Commit Graph

692 Commits

Author SHA1 Message Date
Brian Somers
bbdecb957c Add a new TUNSIFPID ioctl to update the tun_pid (recorded in
tunopen) with the current pid.
2000-01-21 00:31:43 +00:00
Poul-Henning Kamp
eba2a1aeb9 |The hard limit for the BPF buffer size is 32KB, which appears too low
|for high speed networks (even at 100Mbit/s this corresponds to 1/300th
|of a second). The default buffer size is 4KB, but libpcap and ipfilter
|both override this (using the BIOCSBLEN ioctl) and allocate 32KB.
|
|The following patch adds an sysctl for bpf_maxbufsize, similar to the
|one for bpf_bufsize that you added back in December 1995. I choose to
|make the default for this limit 512KB (the value suggested by NFR).

Submitted by:	se
Reviewed by:	phk
2000-01-15 19:46:12 +00:00
Yoshinobu Inoue
66810dd0c3 Clear ro->ro_rt just after RTFREE().
Pleases let me make sure that no one touch the invalid ro_rt pointer,
  after splx(s) and before next ro_rt initialization.
  Though usually this seems to be already called at splnet,
  I still sometime experience kernel crash at rtfree() in my
  INET6 enabled environment where IPv6 connection is frequently used.
  (Off-course, it might be just due to another bug.)
2000-01-15 07:27:12 +00:00
Yoshinobu Inoue
b540203735 cosmetic change: sort function prototypes
Specified by: bde
2000-01-15 05:06:14 +00:00
Yoshinobu Inoue
c3a5e52033 -K&R fix for some prototype declaration
-fix some comments for #endif to match them with their #ifndef

Submitted by: bde
2000-01-15 04:57:12 +00:00
Bill Paul
a0067d7b89 Attempt to fix a problem with receiving packets on USB ethernet interfaces.
Packets are received inside USB bulk transfer callbacks, which run at
splusb() (actually splbio()). The packet input queues are meant to be
manipulated at splimp(). However the locking apparently breaks down under
certain circumstances and the input queues can get trampled.

There's a similar problem with if_ppp, which is driven by hardware/tty
interrupts from the serial driver, but which must also manipulate the
packet input queues at splimp(). The fix there is to use a netisr, and
that's the fix I used here. (I can hear you groaning back there. Hush up.)

The usb_ethersubr module maintains a single queue of its own. When a
packet is received in the USB callback routine, it's placed on this
queue with usb_ether_input(). This routine also schedules a soft net
interrupt with schednetisr(). The ISR routine then runs later, at
splnet, outside of the USB callback/interrupt context, and passes the
packet to ether_input(), hopefully in a safe manner.

The reason this is implemented as a separate module is that there are
a limited number of NETISRs that we can use, and snarfing one up for
each driver that needs it is wasteful (there will be three once I get
the CATC driver done). It also reduces code duplication to a certain
small extent. Unfortunately, it also needs to be linked in with the
usb.ko module in order for the USB ethernet drivers to share it.

Also removed some uneeded includes from if_aue.c and if_kue.c

Fix suggested by: peter
Not rejected as a hairbrained idea by: n_hibma
2000-01-10 23:12:54 +00:00
Yoshinobu Inoue
d664bbb749 Remove BROADCAST flag from faith interface,
-it not seems to be necessary
 -to avoid dhcp messages or something like that sent to faith interface

The problem reported by: Jim Bloom <bloom@acm.org>
2000-01-09 04:35:39 +00:00
Yoshinobu Inoue
0d0f9d1ed6 Prevent kernel panic at ifconfig up after Note PC resume.
Submitted by: imp, kuriyama
Reviewed by: imp
1999-12-30 18:29:55 +00:00
Peter Wemm
664a31e496 Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL"
is an application space macro and the applications are supposed to be free
to use it as they please (but cannot).  This is consistant with the other
BSD's who made this change quite some time ago.  More commits to come.
1999-12-29 04:46:21 +00:00
Ruslan Ermilov
920eb79f55 Make cloning mask sockaddr (genmask) possible.
PR:		kern/3061
Reviewed by:	wollman
1999-12-28 08:38:01 +00:00
Yoshinobu Inoue
6a800098cc IPSEC support in the kernel.
pr_input() routines prototype is also changed to support IPSEC and IPV6
chained protocol headers.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-12-22 19:13:38 +00:00
Brian Feldman
d25f3712b7 M_PREPEND-related cleanups (unregisterifying struct mbuf *s). 1999-12-19 01:55:37 +00:00
Brian Feldman
ee1dd7c481 Fix a broken macro usage. It had no semicolon.
Noticed by:	eivind
1999-12-18 23:26:26 +00:00
Warner Losh
5500d3bedf Two more fixes to if_detach. These are generic to all interfaces and
do not pollute the interface further.

o Run if_detach at splnet().
o Creatively swipe the relevant parts of the netatm atm_nif_detach
  which will delete the relevant references to the interface going
  away.
1999-12-17 06:46:07 +00:00
Boris Popov
4f93599fba Bring up an if_ef driver which allows support for four ethernet
frame types. Currently it supports only IPX protocol and doesn't
affect existing functionality when not loaded.

Reviewed by:	Ollivier Robert <roberto@keltia.freenix.fr>
1999-12-13 16:24:22 +00:00
Boris Popov
8b7805e44e Allow ifunit() routine to understand names like ed0f2. Also
fix a bug caused by using bcmp() instead of strcmp().

Reviewed by:	Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
1999-12-13 15:57:11 +00:00
Jordan K. Hubbard
c0230c1b3d The current code incorrectly assumes that all vlans
are configured, and/or associated with a parent device.  If you
receive a frame for a VLAN that's not in the list, you walk off
the end of the list.  Boom.

Submitted by:	C. Stephen Gunn <csg@waterspout.com>
PR:		15291
1999-12-13 01:57:00 +00:00
Jordan K. Hubbard
ae290324a4 sys/net/if_vlan.c fails to maintain the IFF_RUNNING flag on the
vlan interfaces it manages.  This prevents the interface from
actually sending or receiving data.

Submitted by:	C. Stephen Gunn <csg@waterspout.com>
PR:		15290
1999-12-13 01:38:14 +00:00
Warner Losh
aa6be122fd Add some gross ad-hock hacks to increase stability of if_detach:
o be more careful about clearing addresses (this isn't a kludge)
o For AF_INET interfaces, call SIOCDIFFADDR to remove last(?) bit
  of cruft.

Special cases for AF_INET shouldn't be here, but I didn't see a good
generic way of doing this.  If I missed something, please let me know.

This gross hack makes pccard ejection stable for ethernet cards.

Submitted by: Atushi Onoe-san
1999-12-10 16:31:25 +00:00
John Polstra
68f956b85e Fix a route table leak in rtalloc() and rtalloc_ign(). It is
possible for ro->ro_rt to be non-NULL even though the RTF_UP flag
is cleared.  (Example: a routing daemon or the "route" command
deletes a cloned route in active use by a TCP connection.)  In that
case, the code was clobbering a reference to the routing table
entry without decrementing the entry's reference count.

The splnet() call probably isn't needed, but I haven't been able
to prove that yet.  It isn't significant from a performance standpoint
since it is executed very rarely.

Reviewed by:	wollman and others in the freebsd-current mailing list
1999-12-09 17:09:37 +00:00
Yoshinobu Inoue
ae5bcbff16 rtcalloc() is removed because it turned out not to be necessary for FreeBSD.
(It was added as a part of KAME patch)

Specified by: jdp@polstra.com
1999-12-09 08:56:50 +00:00
Yoshinobu Inoue
cfa1ca9dfa udp IPv6 support, IPv6/IPv4 tunneling support in kernel,
packet divert at kernel for IPv6/IPv4 translater daemon

This includes queue related patch submitted by jburkhol@home.com.

Submitted by: queue related patch from jburkhol@home.com
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-12-07 17:39:16 +00:00
Julian Elischer
1f8ffa4bca Make the stub routines have the same prototypes as the real bpf
routines.
1999-12-03 09:59:02 +00:00
Archie Cobbs
dcb129d597 Add 'const' to the bpf_filter() and bpf_validate() prototypes.
Remove a stale comment from bpf_validate().
1999-12-02 19:36:05 +00:00
Archie Cobbs
f8307e1233 Add two new generic control messages, NGM_ASCII2BINARY and
NGM_BINARY2ASCII, which convert control messages to ASCII and back.
This allows control messages to be sent and received in ASCII form
using ngctl(8), which makes ngctl a lot more useful.

This also allows all the type-specific debugging code in libnetgraph
to go away -- instead, we just ask the node itself to do the ASCII
translation for us.

Currently, all generic control messages are supported, as well as
messages associated with the following node types: async, cisco,
ksocket, and ppp.

See /usr/share/examples/netgraph/ngctl for an example of using this.

Also give ngctl(8) the ability to print out incoming data and
control messages at any time.  Eventually nghook(8) may be subsumed.

Several other misc. bug fixes.

Reviewed by:	julian
1999-11-30 02:45:32 +00:00
Julian Elischer
62811dad5a Expand the field width for subtypes. We had already overflowed it
by 2 with people just adding numbers on the end of the ethernet subtypes.
We now have an additional 14 subtypes available in ethernet.
Use one of them immediatly for homePNA.

Reviewed by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
1999-11-24 02:40:12 +00:00
Brian Somers
a86ab8174f Only emit the ``wrong ifa'' message if the matching interface
is neither IFF_LOOPBACK or IFF_POINTOPOINT.  It's quite common
(and probably more correct) to route local IP numbers via lo0
and it makes configuration easier to assign the hostname address
to local POINTOPOINT links too.

This message usually remains hidden because the loopback interface
gets the highest interface number at boot time, but when the
ethernet interface is added later, the message can get pretty
annoying.

Also, fix a typo.

Not objected to by: freebsd-net
1999-11-23 22:30:01 +00:00
Yoshinobu Inoue
82cd038d51 KAME netinet6 basic part(no IPsec,no V6 Multicast Forwarding, no UDP/TCP
for IPv6 yet)

With this patch, you can assigne IPv6 addr automatically, and can reply to
IPv6 ping.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-11-22 02:45:11 +00:00
Archie Cobbs
da8c951da4 Add some more comments to the sl_compress_tcp() function. 1999-11-15 20:17:04 +00:00
Julian Elischer
ecf33d87b2 YUCK!
m_prepend doesn't fix m_pkthdr.len, use M_PREPEND instead, which does..
(Netgraph only)
1999-11-15 03:49:35 +00:00
Julian Elischer
2b75f79579 Fix screwup on synthesising incoming ethernet header in Netgraph mode.
Submitted by: brian@freebsd.org
1999-11-14 10:16:40 +00:00
Poul-Henning Kamp
422fd76f84 Set the queue length. 1999-11-12 19:30:08 +00:00
Julian Elischer
e03b02a346 Oops forgot to put the source MAC address on outgoing packets! 1999-11-11 22:23:58 +00:00
Yoshinobu Inoue
76429de41a KAME related header files additions and merges.
(only those which don't affect c source files so much)

Reviewed by: cvs-committers
Obtained from: KAME project
1999-11-05 14:41:39 +00:00
Archie Cobbs
1dd0feaaab Fix bug in BIOCGETIF ioctl() where it would return a bogus interface
name if the interface unit number was greater than 9.
1999-11-03 21:32:28 +00:00
Julian Elischer
ae5a83bcb5 Use typedefs for node methods. 1999-11-01 10:18:36 +00:00
Joerg Wunsch
83cc7ae865 When getting a RCN event in state ACK_RCVD, RFC 1661 demands that we
go to REQ_SENT (and we probably should also log this since it should
only happen in a cross-linked connection).

Submitted by:	Mark Tinguely <tinguely@plains.NoDak.edu>
1999-10-29 17:57:42 +00:00
Archie Cobbs
3893348e48 Add a comment before sl_compress_tcp() regarding mbuf assumptions. 1999-10-29 17:00:18 +00:00
Ruslan Ermilov
273e9b94a1 Re-allocate cblocks after changing the slip unit number. 1999-10-28 16:04:59 +00:00
Julian Elischer
021823c35c Minor hack in the netgraph interface to ethernets. 1999-10-26 11:40:23 +00:00
Julian Elischer
4cf49a4355 Whistle's Netgraph link-layer (sometimes more) networking infrastructure.
Been in production for 3 years now. Gives Instant Frame relay to if_sr
and if_ar drivers, and PPPOE support soon. See:
ftp://ftp.whistle.com/pub/archie/netgraph/index.html
for on-line manual pages.

Reviewed by: Doug Rabson (dfr@freebsd.org)
Obtained from:  Whistle CVS tree
1999-10-21 09:06:11 +00:00
Mike Smith
114ae644b5 Implement pseudo_AF_HDRCMPLT, which controls the state of the 'header
completion' flag.  If set, the interface output routine will assume that
the packet already has a valid link-level source address.  This defaults
to off (the address is overwritten)

PR:		kern/10680
Submitted by:	"Christopher N . Harrell" <cnh@mindspring.net>
Obtained from:	NetBSD
1999-10-15 05:07:00 +00:00
Peter Wemm
d42da05b12 Zap #include "tun.h" (for NTUN) - which isn't used anymore. 1999-09-27 00:55:29 +00:00
Peter Wemm
18e2e348fb Minor tidy up of PPP_FILTER and NBPF stuff. Don't generate bpf.h in the
module and don't #include "bpf.h".
1999-09-26 18:44:29 +00:00
Poul-Henning Kamp
d6a0e38a1b Remove five now unused fields from struct cdevsw. They should never
have been there in the first place.  A GENERIC kernel shrinks almost 1k.

Add a slightly different safetybelt under nostop for tty drivers.

Add some missing FreeBSD tags
1999-09-25 18:24:47 +00:00
Poul-Henning Kamp
ae8e1d08d7 This patch clears the way for removing a number of tty related
fields in struct cdevsw:

        d_stop          moved to struct tty.
        d_reset         already unused.
        d_devtotty      linkage now provided by dev_t->si_tty.

These fields will be removed from struct cdevsw together with
d_params and d_maxio Real Soon Now.

The changes in this patch consist of:

        initialize dev->si_tty in *_open()
        initialize tty->t_stop
        remove devtotty functions
        rename ttpoll to ttypoll
        a few adjustments to these changes in the generic code
        a bump of __FreeBSD_version
        add a couple of FreeBSD tags
1999-09-25 16:21:39 +00:00
Poul-Henning Kamp
46783fb897 Remove NBPF conditionality of bpf calls in most of our network drivers.
This means that we will not have to have a bpf and a non-bpf version
of our driver modules.

This does not open any security hole, because the bpf core isn't loadable

The drivers left unchanged are the "cross platform" drivers where the respective
maintainers are urged to DTRT, whatever that may be.

Add a couple of missing FreeBSD tags.
1999-09-25 12:06:01 +00:00
Ruslan Ermilov
24e9bc7fca Don't call if_up() here, just set IFF_UP.
PR:		12251
Reviewed by:	wollman
1999-09-14 01:17:30 +00:00
Ruslan Ermilov
97998e86db Add comments, fix typos.
Reviewed by:	wollman
1999-09-14 00:33:23 +00:00
Nick Sayer
39aca5c05e Fix kernel compile with BRIDGE, but without DUMMYNET 1999-09-11 18:54:41 +00:00
Sheldon Hearn
cd9e4cab46 For every "promiscuous mode enabled" message printed for an interface,
print a matching "disabled" message when we drop out of promiscuous
mode for that interface.

Discussed on the freebsd-hackers mailing list.
1999-08-30 11:55:30 +00:00
Peter Wemm
c3aac50f28 $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
Peter Wemm
2bb0e3300a Hopefully make IFMEDIA_DEBUG compile. if_xname[] is a NetBSD addition,
we need if_name, if_unit.  (maybe we should pick up if_xname[] ?)

Pointed out by: jkb@yahoo-inc.com
1999-08-18 13:13:01 +00:00
Poul-Henning Kamp
c6ba8fec16 Give if_tun the "almost clone" makeover. 1999-08-15 09:54:57 +00:00
Poul-Henning Kamp
bd3a53203f Give BPF the "almost-clone" update. If you need more of them, make
more entries in /dev and be happy you don't need to recompile your
kernel.
1999-08-15 09:38:21 +00:00
Brian Somers
a18e16060e Back out redundant check, and remove the MAXMTU comparison as it's
outside of the (bogus) tuninfo mtu range.
Pointed out by: bde
1999-08-06 16:52:04 +00:00
Brian Somers
5abb82ea11 Back out redundant checks
Pointed out by: bde
1999-08-06 16:46:29 +00:00
Brian Somers
aab3beeede Define IF_MAXMTU and IF_MINMTU and don't allow MTUs with
out-of-range values.

``comparison is always 0'' warnings are silly !

Ok'd by:	wollman, dg
Advised by:	bde
1999-08-06 13:53:03 +00:00
Brian Somers
3145c58d33 Don't complain if 0 bytes are written to the tun device, simply
do nothing.
1999-07-26 12:11:10 +00:00
John-Mark Gurney
37735ca6ea fix a problem w/ zero byte writes to the tunnel device. It would bypass
the loop and not set an error, so we would then try to access an invalid
mbuf...

PR:		12780
Submitted by:	bright@rush.net aka zb^3

a new record in length a pr was open... only about a half hour...
1999-07-23 20:08:27 +00:00
Dag-Erling Smørgrav
6b5ca0d83e Rename bpfilter to bpf. 1999-07-06 19:23:32 +00:00
Bruce Evans
712020a15a Fixed English errors, spelling errors and formatting errors in rev.1.51
and rev.1.53.
1999-07-05 12:00:05 +00:00
Bruce Evans
edff69904f Quick fix for breakage of bounds checking in rev.1.12. Only one
of the additional checks in rev.1.12 was wrong.  The others are a
bit inconsistent and are probably unnecessarily pessimal.  Checking
for overflow of addition, if necessary at all, should be done in
bpf_validate().

PR:	12484
1999-07-04 08:07:35 +00:00
Peter Wemm
e916dd0f12 Fix a printf int/long problem on the Alpha 1999-07-01 22:14:51 +00:00
Peter Wemm
5cda71067d Fix two easy warnings when using BRIDGE without IPFIREWALL. 1999-07-01 15:07:08 +00:00
Mike Smith
64e41ba7c8 Increase the size of the route reference count from 15 bits to 31 bits.
This doesn't change the size or alignment of the structure on either i386
or Alpha, and thus should be binary-compatible (modulo problems with old
applications and routes with more than 2^15 references).

Reviewed by:	peter
1999-06-30 23:11:15 +00:00
Pierre Beyssac
cce2eb6a97 Never return the root node itself from rn_match(); return NULL instead.
This caused a panic in rtfreee() called with a root node from the
routing socket code (when processing a RTM_GET message looking for
the default route while there is none).

Since no existing code seems to have any use getting the root node
from rn_match(), it seems cleaner never to return it rather than
check for this condition at the caller's.

PR:		kern/12265
1999-06-25 13:43:30 +00:00
Poul-Henning Kamp
413dd0ba39 Add a new interface ioctl, to return "aux status".
This is inteded for to allow ifconfig to print various unstructured
information from an interface.

The data is returned from the kernel in ASCII form, see the comment in
if.h for some technicalities.

Canonical cut&paste example to be found in if_tun.c

Initial use:
        Now tun* interfaces tell the PID of the process which opened them.

Future uses could be (volounteers welcome!):
        Have ppp/slip interfaces tell which tty they use.
        Make sync interfaces return their media state: red/yellow/blue
        alarm, timeslot assignment and so on.
        Make ethernets warn about missing heartbeats and/or cables
1999-06-19 18:42:31 +00:00
Poul-Henning Kamp
2f55ead758 typo in previous commit 1999-06-06 09:28:01 +00:00
Poul-Henning Kamp
cf4b937128 Introduce IFF_SMART bit.
This means that the driver will add/delete routes when it knows it is
up/down, rather than have the generic code belive it is up if configured.

This is probably most useful for serial lines, although many PHY chips
could probably tell us if we're connected to the cable/hub as well.
1999-06-06 09:17:51 +00:00
Poul-Henning Kamp
2447bec829 Simplify cdevsw registration.
The cdevsw_add() function now finds the major number(s) in the
struct cdevsw passed to it.  cdevsw_add_generic() is no longer
needed, cdevsw_add() does the same thing.

cdevsw_add() will print an message if the d_maj field looks bogus.

Remove nblkdev and nchrdev variables.  Most places they were used
bogusly.  Instead check a dev_t for validity by seeing if devsw()
or bdevsw() returns NULL.

Move bdevsw() and devsw() functions to kern/kern_conf.c

Bump __FreeBSD_version to 400006

This commit removes:
        72 bogus makedev() calls
        26 bogus SYSINIT functions

if_xe.c bogusly accessed cdevsw[], author/maintainer please fix.

I4b and vinum not changed.  Patches emailed to authors.  LINT
probably broken until they catch up.
1999-05-31 11:29:30 +00:00
Poul-Henning Kamp
4e2f199e0c This commit should be a extensive NO-OP:
Reformat and initialize correctly all "struct cdevsw".

        Initialize the d_maj and d_bmaj fields.

        The d_reset field was not removed, although it is never used.

I used a program to do most of this, so all the files now use the
same consistent format.  Please keep it that way.

Vinum and i4b not modified, patches emailed to respective authors.
1999-05-30 16:53:49 +00:00
Brian Somers
42c4682dd9 In tunclose():
Delete all routes if IFF_RUNNING is set, irrespective of IFF_UP
  Unset IFF_RUNNING.
1999-05-27 13:18:28 +00:00
Pierre Beyssac
e3c1388bba PR: kern/10570
Submitted by:	adrian@freebsd.org

Change reference count in struct ifaddr to a u_int, to be able
to handle more than 2^16 routes to the same interface.

Fix suggested by Andrew Bangs <andrewb@demon.net> in PR kern/10570.
Tested by <adrian@freebsd.org> and me under -current.
1999-05-16 17:09:20 +00:00
Kenjiro Cho
0ce8bd9571 clean up en atm driver
o fix DDB support
   - include "opt_ddb.h"
   - fix Debugger() arg
   pointed out by bde

 o back out pvc shadow interface support
   - it is currently not used
   - to make it easier to merge another implementation

 o misc minor cleanup
1999-05-08 14:23:40 +00:00
Poul-Henning Kamp
cb40a67f2b Fix some disordering I introduced with the jail code. 1999-05-08 07:00:04 +00:00
Poul-Henning Kamp
4be2eb8c49 I got tired of seeing all the cdevsw[major(foo)] all over the place.
Made a new (inline) function devsw(dev_t dev) and substituted it.

Changed to the BDEV variant to this format as well: bdevsw(dev_t dev)

DEVFS will eventually benefit from this change too.
1999-05-08 06:40:31 +00:00
Peter Wemm
dfd5dee1b0 Add sufficient braces to keep egcs happy about potentially ambiguous
if/else nesting.
1999-05-06 18:13:11 +00:00
Luigi Rizzo
eaa726bed6 Free the dummynet descriptor in ip_dummynet, not in the called
routines. The descriptor contains parameters which could be used
within those routines (eg. ip_output() ).

On passing, add IPPROTO_PGM entry to netinet/in.h
1999-05-04 16:20:33 +00:00
Luoqi Chen
cb64988f42 Postpone route_init() until all domains are attached. 1999-04-29 03:22:19 +00:00
Poul-Henning Kamp
75c1354190 This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing.  The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.

For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact:  "real virtual servers".

Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.

Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.

It generally does what one would expect, but setting up a jail
still takes a little knowledge.

A few notes:

   I have no scripts for setting up a jail, don't ask me for them.

   The IP number should be an alias on one of the interfaces.

   mount a /proc in each jail, it will make ps more useable.

   /proc/<pid>/status tells the hostname of the prison for
   jailed processes.

   Quotas are only sensible if you have a mountpoint per prison.

   There are no privisions for stopping resource-hogging.

   Some "#ifdef INET" and similar may be missing (send patches!)

If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!

Tools, comments, patches & documentation most welcome.

Have fun...

Sponsored by:   http://www.rndassociates.com/
Run for almost a year by:       http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
Mike Smith
f8dc47162a Allow loadable interface drivers with BPF support to be loaded into a kernel
that doesn't have it.  This is achieved by having minimal do-nothing stubs
enabled when there are no bpfilter devices configured.

Driver modules should be built with BPF enabled for maximum
convenience (but can be built without it for maximum performance).
1999-04-28 01:18:13 +00:00
Poul-Henning Kamp
f711d546d2 Suser() simplification:
1:
  s/suser/suser_xxx/

2:
  Add new function: suser(struct proc *), prototyped in <sys/proc.h>.

3:
  s/suser_xxx(\([a-zA-Z0-9_]*\)->p_ucred, \&\1->p_acflag)/suser(\1)/

The remaining suser_xxx() calls will be scrutinized and dealt with
later.

There may be some unneeded #include <sys/cred.h>, but they are left
as an exercise for Bruce.

More changes to the suser() API will come along with the "jail" code.
1999-04-27 11:18:52 +00:00
Peter Wemm
e306e8ea66 Temporary hack. The radix code shouldn't need this, it should be
able to expand the zeros, ones etc masks on the fly.  It seems a good
number of domains don't set the rn_maxkey variable anyway, and because
this is a domain itself, there is no guarantee we've been called after
a protocol that actually has set it (ie: inet), so start with a maxkey
of a relatively sane size as a base point until it can adapt on the fly.
1999-04-26 09:05:31 +00:00
Peter Wemm
8ba5bdae2a Protect the ifinit() function's internals with splimp() for safety since
it used to be that way. I'm not sure that it's needed, but it does
walk the ifp list..

Incidently, there's nothing to sanity check the ifq_maxlen on loaded
interfaces..
1999-04-26 09:02:40 +00:00
Peter Wemm
61a6c2e81d Minor seatbelt tweak. The init code used to be splimp() protected,
maintain that in case.
1999-04-26 09:00:47 +00:00
Peter Wemm
2ef43b0971 Make NETISR_SET use a SYSINIT() rather than a linker set. 1999-04-26 08:52:16 +00:00
Peter Wemm
2cbbaa27c7 Fix my breakage of BRIDGE compiling option without IPFIREWALL..
(Note that if you have bridge compiled in and then kldload ipfw, bridge
 won't automatically use it - knowledge of ipfw/dummynet is compiled in)
1999-04-21 18:23:00 +00:00
Peter Wemm
66e55756b5 Tidy up some stray / unused stuff in the IPFW package and friends.
- unifdef -DCOMPAT_IPFW  (this was on by default already)
- remove traces of in-kernel ip_nat package, it was never committed.
- Make IPFW and DUMMYNET initialize themselves rather than depend on
  compiled-in hooks in ip_init().  This means they initialize the same
  way both in-kernel and as kld modules.  (IPFW initializes now :-)
1999-04-20 13:32:06 +00:00
Peter Wemm
6182fdbda8 Bring the 'new-bus' to the i386. This extensively changes the way the
i386 platform boots, it is no longer ISA-centric, and is fully dynamic.
Most old drivers compile and run without modification via 'compatability
shims' to enable a smoother transition.  eisa, isapnp and pccard* are
not yet using the new resource manager.  Once fully converted, all drivers
will be loadable, including PCI and ISA.

(Some other changes appear to have snuck in, including a port of Soren's
 ATA driver to the Alpha.  Soren, back this out if you need to.)

This is a checkpoint of work-in-progress, but is quite functional.

The bulk of the work was done over the last few years by Doug Rabson and
Garrett Wollman.

Approved by:	core
1999-04-16 21:22:55 +00:00
Eivind Eklund
d108ff0b76 Break long lines that I introduced in a previous commit. 1999-04-11 02:52:31 +00:00
Bill Paul
4a408dcb9e Add missing SYSCTL_DECL(_net_link); required by newer sysctl implementation.
Noticed by: Matthew Dodd <winter@jurai.net>
1999-04-07 23:26:43 +00:00
John Polstra
182d6068cd Add a missing declaration that broke the compilation of this file. 1999-04-03 22:36:56 +00:00
Nick Sayer
cd965a7436 Merge from RELENG_2_2, per luigi. Fixes the ntoh?() issue for the
firewall code when called from the bridge code.

PR:		10818
Submitted by:	nsayer
Obtained from:	luigi
1999-03-30 23:45:14 +00:00
Poul-Henning Kamp
da3b4fb7ee rganize the various modes (CISCO/AUTO/DEMAND/LEASED) a little bit better,
centralize the code.

Remember to call TLF/TLS on the hardware in CISCO mode.
1999-03-30 13:28:26 +00:00
Dag-Erling Smørgrav
b56fecc80b Implement TUNSIFMODE and TUNSLMODE.
Submitted by:	Alfred Perlstein <bright@cygnus.rush.net>
1999-03-24 21:20:12 +00:00
Bill Paul
97ed1257f9 Grrr... botched remote commit. Let's try this again: vlan updates,
take two.
1999-03-15 01:22:01 +00:00
Bill Paul
f731f10490 Updates for vlan stuff:
- add support for devices that do vlan tag insertion/deletion in firmware
- add multicast support
- add vlan_unconfig() to complement vlan_config()
- update ifconfig(8) to configure vlan interfaces (vlan tag and
  parent device)

Also fix a small bug in ifconfig; sometimes sa_family is overwritten
by ioctls.

Reviewed by: wollman
1999-03-15 01:17:26 +00:00
Julian Elischer
fda82fc2b9 Submitted by: Larry Lile
Move the Olicom token ring driver to the officially sanctionned location of
/sys/contrib. Also fix some brokenness in the generic token ring support.

Be warned that if_dl.h has been changed and SOME programs might
like recompilation.
1999-03-10 10:11:43 +00:00
Bill Paul
6b3cb5936d Also add 1000baseSX, 1000baseLX, 1000baseCX and 1000baseTX media types. At
this point I don't know if there are any actual gigabit ethernet devices
that support media other than 1000baseSX (multi-mode fiber) but who knows.
1999-03-07 04:39:25 +00:00
Bill Paul
27ab138fcc Add 1000baseFX, 10baseSTP and 10baseFL media types. The 1000baseFX
type may become necessary soon. :)

Also add a couple of additional macros that NetBSD has which we don't.
Nothing in FreeBSD uses these (yet) so adding them in shouldn't hurt
anything.
1999-03-06 17:17:57 +00:00
KATO Takenori
69d66c1e4e The fe driver supports bridging, so added it to lists. 1999-02-25 10:48:31 +00:00
Poul-Henning Kamp
81f7312bfa Misplaces brace puts important code into debug section.
Reviewed by:	phk
Submitted by:	Stefan Bethke <stefan.bethke@hanse.de>
1999-02-23 15:08:44 +00:00
Dmitrij Tejblum
eff128828c Set ifq_maxlen. 1999-02-20 21:03:53 +00:00
Julian Elischer
722012cc0c World, I'd like you to meet the first FreeBSD token Ring driver.
This  is for various Olicom cards. An IBM driver is following.
This patch also adds support to tcpdump to decode packets on tokenring.
Congratulations to the proud father.. (below)

Submitted by:	Larry Lile <lile@stdio.com>
1999-02-20 11:18:00 +00:00
Poul-Henning Kamp
f19dd898a1 Remove all the #ifdef notyet stuff, it is probably never going to happen
in the first place.

Use 3sec timeout as recommended.

Reorder some debug messages.

Label som of the 0x%x in debug messages

Make sppp_print_bytes() use %*D and handle zero length.

If we don't have MAGIC numbers, don't yell loopback if 0 == 0
1999-02-19 13:45:09 +00:00
Poul-Henning Kamp
4add131ea8 Since ifru_flags is a short, we can fit in a copy of the flags
before they got changed.  This can help eliminate much of the
gymnastics drivers do in their ioctl routines to figure this out.

Remove commented out IFF_NOTRAILERS
1999-02-19 13:41:35 +00:00
Doug Rabson
ce02431ffa * Change sysctl from using linker_set to construct its tree using SLISTs.
This makes it possible to change the sysctl tree at runtime.

* Change KLD to find and register any sysctl nodes contained in the loaded
  file and to unregister them when the file is unloaded.

Reviewed by: Archie Cobbs <archie@whistle.com>,
	Peter Wemm <peter@netplex.com.au> (well they looked at it anyway)
1999-02-16 10:49:55 +00:00
Matthew Dillon
f7f62e7b56 Get rid of IFF_BROADCAST from default IFF_ slip options. This accidently
snuck in during the big -Wall commit and wasn't supposed to be in there.
1999-02-02 00:28:29 +00:00
Poul-Henning Kamp
e0ea20bcca Print a message if the driver didn't initialize ifq_maxlen.
Drivers should be updated if they get flagged by this message.

(The reason this is important is because we do not have a way
to catch this mistake for interfaces added after ifinit() runs.)
1999-02-01 20:03:27 +00:00
Julian Elischer
4c8e8c05fd Slight cleanups. There were 2 ways of getting the arpcom from the ifp.
Both equally bogus. Make it a macro so that we can pretend it's not
bogus and maybe make it less so some time in the future.
1999-01-31 08:17:16 +00:00
Matthew Dillon
831a80b0d5 Fix warnings in preparation for adding -Wall -Wcast-qual to the
kernel compile
1999-01-27 22:42:27 +00:00
Matthew Dillon
1c7c3c6a86 This is a rather large commit that encompasses the new swapper,
changes to the VM system to support the new swapper, VM bug
    fixes, several VM optimizations, and some additional revamping of the
    VM code.  The specific bug fixes will be documented with additional
    forced commits.  This commit is somewhat rough in regards to code
    cleanup issues.

Reviewed by:	"John S. Dyson" <root@dyson.iquest.net>, "David Greenman" <dg@root.com>
1999-01-21 08:29:12 +00:00
Peter Wemm
8e203b83a7 Undo #undef KERNEL hack for vnode.h to avoid vnode_if.h.
XXX It probably makes sense to have a flag for bsd.kern.mk to avoid these
    rules.
XXX IO_NDELAY seems to be the main reason for it, when used in a cdevsw
    read or write "flag" context.  Perhaps a redundant declaration
    somewhere like sys/conf.h might help remove the need for vnode.h in
    these device drivers in the first place.
1999-01-17 20:53:48 +00:00
Eivind Eklund
1db59ce607 Remove unused variable & clean up a couple of style issues. 1999-01-12 12:07:00 +00:00
Luigi Rizzo
4182413928 Remove one unused variable. 1998-12-31 07:52:49 +00:00
Poul-Henning Kamp
57814d04d4 Update sppp support to i4b level. This includes the new spppcontrol
program to set PPP options like authentication with.
1998-12-27 21:30:44 +00:00
Poul-Henning Kamp
cee7234916 More isdn4bsd convergence: cleanup log messages. 1998-12-26 13:14:45 +00:00
Poul-Henning Kamp
b2648215c6 Converge further on the isdn4bsd version of this file. 1998-12-26 12:43:26 +00:00
Poul-Henning Kamp
54f8640b04 clean up more timeout/untimeout portability stuff.
make sure flags and stuff are set sensibly.
1998-12-26 12:14:31 +00:00
Poul-Henning Kamp
177bc2bd34 Add two fields for the lower layers convenience. 1998-12-20 19:06:22 +00:00
Poul-Henning Kamp
11749a2453 Straigthen out the use of the tls and tlf callbacks.
Not tested on the if_sr, if_cx and if_ar drivers, but
expected to work just the same as it used to.

Any users of these drivers (or even better: donors
of hardware for them) please contact phk@freebsd.org
so we can test the next batch of changes to if_sppp.
1998-12-16 18:42:38 +00:00
Poul-Henning Kamp
e8c2601dbf Generalize the if_up() and if_down() functions under the names
if_route() and if_unroute().

This is first step towards sanitizing IFF_UP and IFF_RUNNING
1998-12-16 18:30:43 +00:00
Luigi Rizzo
fb5fbe465a Bridging support. Wait for LINT to be updated before trying it. 1998-12-14 17:58:05 +00:00
Eivind Eklund
537ad9741c Make the use of 'disc' vs 'ds' as prefix consistent by making all 'disc'.
This fix the conflict of having two functions called 'dsioctl()'.
1998-12-14 01:59:16 +00:00
Poul-Henning Kamp
48672719c3 (almost) null commit, recording message for previous commit:
s/_NET_IF_HDLC_H_/_NET_IF_SPPP_H_/

Unfold almost correct and hideous beyond reason, boolean expression,
making it more correct at the same time.
1998-12-11 21:42:57 +00:00
Poul-Henning Kamp
34d528017b *** empty log message *** 1998-12-11 21:40:13 +00:00
Archie Cobbs
f1d19042b0 The "easy" fixes for compiling the kernel -Wunused: remove unreferenced static
and local variables, goto labels, and functions declared but not defined.
1998-12-07 21:58:50 +00:00
Eivind Eklund
f865e453e5 Propagate unsignedness to all variants of 'k', and reorganize the
conditionals to be fully resistent against overflow in unsigned
computations.

Potential problem pointed out by:	bde
Reviewed by:				bde
1998-12-07 16:31:15 +00:00
Eivind Eklund
c4b7d2b697 Remove guard for < 0 on an unsigned variable. 1998-12-07 03:26:34 +00:00
Archie Cobbs
2127f26023 Examine all occurrences of sprintf(), strcat(), and str[n]cpy()
for possible buffer overflow problems. Replaced most sprintf()'s
with snprintf(); for others cases, added terminating NUL bytes where
appropriate, replaced constants like "16" with sizeof(), etc.

These changes include several bug fixes, but most changes are for
maintainability's sake. Any instance where it wasn't "immediately
obvious" that a buffer overflow could not occur was made safer.

Reviewed by:	Bruce Evans <bde@zeta.org.au>
Reviewed by:	Matthew Dillon <dillon@apollo.backplane.com>
Reviewed by:	Mike Spengler <mks@networkcs.com>
1998-12-04 22:54:57 +00:00
Don Lewis
62d6ce3af2 I got another batch of suggestions for cosmetic changes from bde. 1998-11-11 10:56:07 +00:00
Don Lewis
831d27a9f5 Installed the second patch attached to kern/7899 with some changes suggested
by bde, a few other tweaks to get the patch to apply cleanly again and
some improvements to the comments.

This change closes some fairly minor security holes associated with
F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN
had on tty devices.  For more details, see the description on the PR.

Because this patch increases the size of the proc and pgrp structures,
it is necessary to re-install the includes and recompile libkvm,
the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w.

PR:		kern/7899
Reviewed by:	bde, elvind
1998-11-11 10:04:13 +00:00
Doug Rabson
171f44d78b * Use explicitly sized types for grovelling around inside packets.
* On the alpha, make sure memory accesses are only made to aligned boundaries.

Submitted by: Alex Nash <nash@mcs.net>
1998-10-31 10:45:03 +00:00
Alexander Langer
bdc2cdc5fe Check the timeval passed to BIOCSRTIMEOUT with itimerfix. Use tvtohz()
to convert the timeval into a tick count.

Suggested by:	bde
Reviewed by:	bde

Handle hz > 1000 in BIOCGRTIMEOUT.

Pointed out by:	bde
Reviewed by:	bde
Obtained from:	OpenBSD
1998-10-08 00:32:08 +00:00
Joerg Wunsch
825d77e5f0 Minor cleanup: kill a couple of unused variables, and a couple of
uninitialized variables.

Obtained from:	The isdn4bsd project (partially)
1998-10-06 21:12:45 +00:00
Joerg Wunsch
5158516f4e In an attempt to reduce the huge number of differences between the
FreeBSD repository version of this file and the isdn4bsd version,
adopt those changes from the i4b version that make this file
BSD-version independent.  I attempted to avoid uglifying this file too
much, thus deviated a little from the i4b version (and hope they will
adopt the changes, too).

The diffs mostly concentrate on:

. #include differences between the systems
. different callout handling between FreeBSD vs. Net/OpenBSD
. interface naming (Net/OpenBSD store the ASCII name including the
  unit # in struct ifnet, FreeBSD only the name)
. use of random() in FreeBSD vs. time-based pseudo-randomization in
  Net/OpenBSD (for loopback detection ad CHAP challenges -- i
  assume at least OpenBSD could also benefit from random(), but that's
  the way i've got this file)
. interface address list elements are named a little differently
  between FreeBSD and Net/OpenBSD

I attempted to segregate those compat fixes from other code fixes and
enhancements.

Obtained from:	The isdn4bsd project
1998-10-06 20:47:53 +00:00
Joerg Wunsch
f07c3e6c06 Fix a =/== confusion that caused the CHAP type renegotiation to
completely fail.

Obtained from:	The isdn4bsd project (original author unknown right now)
1998-10-05 21:02:30 +00:00
Alexander Langer
8bcbc7df27 The length argument for bcopy is a size_t, not u_int. Adjust
bpf_mcopy() and catchpacket() prototypes accordingly.
1998-10-04 23:04:48 +00:00
Alexander Langer
ba136d4fea Change BPF_ALIGNMENT to long, necessary for correct alignment on Alpha. 1998-10-04 21:53:59 +00:00
Alexander Langer
ee6f62ee47 Support hz > 1000 (Alpha) in BIOCSRTIMEOUT.
Obtained from:	OpenBSD
1998-10-04 17:20:22 +00:00
Luigi Rizzo
65d5a8999d fix an mbuf leak when using ipfw to filger bridged packets
(from -stable, since this code is not yet active in -current)
1998-09-18 20:55:50 +00:00
Bill Fenner
c2b0c42413 Add DLT_{SLIP,PPP}_BSDOS from libpcap 0.4 1998-09-15 19:35:37 +00:00
Luigi Rizzo
cb1e41ca65 Bring in files for bridging support. 1998-09-12 22:07:47 +00:00
Garrett Wollman
cfe8b629f1 Yow! Completely change the way socket options are handled, eliminating
another specialized mbuf type in the process.  Also clean up some
of the cruft surrounding IPFW, multicast routing, RSVP, and other
ill-explored corners.
1998-08-23 03:07:17 +00:00
Andrey A. Chernov
22f05c4320 Implement DLT_RAW from libpcap 1998-08-18 10:13:11 +00:00
Bruce Evans
138d060a6e Fixed printf format errors. sppp_dotted_quad() was yet another private,
broken, version of inet_ntoa().  It should go away.
1998-08-17 00:29:34 +00:00
Bruce Evans
f9d8181868 Fixed yet more ioctl breakage due to the type of the `cmd' arg changing
from int to u_long but not changing here.
1998-08-15 21:58:09 +00:00
Bill Paul
c7323482f4 One-liner: add a call to the underlying device driver's SIOCDELMULTI
ioctl() routine at the end of if_delmulti() so that interfaces with
hardware multicast filtering can update their filters in a timely
manner.

If the interface doesn't support hardware multicast filtering, then
reception of multicast frames is done using 'promiscious mode' or
'capture all multicast frames' mode and software filtering in the
kernel. In this case, it doesn't matter if if_delmulti() ever does
an SCIODELMULTI on the interface or not: if MULTICAST support is
enabled, then we join the 'all hosts' group when the interface is
configured, and remain in it until the interface is brought down.
Without hardware filtering, joining one group means joining all
groups, so it makes no difference if we call the SIOCDELMULTI
routine.

If the interface does support hardware multicast filtering, then
by not reprogramming the hardware filter in if_delmulti(), we have
to wait until somebody calls if_setmulti(), during which time the
interface is receiving frames for multicast groups in which we are
no longer interested.
1998-08-12 22:51:59 +00:00
Julian Elischer
84dd0fd0bb fix broken loopback code for ddp (again)
Submitted by: Stefan Bethke <stb@hanse.de>
1998-08-04 23:17:05 +00:00