Commit Graph

324 Commits

Author SHA1 Message Date
Andrew Thompson
85ce729794 Add a bridge interface flag called PRIVATE where any private port can not
communicate with another private port.

All unicast/broadcast/multicast layer2 traffic is blocked so it works much the
same way as using firewall rules but scales better and is generally easier as
firewall packages usually do not allow ARP blocking.

An example usage would be having a number of customers on separate vlans
bridged with a server network. All the vlans are marked private, they can all
communicate with the server network unhindered, but can not exchange any
traffic whatsoever with each other.

Approved by:	re (rwatson)
2007-08-01 00:33:52 +00:00
Sam Leffler
fdef6acc3d updates for 802.11-related parameters
Reviewed by:	thompsa
Approved by:	re (hrs)
2007-07-09 15:39:58 +00:00
Andrew Thompson
b3d37ca5f8 Allow the LACP state to be queried from userland which at the moment is the
actor and partner peer info. Print out the active aggregator and per port data
in verbose mode from ifconfig.

Approved by:	re (mux)
2007-07-05 09:18:57 +00:00
Andrew Thompson
22dcc3c17b Add the vlan tag to the bridge route table. This allows a vlan trunk to be
bridged, previously legitimate traffic was not passed as the bridge could not
tell that it was on a different Ethernet segment.

All non-tagged traffic is treated as vlan1 as per IEEE 802.1Q-2003
2007-06-13 18:58:04 +00:00
Robert Watson
0cae11b9cc Remove IPX over IP tunneling pieces from ifconfig(8), omitted portion of
previous commit:

  Remove IPX over IP tunneling support, which allows IPX routing over IP
  tunnels, and was not MPSAFE.  The code can be easily restored in the
  event that someone with an IPX over IP tunnel configuration can work
  with me to test patches.

  This removes one of five remaining consumers of NET_NEEDS_GIANT.

  Approved by:    re (kensmith)

Spotted by:	Artem Naluzhny <tutat nhamon dot com dot ua>
2007-06-13 18:07:59 +00:00
Andrew Thompson
6b3375abfa Catch up with variable name changes in struct lagg_protos. 2007-06-12 10:07:57 +00:00
Andrew Thompson
927a1b4120 Reset the pointer to the ioctl buffer after it gets changed. 2007-06-12 00:52:40 +00:00
Andre Oppermann
a6575bfc2d Add reporting and toggling of TCP LRO (large receive offload) support to
ifconfig(8).
2007-06-11 20:15:20 +00:00
Sam Leffler
8f3591a5bb Update for revised 802.11 support:
o revised channel handling support; ifconfig now queries the kernel to
  find the list of available channels and handles channel promotion;
  channel attributes can be specified as part of the channel; e.g. 36:a
  for channel 36 in 11a (as opposed to turbo A or HT A)
o use channel list to map between freq and IEEE channel #; this eliminates
  all knowledge of how the mapping is done and fixes handling of cases
  where channels overlap in the IEEE channel # space but are distinct in
  the frequency+attributes space (e.g. PSB)
o add new knobs: bgscan, ff (Atheors fast frames), dturbo (Atheros
  Dynamic Turbo mode), bgscanidle, bgscanintvl, scanvalid, roam:rssi11a,
  roam:rssi11b, roam:rssi11g, roam:rate11a, roam:rate11b, roam:rate11g
  (roaming parameters), burst, doth (forthcoming 11h support)
o print contents of WME, ATH, WPA, RSN, information elements with -v option
o print signal strength in dBm
o print noise floor in dBm
o add list txpow to print tx power caps/channel
o change default channel display in status to be more informative
2007-06-11 03:56:33 +00:00
Andrew Thompson
a389ab003f Add the -n flag for disabling automatic module loading, this will be used by
rc.d to stop it reloading the network module on unload.
2007-05-22 17:41:09 +00:00
Andrew Thompson
18242d3b09 Rename the trunk(4) driver to lagg(4) as it is too similar to vlan trunking.
The name trunk is misused as the networking term trunk means carrying multiple
VLANs over a single connection. The IEEE standard for link aggregation (802.3
section 3) does not talk about 'trunk' at all while it is used throughout IEEE
802.1Q in describing vlans.

The lagg(4) driver provides link aggregation, failover and fault tolerance.

Discussed on:	current@
2007-04-17 00:35:11 +00:00
Andrew Thompson
68bca8a5e3 Bump document date for new trunk commands. 2007-04-10 03:35:42 +00:00
Andrew Thompson
7b62d98bf8 Hook trunk(4) up to the build. 2007-04-10 00:35:31 +00:00
Andrew Thompson
b47888ceba Add the trunk(4) driver for providing link aggregation, failover and fault
tolerance.  This driver allows aggregation of multiple network interfaces as
one virtual interface using a number of different protocols/algorithms.

failover    - Sends traffic through the secondary port if the master becomes
              inactive.
fec         - Supports Cisco Fast EtherChannel.
lacp        - Supports the IEEE 802.3ad Link Aggregation Control Protocol
              (LACP) and the Marker Protocol.
loadbalance - Static loadbalancing using an outgoing hash.
roundrobin  - Distributes outgoing traffic using a round-robin scheduler
              through all active ports.

This code was obtained from OpenBSD and this also includes 802.3ad LACP support
from agr(4) in NetBSD.
2007-04-10 00:27:25 +00:00
Sam Leffler
3b4f84880e don't display ssid cloaking status as "ssid HIDE", use the cmd line
parameter like everything else

MFC after:	2 weeks
2007-03-30 18:14:04 +00:00
Andrew Thompson
99469fe270 Correct the name of the 'proto' command.
MFC after:	3 days
2007-03-29 21:30:26 +00:00
Yaroslav Tykhiy
f013cfc544 Back out rev. 1.129 because it breaks the practice of auto-loading
hardware drivers.  Unlike pseudo-device drivers, which just attach
to the cloning framework and wait for "ifconfig create", h/w drivers
create interfaces for installed cards as soon as loaded.  The issue
of devd(8) involuntarily reloading modules should be dealt with in a
different way.
2007-03-24 20:26:54 +00:00
Yaroslav Tykhiy
a40fb996ae Attempt to load the kernel module only if we are going to create a
new interface.  In other cases loading the module is unwanted and
can lead to ill side effects.  One such effect found is as follows:
"kldunload if_foo" tells the module to kill all its interfaces,
which results in messages sent to devd; the module unloads.  Then
devd starts processing the messages, which ends up in a etc script
running ifconfig fooX, which reloads the module.
2007-03-12 13:08:56 +00:00
Sam Leffler
7c25c5c447 point-to-point address should come from ifa_dstaddr 2007-03-09 23:28:40 +00:00
Sam Leffler
e5f015499d o consistently check strlcpy result
o warn when we skip an interface because it's name is too long
2007-02-27 17:11:18 +00:00
Sam Leffler
0b28f08125 correct type to silence const complaint 2007-02-27 17:03:22 +00:00
Sam Leffler
30705853b0 unbreak create operation, must copy argument to global name
Spotted by:	des
2007-02-27 17:00:59 +00:00
Sam Leffler
cb8c905ae9 use getifaddrs from libc instead of private code
Reviewed by:	bms
MFC after:	1 month
2007-02-24 23:55:46 +00:00
Sam Leffler
aa388b9d49 correct type definition of option routine callback 2007-02-17 18:22:20 +00:00
Sam Leffler
a74d2fb50e remove (now) duplicate definition of IEEE80211_IS_CHAN_PASSIVE 2007-02-17 18:21:52 +00:00
Bruce M Simpson
9bb9973c66 Be explicit in examples about the correct grammar for 'alias' and
'-alias', and that 'add' and 'delete are in fact synonyms for these
in the ifconfig(8) grammar.

Use network prefixes explicitly specified in IETF RFCs for
documentation purposes. (bz)

PR:		102701
MFC after:	1 day
See also:	RFC 3330, RFC 3849
Submitted by:	bz
2007-02-04 16:48:56 +00:00
Bruce M Simpson
1b153c9278 Backout revision 1.4; it is not verified as the correct fix for the PR.
A more correct fix has been committed to ifconfig(8).

Submitted by:	bz
PR:		102701
2007-02-03 03:40:33 +00:00
Bruce M Simpson
9bad5f3777 Add an EXAMPLES section to ifconfig(8), clearly showing how to configure
IPv6 addresses in FreeBSD.

See also: http://www.telscom.ch/index.php/downloads/configure_ipv6_features

MFC after:	1 week
PR:		102701
Obtained from:	OpenBSD (partly, with edits)
2007-02-03 03:37:37 +00:00
Marius Strobl
98b0eedaf5 Actually fully emulate NetBSD and print the media instance number
only for non-zero instances so the typical output for IFM_IEEE80211
type media doesn't overflow 80 columns.

Requested by:	sam
2007-01-22 13:42:07 +00:00
Marius Strobl
1113949379 - Display the media instance numbers and allow the user to set the active
one. This is based on NetBSD but unlike NetBSD this implementation prints
  the instance number for all media instances and doesn't skip it for the
  first one as I don't see a reason to suppress it except for the vague
  reason to preserve the output for single-instance configurations.
- Fix some whitespace nits.
2007-01-20 00:56:49 +00:00
Sam Leffler
9a71a3d565 Add initial support for 900MHz channels; still has some rough
edges but ifconfig ath0 list chan works and you can use ieee
channel #'s to lock/select a channel.

MFC after:	1 month
2007-01-15 01:20:28 +00:00
Bjoern A. Zeeb
3ca72aeb09 Fix an off-by-one which could mean writing beyond the end of the array
when copying the interface name.
This code part should probably be rewritten.
2006-12-29 18:44:04 +00:00
Sam Leffler
b0eb2f6935 Add half/quarter rate 11a channel support:
o add hack/nonstandard channel mapping for public safety band channels to
  mirror kernel (temporary until we have proper 802.11 state)
o change ieee80211_mhz2ieee to take channel flags (unused right now)

While here do some minor fixups like using IEEE80211_IS_CHAN_ANYG.
2006-12-27 18:48:50 +00:00
Jung-uk Kim
f7c6b0a8c6 Clear full-duplex when half-duplex flag is set. This actually makes
'mediaopt half-duplex' working as it should.  It is now equivalent of
'-mediaopt full-duplex'.
2006-12-19 22:50:49 +00:00
Andrew Thompson
787096051b These days P2P means peer-2-peer (also well known from serveral filesharing
protocols) while PointToPoint has been PtP links. Change the variables
accordingly while the code is still fresh and undocumented.

Requested by:	bz
2006-12-11 23:46:40 +00:00
Sam Leffler
0972edc076 fix handling of ssid "-" etc; we're writing 1 byte past the
end of the result buffer

Noticed by:	Sepherosa Zieha
Reviewed by:	cperciva
MFC after:	2 weeks
2006-12-09 20:11:55 +00:00
Andrew Thompson
153f9b00f3 Add descriptions for p2p and autop2p. 2006-11-27 21:59:04 +00:00
Ceri Davies
85606c18b8 Bump .Dd for r1.127. 2006-11-27 21:54:46 +00:00
Andrew Thompson
75ba43386e Show the MAC address cache size and timeout. 2006-11-27 20:52:57 +00:00
Andrew Thompson
1dfd31abfb Keep the command name the same as the values display name in ifconfig. 2006-11-27 20:18:43 +00:00
Andrew Thompson
6c32e05ca3 Sync with the OpenBSD port of RSTP
- use flags rather than sperate ioctls for edge, p2p
 - implement p2p and autop2p flags
 - define large pathcost constant as ULL
 - show bridgeid and rootid in ifconfig

Obtained from:	Reyk Floeter <reyk@openbsd.org>
2006-11-27 00:35:40 +00:00
Andrew Thompson
3df7fad0cf Add a new address cache type called sticky. On an interface marked sticky any
address learned by the bridge is made permanent, the address will not age out
and most importantly will not migrate to another interface.

This can be used to stop mac address poisoning or clients roaming in much the
same way as static entries without the hassle of preloading the table.
2006-11-09 06:32:38 +00:00
Andrew Thompson
3fab76690c Bring in support for the Rapid Spanning Tree Protocol (802.1w).
RSTP provides faster spanning tree convergence, the protocol will exchange
information with neighboring switches to quickly transition to forwarding
without creating loops. The code will default to RSTP mode but will downgrade
any port connected to a legacy STP network so is fully backward compatible.

Reviewed by:	syrinx
Tested by:	syrinx
2006-11-01 09:07:47 +00:00
Ruslan Ermilov
dadff48394 Fix markup botched in previous commit. 2006-10-10 09:44:08 +00:00
Tom Rhodes
7a6f335e14 Note that the -v option may be used to expand long SSIDs.
PR:		102118
Reviewed by:	sam
2006-10-10 02:20:12 +00:00
Jens Schweikhardt
09a66bda90 Correct some grammos. 2006-10-02 08:55:54 +00:00
Bruce M Simpson
7d9079197c Fix a typo in af_inet6.c such that IPv6 addresses may be deleted
from interfaces.

PR:		bin/102701
Submitted by:	George Mitchell
MFC after:	3 days
2006-09-25 18:20:56 +00:00
Andre Oppermann
6b92a00668 In setifcap() only set/unset those capabilities the interface actually
supports.
2006-09-20 15:38:37 +00:00
Ruslan Ermilov
8266d47670 Markup fixes. 2006-09-18 11:55:10 +00:00
Andre Oppermann
581d6e4ca7 Fix octal representation of TSO4 and TSO6 bits in interface capabilities
description.
2006-09-08 13:29:38 +00:00