG is defined, and fix typo in TCPDEBUG2() macro.
1996-07-12 17:28:47 +00:00
Bill Fenner
32bd8943f8 Fix braino in rev 1.30 fix; m_copy() the mbuf that has the header
pulled up already.  This bug can cause the first packet from a source
to a group to be corrupted when it is delivered to a process listening
on the mrouter.
1996-07-12 17:22:32 +00:00
Bruce Evans
6ab46d52a5 Don't use NULL in non-pointer contexts. 1996-07-12 04:12:25 +00:00
Garrett Wollman
2c37256e5a Modify the kernel to use the new pr_usrreqs interface rather than the old
pr_usrreq mechanism which was poorly designed and error-prone.  This
commit renames pr_usrreq to pr_ousrreq so that old code which depended on it
would break in an obvious manner.  This commit also implements the new
interface for TCP, although the old function is left as an example
(#ifdef'ed out).  This commit ALSO fixes a longstanding bug in the
TCP timer processing (introduced by davidg on 1995/04/12) which caused
timer processing on a TCB to always stop after a single timer had
expired (because it misinterpreted the return value from tcp_usrreq()
to indicate that the TCB had been deleted).  Finally, some code
related to polling has been deleted from if.c because it is not
relevant t -current and doesn't look at all like my current code.
1996-07-11 16:32:50 +00:00
Julian Elischer
93e0e11657 Adding changes to ipfw and the kernel to support ip packet diversion..
This stuff should not be too destructive if the IPDIVERT is not compiled in..
 be aware that this changes the size of the ip_fw struct
so ipfw needs to be recompiled to use it.. more changes coming to clean this up.
1996-07-10 19:44:30 +00:00
Nate Williams
bce2d3379e Functionality for IPFIREWALL_VERBOSE logging:
- State when we've reached the limit on a particular rule in the kernel logfile
- State when a rule or all rules have been zero'd.

This gives a log of all actions that occur w/regard to the firewall
occurances, and can explain why a particular break-in attempt might not
get logged due to the limit being reached.

Reviewed by:	alex
1996-07-09 20:49:38 +00:00
Alexander Langer
32fb6c089b Reject rules which try to mix ports with incompatible protocols. 1996-06-29 03:33:20 +00:00
Alexander Langer
830b0d3039 Allow fragment checking to work with specific protocols.
Reviewed by:	phk

Reject the addition of rules that will never match (for example,
1.2.3.4:255.255.255.0).  User level utilities specify the policy by either
masking the IP address for the user (as ipfw(8) does) or rejecting the
entry with an error.  In either case, the kernel should not modify chain
entries to make them work.
1996-06-25 00:22:20 +00:00
Bruce Evans
7472e2e0f8 Use IPFIREWALL_MODULE instead of ACTUALLY_LKM_NOT_KERNEL to indicate
LKM'ness.  ACTUALLY_LKM_NOT_KERNEL is supposed to be so ugly that it
only gets used until <machine/conf.h> goes away.  bsd.kmod.mk should
define a better-named general macro for this.  Some places use
PSEUDO_LKM.  This is another bad name.

Makefile:
Added IPFIREWALL_VERBOSE_LIMIT option (commented out).
1996-06-23 14:28:02 +00:00
Peter Wemm
51a109a174 Set the rmx.rmx_expire to 0 when creating fake ethernet addresses for the
broadcast and multicast routes, otherwise they will be expired by
arptimeout after a few minutes, reverting to " (incomplete)". This makes
the work done by rev 1.27 stay around until the route itself is deleted.
This is mainly cosmetic for 'arp' and 'netstat -r'.
1996-06-21 21:45:58 +00:00
Bill Fenner
94334d8fc4 Use the route that's guaranteed to exist when picking a source address
for ARP requests.

The NetBSD version of this patch (see NetBSD PR kern/2381) has this change
already.  This should close our PR kern/1140 .

Although it's not quite what he submitted, I got the idea from him so
Submitted by:	Jin Guojun <jin@george.lbl.gov>
1996-06-20 22:53:08 +00:00
Bill Fenner
d7e74838d6 Remove one last rip_output from inetsw (gpalmer missed it in rev 1.30) 1996-06-20 17:52:32 +00:00
Nate Williams
17040b78cd Put the 'debug' messages of the type:
/kernel: in_rtqtimo: adjusted rtq_reallyold to 1066
  /kernel: in_rtqtimo: adjusted rtq_reallyold to 710
inside of #ifdef DIAGNOSTIC to avoid the support questions from folks
asking what this means.
1996-06-20 15:41:23 +00:00
Alexander Langer
6875d5c1b3 Fix chain numbering bug when the highest line number installed >= 65435
and the rule being added has no explicit line number set.

Submitted by:	Archie Cobbs <archie@whistle.com>
1996-06-17 00:00:35 +00:00
Garrett Wollman
51fb392203 Better selection of initial retransmit timeout when no cached
RTT information is available.

Submitted by: kbracey@art.acorn.co.uk (Kevin Bracey)
(slightly modified by me)
1996-06-14 17:17:32 +00:00
Gary Palmer
5d2541dab0 Don't try to include opt_ipfw.h in LKMs
Submitted by:	Ollivier Robert <roberto@keltia.freenix.fr>
1996-06-13 17:35:28 +00:00
David Greenman
34bed8b0ee Keep ether_type in network order for BPF to be consistent with other
systems.

Submitted by:	Ted Lemon, Matt Thomas, and others. Retrofitted for
		-current by me.
1996-06-13 02:54:19 +00:00