Garrett Wollman
eb6ad69646
Merge in T/TCP TCP header file changes.
1995-02-08 20:18:48 +00:00
Gary Palmer
6db216a6d7
Remove a possible loophole - previously the code wouldn't pass packets destined
...
to the loopback address to the packet filter.
Reviewed by: "Ugen J.S.Antsilevich" <ugen@netvision.net.il>
1995-02-07 20:30:42 +00:00
Garrett Wollman
838ecf4225
Make sure to disable RSVP intercept when the socket is closed.
1995-02-07 02:53:14 +00:00
Garrett Wollman
479bb8da0e
Correct long-standing error in the RSVP hooks (would initialize but never
...
return success).
1995-01-26 18:59:02 +00:00
Ugen J.S. Antsilevich
2b43c8c9db
ip_fwdef.c was missing some assignments , and this
...
caused that bug by which firewall code was not working
if configured into kernel and worked only as lkm.
Now this must be fixed...Sorry guys..
1995-01-26 10:26:15 +00:00
David Greenman
8eea120788
Kill previous commit as it isn't necessary.
1995-01-26 03:56:20 +00:00
David Greenman
b99f012ec5
Extended the previous change to cover the non-options case, too.
1995-01-24 08:03:22 +00:00
David Greenman
297a37f334
Applied fix from Andreas Schulz with a different comment by me. Fixes a
...
bug where TCP connections are closed prematurely.
Submitted by: Andreas Schulz
1995-01-23 17:58:27 +00:00
Garrett Wollman
bbb7c7109b
Change caching strategy somewhat:
...
1) Don't clone routes to multicast destinations; there is nothing useful
to be gained in this case.
2) Reduce default expiration timer to one hour. Busy sites will still
likely want to reduce this, but for ordinary users this is a reasonable
value to use.
1995-01-23 02:02:50 +00:00
Ugen J.S. Antsilevich
4dd1662b4c
Actual firewall change.
...
1) Firewall is not subdivided on forwarding / blocking chains
anymore.Actually only one chain left-it was the blocking one.
2) LKM support.ip_fwdef.c is function pointers definition and
goes into kernel along with all INET stuff.
1995-01-12 13:06:32 +00:00
David Greenman
aedcdea1de
Fixed mbuf lossage when level != IPPROTO_IP. Problem reported by Robert
...
Dobbs, hint from Charles Hannum, fix by me.
1995-01-12 10:53:25 +00:00
Garrett Wollman
b2774d00ad
Make arp_rtrequest() static since nobody needs to referene it any more.
1994-12-22 22:00:30 +00:00
Garrett Wollman
dd2e410221
Move ARP interface initialization into if_ether.c:arp_ifinit().
1994-12-22 21:56:22 +00:00
Garrett Wollman
f811ab0233
Avoid a serious race by blocking netisrs while walking the route tree.
...
(IWBRNI we could just block IP netisrs...)
1994-12-21 17:25:52 +00:00
Garrett Wollman
3c896bda76
Correct sysctl info so that net.inet.ip.rtexpire is actually accessible.
1994-12-21 17:23:59 +00:00
Garrett Wollman
9ee39fc64d
Fix PR 59: don't allow TCP connections withmulticast addresses at either
...
end.
1994-12-15 20:39:34 +00:00
Garrett Wollman
5be2baf843
Make rtq_reallyold user-configurable via sysctl.
1994-12-14 19:06:37 +00:00
Garrett Wollman
2c17fe9339
Call rtalloc_ign() so that protocol cloning will not occur at the IP layer.
1994-12-13 23:08:12 +00:00
Garrett Wollman
31246bc25f
Update calls to rtalloc1(). Also merge rt_prflags with rt_flags.
1994-12-13 22:32:45 +00:00
Ugen J.S. Antsilevich
3107b31b8d
Add clear one accounting entry control.
...
Structure fields changed to seem more standart.
1994-12-13 15:57:34 +00:00
Ugen J.S. Antsilevich
f3caf95e23
Late patch for delete control..
1994-12-12 18:10:41 +00:00
Ugen J.S. Antsilevich
10a642bb05
Add match by interface from which packet arrived (via)
...
Handle right fragmented packets. Remove checking option
from kernel..
1994-12-12 17:20:55 +00:00
Garrett Wollman
1db18e0fc4
Advanced route cache management is now an official part of IP support.
1994-12-11 21:36:10 +00:00
Garrett Wollman
114a506d1a
Delete old, confusing comment.
1994-12-02 23:10:32 +00:00
Garrett Wollman
73579c400f
Add a check to make sure that we don't fiddle with the NFS routing tables
...
as well (bleah!). Also, increase the interval to the real-life value and
eliminate debugging printfs. This will be standard once tested by others.
1994-12-02 03:32:24 +00:00
Garrett Wollman
fa1f0e90fb
Add latest version of ``advanced route metric management'' :-)
...
As before, this is currently conditionalized on options IN_RMX until
I'm sure it's working.
1994-12-01 23:19:48 +00:00
Ugen J.S. Antsilevich
c334f8666a
Added: ICMP reply,TCP SYN check,logging..
1994-11-28 12:35:14 +00:00
Jordan K. Hubbard
63f8d699ac
Ugen J.S.Antsilevich's latest, happiest, IP firewall code.
...
Poul: Please take this into BETA. It's non-intrusive, and a rather
substantial improvement over what was there before.
1994-11-16 10:17:11 +00:00
Jordan K. Hubbard
dbdc296687
Ugen makes it in with 10 seconds to spare with a one-char diff. Some
...
people are born lucky..
Submitted by: ugen
1994-11-08 14:25:17 +00:00
Jordan K. Hubbard
72e8fea57e
Almost 12th hour (the 11th hour was almost an hour ago :-) patches
...
from Ugen.
1994-11-08 12:47:29 +00:00
Jordan K. Hubbard
ad63b51399
2 11th-hour fixes from Ugen (not Uben, sorry!) J.S.Antsilevich.
...
I think it's time for Ugen to get a freefall account, just so I can
direct mail at him directly and let him drop off patches for us here. Ugen?
Done!
Submitted by: ugen
1994-11-07 10:01:32 +00:00
Garrett Wollman
df00058df7
Fix off-by-one error reported to NetBSD by Karl Fox in
...
<9411031449.AA11102@gefilte.MorningStar.Com>.
1994-11-03 21:04:21 +00:00
Garrett Wollman
bb0135e920
Completely replace JTW's idea with my (incompletely implemented) original
...
idea. This is les likely to crash your machine. As before, this code is only
enabled under `options IN_RMX'.
1994-11-03 01:05:34 +00:00
Garrett Wollman
d4a8d8f240
This is the file that actually implements the smarter behavior.
1994-11-02 04:42:14 +00:00
Garrett Wollman
5c2dae8edc
Add code to be a bit smarter about IP routes, conditioned on the option
...
IN_RMX. (Eventually this will be standard, but I just wrote the code today
and don't want to break anyone.)
1994-11-02 04:41:39 +00:00
Garrett Wollman
ac234f9399
Clean up ARP error messages: format IP addresses, explain arplookup()
...
failures in English.
1994-11-02 00:58:29 +00:00
Jordan K. Hubbard
0a87b23329
Latest changes from Uben.
...
Submitted by: uben
1994-10-31 23:58:04 +00:00
Paul Traina
6c4b8d672e
Detect old-style multicast routers and interoperate properly
1994-10-31 06:36:47 +00:00
Jordan K. Hubbard
100ba1a617
IP Firewall code from Daniel Boulet and J.S.Antsilevich
...
Submitted by: danny ugen
1994-10-28 15:09:49 +00:00
Steven Wallace
1bc8a80906
Patch for proper multicast support on point-to-point links.
...
Submitted by: apg@demos.su (Paul Antonov) - patch020
1994-10-25 22:13:32 +00:00
Garrett Wollman
ccc999917e
Bug fixes from John Brezak.
1994-10-21 02:38:29 +00:00
Garrett Wollman
e2637b6b1c
Fix some endianness and packet header bugs found in BSDi's port of this code.
...
(From mbone mailing-list.)
1994-10-13 22:12:42 +00:00
Garrett Wollman
10be56487a
As suggested by Sally Floyd, don't add the ``small fraction of the window
...
size'' when doing congestion avoidance.
Submitted by: Mark Andrews
1994-10-13 18:36:32 +00:00
Garrett Wollman
5df7296441
Fix a bug which caused panics when attempting to change just the flags of
...
a route. (This still doesn't work, but it doesn't panic now.) It looks
like there may be a number of incipient bugs in this code.
Also, get ready for the time when all IP gateway routes are cloning, which
is necessary to keep proper TCP statistics.
1994-10-11 23:16:38 +00:00
Poul-Henning Kamp
61ce519bad
Cosmetics. Silence gcc -Wall.
1994-10-10 07:56:07 +00:00
Poul-Henning Kamp
ac0776aed7
Cosmetics: silences gcc -Wall.
1994-10-08 22:39:58 +00:00
Poul-Henning Kamp
623ae52e4e
GCC cleanup.
...
Reviewed by:
Submitted by:
Obtained from:
1994-10-02 17:48:58 +00:00
Garrett Wollman
28e822955c
Implement full proxy ARP, gated on option ARP_PROXYALL. This allows
...
a FreeBSD box to do proxy ARP as easily as most commercial routers do,
without messing around with (potentially variable) Ethernet addresses.
This code is really quite simple; I'm not at all sure why it wasn't
implemented in 4.4.
It might be worth stealing an interface flag (maybe IFF_LINK1) to use for
finer-grained control over which interfaces get proxy treatment. For the
moment, it's all or nothing.
1994-10-01 21:50:33 +00:00
Poul-Henning Kamp
fe95e21fed
Made the kernel compile even without "ether".
1994-09-16 05:47:06 +00:00
David Greenman
610ee2f9b5
Made TCPDEBUG truely optional. Based on changes I made in FreeBSD 1.1.5.
...
Fixed somebody's idea of a joke - about the first half of the lines in
in_proto.c were spaced over by one space.
1994-09-15 10:36:56 +00:00