freebsd-nq/sys/netinet
Luigi Rizzo 772759420f Implement probabilistic rule match in ipfw. Each rule can be associated
with a match probability to achieve non-deterministic behaviour of
the firewall. This can be extremely useful for testing purposes
such as simulating random packet drop without having to use dummynet
(which already does the same thing), and simulating multipath effects
and the associated out-of-order delivery (this time in conjunction
with dummynet).

The overhead on normal rules is just one comparison with 0.

Since it would have been trivial to implement this by just adding
a field to the ip_fw structure, I decided to do it in a
backward-compatible way (i.e. struct ip_fw is unchanged, and as a
consequence you don't need to recompile ipfw if you don't want to
use this feature), since this was also useful for -STABLE.

When, at some point, someone decides to change struct ip_fw, please
add a length field and a version number at the beginning, so userland
apps can keep working even if they are out of sync with the kernel.
1999-08-11 15:34:47 +00:00
..
libalias Don't get caught in an infinite recursion when PKT_ALIAS_REVERSE 1999-06-22 11:20:03 +00:00
fil.c
icmp_var.h * Change sysctl from using linker_set to construct its tree using SLISTs. 1999-02-16 10:49:55 +00:00
if_atm.c
if_atm.h
if_ether.c Add sufficient braces to keep egcs happy about potentially ambiguous 1999-05-06 18:13:11 +00:00
if_ether.h
if_fddi.h
igmp_var.h Move kernel-only declaration inside #ifdef KERNEL section. 1999-03-06 04:51:41 +00:00
igmp.c
igmp.h
in_cksum.c
in_hostcache.c
in_hostcache.h
in_pcb.c Correct a mistake in so_cred changes. In practice, I don't think that it 1999-07-12 18:58:23 +00:00
in_pcb.h This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
in_proto.c * Change sysctl from using linker_set to construct its tree using SLISTs. 1999-02-16 10:49:55 +00:00
in_rmx.c Add sysctl descriptions to many SYSCTL_XXXs 1999-05-03 23:57:32 +00:00
in_systm.h
in_var.h * Change sysctl from using linker_set to construct its tree using SLISTs. 1999-02-16 10:49:55 +00:00
in.c Suser() simplification: 1999-04-27 11:18:52 +00:00
in.h Make ipfw's logging more dynamic. Now, log will use the default limit 1999-08-01 16:57:24 +00:00
ip_auth.c
ip_auth.h
ip_compat.h
ip_divert.c Suser() simplification: 1999-04-27 11:18:52 +00:00
ip_dummynet.c Add spl() protection to remove that the timer is invoked multiple 1999-08-11 14:37:58 +00:00
ip_dummynet.h assorted dummynet cleanup: 1999-05-04 07:30:08 +00:00
ip_fil.c
ip_fil.h
ip_flow.c Add sysctl descriptions to many SYSCTL_XXXs 1999-05-03 23:57:32 +00:00
ip_flow.h
ip_frag.c
ip_frag.h
ip_ftp_pxy.c Add RCS strings to kernel ipfilter files. 1999-06-19 11:35:41 +00:00
ip_fw.c Implement probabilistic rule match in ipfw. Each rule can be associated 1999-08-11 15:34:47 +00:00
ip_fw.h Implement probabilistic rule match in ipfw. Each rule can be associated 1999-08-11 15:34:47 +00:00
ip_icmp.c Add net.inet.icmp.log_redirect and net.inet.icmp.drop_redirect, for 1999-08-10 09:45:33 +00:00
ip_icmp.h
ip_input.c Made net.inet.ip.intr_queue_maxlen writeable. 1999-05-27 12:20:33 +00:00
ip_log.c
ip_mroute.c Add sufficient braces to keep egcs happy about potentially ambiguous 1999-05-06 18:13:11 +00:00
ip_mroute.h
ip_nat.c
ip_nat.h
ip_output.c Free the dummynet descriptor in ip_dummynet, not in the called 1999-05-04 16:20:33 +00:00
ip_proxy.c Fix warnings in preparation for adding -Wall -Wcast-qual to the 1999-01-27 22:42:27 +00:00
ip_proxy.h
ip_state.c Fix warnings in preparation for adding -Wall -Wcast-qual to the 1999-01-27 22:42:27 +00:00
ip_state.h
ip_var.h
ip.h
ipl.h Add RCS strings to kernel ipfilter files. 1999-06-19 11:35:41 +00:00
mlf_ipl.c Add RCS strings to kernel ipfilter files. 1999-06-19 11:35:41 +00:00
raw_ip.c Make ipfw's logging more dynamic. Now, log will use the default limit 1999-08-01 16:57:24 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h Two cosmetic changes, one a typo and the other, a clarification. 1999-04-07 22:22:06 +00:00
tcp_input.c fix comment re: RST received in TIME_WAIT to match the code. 1999-07-18 14:42:48 +00:00
tcp_output.c Added net.inet.tcp.path_mtu_discovery variable which when set to 0 1999-05-27 12:24:21 +00:00
tcp_reass.c fix comment re: RST received in TIME_WAIT to match the code. 1999-07-18 14:42:48 +00:00
tcp_seq.h
tcp_subr.c Two new sysctls: net.inet.tcp.getcred and net.inet.udp.getcred. These take 1999-07-11 18:32:46 +00:00
tcp_timer.c Add sysctl descriptions to many SYSCTL_XXXs 1999-05-03 23:57:32 +00:00
tcp_timer.h
tcp_timewait.c Two new sysctls: net.inet.tcp.getcred and net.inet.udp.getcred. These take 1999-07-11 18:32:46 +00:00
tcp_usrreq.c Plug a mbuf leak in tcp_usr_send(). pru_send() routines are expected 1999-06-04 02:27:06 +00:00
tcp_var.h * Change sysctl from using linker_set to construct its tree using SLISTs. 1999-02-16 10:49:55 +00:00
tcp.h
tcpip.h
udp_usrreq.c Two new sysctls: net.inet.tcp.getcred and net.inet.udp.getcred. These take 1999-07-11 18:32:46 +00:00
udp_var.h This is the much-awaited cleaned up version of IPFW [ug]id support. 1999-06-19 18:43:33 +00:00
udp.h