Commit Graph

230 Commits

Author SHA1 Message Date
ume
ee306bc4d0 Make ip6fw as loadable module. 2000-09-23 18:50:59 +00:00
ume
d98e9631e3 examined the gateway (from the routing table) only when the address
family of the gateway is AF_INET6.

Submitted by:	JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp>
2000-09-15 17:21:35 +00:00
ru
92269e49c4 Follow BSD/OS and NetBSD, keep the ip_id field in network order all the time.
Requested by:	wollman
2000-09-14 14:42:04 +00:00
itojun
dd85200563 add attrbute(packed) to union def with specific align constraitn.
move file static variable to auto variable, make in6_cksum() work better in
kernel-MP environment.  sync with kame.

From: Alfred Perlstein <bright@wintelcom.net>
2000-09-09 15:56:46 +00:00
itojun
f729518373 repair type 0 routing header support. it was caused by RFC2292/2292bis
difference.  from: jinmei@kame.net
2000-09-03 13:43:13 +00:00
itojun
bc11187b2e warn that setsockopt/sysctl # spaces are shared among *BSD, and should better
be consulted with KAME guys if you want a number.
2000-08-27 00:58:13 +00:00
dwmalone
df0e25bf6c Replace the mbuf external reference counting code with something
that should be better.

The old code counted references to mbuf clusters by using the offset
of the cluster from the start of memory allocated for mbufs and
clusters as an index into an array of chars, which did the reference
counting. If the external storage was not a cluster then reference
counting had to be done by the code using that external storage.

NetBSD's system of linked lists of mbufs was cosidered, but Alfred
felt it would have locking issues when the kernel was made more
SMP friendly.

The system implimented uses a pool of unions to track external
storage. The union contains an int for counting the references and
a pointer for forming a free list. The reference counts are
incremented and decremented atomically and so should be SMP friendly.
This system can track reference counts for any sort of external
storage.

Access to the reference counting stuff is now through macros defined
in mbuf.h, so it should be easier to make changes to the system in
the future.

The possibility of storing the reference count in one of the
referencing mbufs was considered, but was rejected 'cos it would
often leave extra mbufs allocated. Storing the reference count in
the cluster was also considered, but because the external storage
may not be a cluster this isn't an option.

The size of the pool of reference counters is available in the
stats provided by "netstat -m".

PR:		19866
Submitted by:	Bosko Milekic <bmilekic@dsuper.net>
Reviewed by:	alfred (glanced at by others on -net)
2000-08-19 08:32:59 +00:00
itojun
fd45895ceb add missing splx(), when outgoing interface queue is full on tunnelled
IPsec packet output.  KAME PR 280.
2000-08-16 09:56:45 +00:00
ume
200a52ad93 Make compilable with -DIPFILTER.
Because I don't use ipfilter at all, this is not tested.
I don't know if ipfilter is work for IPv6.

Submitted by:	yoshiaki@kt.rim.or.jp
2000-08-12 18:14:13 +00:00
itojun
bea2d0ad79 backout ND6_USE_RTSOCK change in previous 2000-08-11 12:29:04 +00:00
itojun
adb62d889f avoid duplicated rtfree() on default router list change (could cause panic).
sync with kame 1.46 -> 1.47.
2000-08-11 12:27:07 +00:00
ume
cb7de0289e Make ip6fw zero work.
PR:		bin/20522
2000-08-10 20:41:33 +00:00
peter
0236152f47 GRRR! Fix the 'panic: ip6_init' caused by darrenr's incomplete changes
for the pfil hooks.  The protosw and ip6protosw structures were out of
sync with each other. :-(
2000-08-02 01:02:42 +00:00
darrenr
d18ce92d58 activate pfil_hooks and covert ipfilter to use it 2000-07-31 13:11:42 +00:00
itojun
538d8deb71 s/IPSEC_IPV6FWD/IPSEC/. this avoids unexpected behavior on ipv6 fowarding.
(even if you ask for tunnel-mode encryption packets will go out in clear)
sync with kame.
2000-07-16 07:56:54 +00:00
itojun
a0611dac11 remove m_pulldown statistics, which is highly experimental and does not
belong to *bsd-merged tree
2000-07-12 16:39:13 +00:00
itojun
3b0629faf7 correct rtentry reference count in in6_ifloop_request().
if you reconfigure inet6 too much, the reference count can go
into negative by mistake.  KAME in6.c 1.98 -> 1.99.
2000-07-12 05:20:41 +00:00
grog
6b46aa1424 Suppress a warning message about trigraphs.
Approved-by: itojun
2000-07-07 04:09:51 +00:00
itojun
ade2fdc9b1 add list of KAME files - may not be 100% correct 2000-07-05 19:05:19 +00:00
itojun
b2c4e4cdeb split net.inet6.ip6.rtexpire (and others) from net.inet.ip.*.
From: Andrzej Bialecki <abial@webgiro.com>
2000-07-05 01:40:29 +00:00
itojun
afe9c0a378 correct compilation with IPSEC_IPV6FWD.
From: Ollivier Robert <roberto@keltia.freenix.fr>
2000-07-05 01:14:45 +00:00
itojun
5f4e854de1 sync with kame tree as of july00. tons of bug fixes/improvements.
API changes:
- additional IPv6 ioctls
- IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8).
  (also syntax change)
2000-07-04 16:35:15 +00:00
phk
e5de271d47 Previous commit changing SYSCTL_HANDLER_ARGS violated KNF.
Pointed out by:	bde
2000-07-04 11:25:35 +00:00
phk
61ff05be25 Style police catches up with rev 1.26 of src/sys/sys/sysctl.h:
Sanitize SYSCTL_HANDLER_ARGS so that simplistic tools can grog our
sources:

        -sysctl_vm_zone SYSCTL_HANDLER_ARGS
        +sysctl_vm_zone (SYSCTL_HANDLER_ARGS)
2000-07-03 09:35:31 +00:00
ume
0326853a14 Inhibit successful DAD messages and "no default interface" messages.
It seems that people find them too noisy.
(ND6_DEBUG will enable them)

Obtained from:	KAME Project
2000-06-22 19:04:41 +00:00
itojun
91ac8e99a3 correct bad TTL with packets generated by v4 mapped udp. from kame 2000-06-22 16:48:59 +00:00
jake
961b97d434 Back out the previous change to the queue(3) interface.
It was not discussed and should probably not happen.

Requested by:		msmith and others
2000-05-26 02:09:24 +00:00
archie
4ba625d0ce Just need to pass the address family to if_simloop(), not the whole sockaddr. 2000-05-24 21:16:56 +00:00
jake
d93fbc9916 Change the way that the queue(3) structures are declared; don't assume that
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
2000-05-23 20:41:01 +00:00
bde
c4413949b9 Fixed missing prototype for inet6_rthdr_reverse(). 2000-05-11 16:57:45 +00:00
ps
cffec0416c Add missing include machine/in_cksum.h.
Submitted by:	n_hibma
2000-05-09 16:56:51 +00:00
phk
ce2aa22c93 Remove unneeded #include <sys/kernel.h> 2000-04-29 15:36:14 +00:00
phk
6be1308ad1 Remove ~25 unneeded #include <sys/conf.h>
Remove ~60 unneeded #include <sys/malloc.h>
2000-04-19 14:58:28 +00:00
sumikawa
f450d15f13 even if nd6_nud_hint is called, do not change a neighbor's status
unless the old status is probably reachable (i.e. the link-layer address
has already been resolved).

Obtained from:	KAME Project
2000-04-17 20:24:06 +00:00
shin
09037f119d Support per socket based IPv4 mapped IPv6 addr enable/disable control.
Submitted by: ume
2000-04-01 22:35:47 +00:00
green
08e4f07002 in6_pcb.c:
Remove a bogus (redundant, just weird, etc.) key_freeso(so).
	There are no consumers of it now, nor does it seem there
	ever will be.

in6?_pcb.c:
	Add an if (inp->in6?p_sp != NULL) before the call to
	ipsec[46]_delete_pcbpolicy(inp).  In low-memory conditions
	this can cause a crash because in6?_sp can be NULL...
2000-03-22 02:27:30 +00:00
shin
e435347f0c Backout the previous change to __KAME_VERSION (FreeBSD4.x addition),
because this is now 5.0-current.
2000-03-13 10:07:30 +00:00
shin
3a7c735b39 Change __KAME_VERSION value. Added the word "FreeBSD4.x" to identify the
system with other platform and/or other version of FreeBSD, which is also
integrated KAME code based on another date.

Approved by: jkh
2000-03-12 20:27:26 +00:00
shin
e044d42177 Forbid include of netinet6/ip6.h from user-land, and if included,
print an error message which say, "include netinet/ip6.h".
This is postponed to apply to avoid tcpdump compile error.
Now apply this because tcpdump has been already fixed.

Approved by: jkh

Obtained from: KAME project
2000-03-11 20:44:53 +00:00
shin
3ca445ef55 Replace m_pkthdr.rcvif with oif when oif is not NULL, to count
icmp6 error statistics based on sending interface.
This also prevent kernel panic when rcvif is not initialized after M_PKTHDR().
(The initialization issue also need to be fixed in the future.)

Approved by: jkh

Submitted by: k-sugyou@kame.net
2000-03-11 20:03:22 +00:00
shin
23a1d7aeed Initialize mbuf pointer at getting ipsec policy.
Without this, kernel will panic at getsockopt() of IPSEC_POLICY.
Also make compilable libipsec/test-policy.c which tries getsockopt() of
IPSEC_POLICY.

Approved by: jkh

Submitted by: sakane@kame.net
2000-03-09 14:57:16 +00:00
shin
88d80a54ba Update icmp node info query message bit order of query types,
according to draft-ietf-ipngwg-icmp-name-lookups-04 to 05 change.
This is necessary before 4.0, because,
  -This change is non backword compatible
  -Other KAME derived platforms applied 05
  -Author of the draft said he never do backword imcompatible changes
   again.

Approved by: jkh

Obtained from: KAME project
2000-03-09 14:47:21 +00:00
shin
73d476cc64 CMSG_XXX macros alignment fixes to follow RFC2292.
Approved by: jkh

Submitted by: Partly from tech@openbsd
Reviewed by: itojun
2000-03-03 11:13:12 +00:00
shin
c76f9b4c03 At detaching IPv6 raw socket, also finish IPv6 multicast router.
Approved by: jkh

Submitted by: fenner
2000-02-27 18:35:10 +00:00
peter
a5441090de Clean up some loose ends in the network code, including the X.25 and ISO
#ifdefs.  Clean out unused netisr's and leftover netisr linker set gunk.
Tested on x86 and alpha, including world.

Approved by:	jkh
2000-02-13 03:32:07 +00:00
shin
0539d56f5e Prototype fix for IPsec authentication related functions
Some of IPsec authentication related functions should have
  'const' for its 2nd argument, but not now.
  But if someone try to use them, and passed const data for
  those functions, then much bogus compile warnings will be
  generated.
  So those funcs prototype should be modified.

Requested by: archie
Approved by: jkh
2000-02-10 19:35:53 +00:00
shin
a0c9aca93b Forbid include of soem inet6 header files from wrong place
KAME put INET6 related stuff into sys/netinet6 dir, but IPv6
  standard API(RFC2553) require following files to be under sys/netinet.
    netinet/ip6.h
    netinet/icmp6.h
  Now those header files just include each following files.
    netinet6/ip6.h
    netinet6/icmp6.h

  Also KAME has netinet6/in6.h for easy INET6 common defs
  sharing between different BSDs, but RFC2553 requires only
  netinet/in.h should be included from userland.
  So netinet/in.h also includes netinet6/in6.h inside.

  To keep apps portability, apps should not directly include
  above files from netinet6 dir.
  Ideally, all contents of,
    netinet6/ip6.h
    netinet6/icmp6.h
    netinet6/in6.h
  should be moved into
    netinet/ip6.h
    netinet/icmp6.h
    netinet/in.h
  but to avoid big changes in this stage, add some hack, that
    -Put some special macro define into those files under neitnet
    -Let files under netinet6 cause error if it is included
     from some apps, and, if the specifal macro define is not
     defined.
     (which should have been defined if files under netinet is
     included)
    -And let them print an error message which tells the
     correct name of the include file to be included.

  Also fix apps which includes invalid header files.

Approved by: jkh

Obtained from: KAME project
2000-02-10 19:33:58 +00:00
shin
eb70be25c7 IPv6 prefix assignment bug fixes.
(1)When all related IPv6 addresses are removed,
       then remove the associated IPv6 prefix.
    (2)When multiple IPv6 link local addrs exist for a same
       interface , then let its IPv6 prefix have multiple
       interface id, and create multiple IPv6 global addrs with same
       interface id.
    (3)When a new IPv6 link local addr is assigned for an
       interface, then let its IPv6 prefix also have the
       interface id of the new IPv6 link local addr, and
       create new IPv6 global addrs with same interface id.

Approved by: jkh
2000-02-07 01:45:30 +00:00
shin
f70608d097 Permit site local addr in IPv6 source address selection rule.
KAME source addr selection rule had a problem to treat IPv6 site
  local addr.
  The rule is completely rewritten recently and the above problem
  is also fixed, but rewriting same code part in freebsd4.0 is too
  dangerous in this stage, so just add workaround to avoid
  the problem. Just add code for IPv6 site local addresses into IPv6
  source addr selection algorythm part.
2000-02-07 01:32:41 +00:00
shin
5a973d3065 Add ip6fw.
Yes it is almost code freeze, but as the result of many thought, now I
think this should be added before 4.0...

make world check, kernel build check is done.

Reviewed by: green
Obtained from: KAME project
2000-01-29 13:54:44 +00:00
shin
7fd8aeb670 Backout diffs which should not be included. 2000-01-28 13:16:34 +00:00
shin
9b27aa3fec #This is a null commit to give correct description for the previous change.
#Please forget the strange log message of the previous commit .

IPv6 multicast routing.
  kernel IPv6 multicast routing support.
  pim6 dense mode daemon
  pim6 sparse mode daemon
  netstat support of IPv6 multicast routing statistics

  Merging to the current and testing with other existing multicast routers
  is done by Tatsuya Jinmei <jinmei@kame.net>, who writes and maintainances
  the base code in KAME distribution.

  Make world check and kernel build check was also successful.

Obtained from: KAME project
2000-01-28 12:17:49 +00:00
shin
f8e48f511e Sorry I didn't commit these files at the commit just a few minutes before.
(IPv6 multicast routing)
I think I mistakenly touched TAB and the last arg sys/netinet6 to
the cvs commit changed to sys/netinet6/in6_proto.c.
2000-01-28 05:27:14 +00:00
shin
417b54f8df IPv6 multicast routing.
kernel IPv6 multicast routing support.
  pim6 dense mode daemon
  pim6 sparse mode daemon
  netstat support of IPv6 multicast routing statistics

  Merging to the current and testing with other existing multicast routers
  is done by Tatsuya Jinmei <jinmei@kame.net>, who writes and maintainances
  the base code in KAME distribution.

  Make world check and kernel build check was also successful.
2000-01-28 05:10:56 +00:00
shin
2ef83ec04a Added ip6_forwarding check when prefix related ioctl is called.
(prefix related ioctl should only be called on router,
because host use dynamic address and prefix configuration mechanism,
and those prefix are managed separately with ones whih are assined
manually.)
2000-01-27 10:04:28 +00:00
brian
26fcba4c5a Move the *intrq variables into net/intrq.c and unconditionally
include this in all kernels.  Declare some const *intrq_present
variables that can be checked by a module prior to using *intrq
to queue data.

Make the if_tun module capable of processing atm, ip, ip6, ipx,
natm and netatalk packets when TUNSIFHEAD is ioctl()d on.

Review not required by: freebsd-hackers
2000-01-24 20:39:02 +00:00
shin
9bd197a8cd Merge a bug fix from freebsd-current; check m != NULL before touching it,
at udp6_ctlinput().
  There should be kernel panic at PCCARD suspend etc, before this bug fix.

Submitted by:  Hajimu UMEMOTO <ume@mahoroba.org>
2000-01-18 09:02:19 +00:00
shin
4338629a91 fix kernel panic at rtfree() in INET6 enabled envrionment.
This is probably due to twice rtfree() in in6_pcbdetach(),
  one for inp->in6p_route.ro_rt, and another one for inp->inp_route.ro_rt.
  But these 2 are actually shared in inpcb, so 2nd rtfree() is not necessary.
2000-01-16 18:00:06 +00:00
shin
e7b807d1e3 Fixed the problem that IPsec connection hangs when bigger data is sent.
-opt_ipsec.h was missing on some tcp files (sorry for basic mistake)
  -made buildable as above fix
  -also added some missing IPv4 mapped IPv6 addr consideration into
   ipsec4_getpolicybysock
2000-01-15 14:56:38 +00:00
shin
a3008c093b wrapped prototype declarations by __P(())
Submitted by: bde
2000-01-15 05:30:15 +00:00
shin
ef76bd553b add forward declarations, and small cosmetic changes.
Submitted by: bde
2000-01-15 05:20:40 +00:00
shin
a74ce09d01 fix wrong name which is hidden by wrong ifdef.
Sorry for build failure. There was a mistake when I moved the patch
from my build check machine to commit machine.

Specified by: peter
2000-01-13 15:27:50 +00:00
shin
8813e718dc Change struct sockaddr_storage member name, because following change
is very likely to become consensus as recent ietf/ipng mailing list
discussion. Also recent KAME repository and other KAME patched BSDs
also applied it.

  s/__ss_family/ss_family/
  s/__ss_len/ss_len/

Makeworld is confirmed, and no application should be affected by this change
yet.
2000-01-13 14:52:53 +00:00
shin
5af875fc35 removed an ours case which think a packet destined to loopback interface
with IPv6 loopback addr for its dest or src addr as ours.
2000-01-13 05:12:48 +00:00
shin
ed0d411602 added missing IPV6_PORTRANGE case. 2000-01-13 05:07:42 +00:00
shin
b8a80c0b8f remove unnecessary "$ifdef INET6" 2000-01-13 05:01:27 +00:00
shin
3bdc213839 tcp updates to support IPv6.
also a small patch to sys/nfs/nfs_socket.c, as max_hdr size change.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
2000-01-09 19:17:30 +00:00
shin
96ab44233f prevent kernel panic at suspend/resume.
confirmed by: sanpei, joe

PR: kern/15742
2000-01-03 17:29:16 +00:00
peter
15b9bcb121 Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL"
is an application space macro and the applications are supposed to be free
to use it as they please (but cannot).  This is consistant with the other
BSD's who made this change quite some time ago.  More commits to come.
1999-12-29 04:46:21 +00:00
shin
8c2ccb59ca Getaddrinfo(), getnameinfo(), and etc support in libc/net.
Several udp and raw apps IPv6 support.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-12-28 02:37:14 +00:00
shin
50ba589c66 IPSEC support in the kernel.
pr_input() routines prototype is also changed to support IPSEC and IPV6
chained protocol headers.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-12-22 19:13:38 +00:00
eivind
8befc1a2b8 Change incorrect NULLs to 0s 1999-12-21 11:14:12 +00:00
green
99a0254a52 M_PREPEND-related cleanups (unregisterifying struct mbuf *s). 1999-12-19 01:55:37 +00:00
shin
d2ada32bc0 rtcalloc() is removed because it turned out not to be necessary for FreeBSD.
(It was added as a part of KAME patch)

Specified by: jdp@polstra.com
1999-12-09 08:56:50 +00:00
shin
70f0bdf681 udp IPv6 support, IPv6/IPv4 tunneling support in kernel,
packet divert at kernel for IPv6/IPv4 translater daemon

This includes queue related patch submitted by jburkhol@home.com.

Submitted by: queue related patch from jburkhol@home.com
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-12-07 17:39:16 +00:00
shin
9298d6c8c5 Just to avoid warning message about trigraph.
Commented by: green
1999-11-30 16:24:36 +00:00
itojun
6081138a55 there's no memcmp() in kernel, use bcmp() instead.
in userland memcmp() is preferred for ANSI preference.
(from KAME repository)
1999-11-29 08:19:01 +00:00
shin
8a8ecd0abc Removed IPSEC and IPV6FIREWALL because they are not ready yet. 1999-11-23 05:42:36 +00:00
shin
cad2014b27 KAME netinet6 basic part(no IPsec,no V6 Multicast Forwarding, no UDP/TCP
for IPv6 yet)

With this patch, you can assigne IPv6 addr automatically, and can reply to
IPv6 ping.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-11-22 02:45:11 +00:00
shin
7efc91cadc KAME related header files additions and merges.
(only those which don't affect c source files so much)

Reviewed by: cvs-committers
Obtained from: KAME project
1999-11-05 14:41:39 +00:00