1044 Commits

Author SHA1 Message Date
brian
2509160a79 Add a few ``const''s to silence some -Wwrite-strings warnings 2001-01-29 11:44:13 +00:00
brian
5728ea1f1d Ignore leading witespace in the string given to PacketAliasProxyRule(). 2001-01-29 00:30:01 +00:00
luigi
2ce587262d Make sure we do not follow an invalid pointer in ipfw_report
when we get an incomplete packet or m_pullup fails.
2001-01-27 02:31:08 +00:00
luigi
3366175318 Minor cleanups after yesterday's patch.
The code (bridging and dummynet) actually worked fine!
2001-01-26 19:43:54 +00:00
luigi
8a9237833e Bring dummynet in line with the code that now works in -STABLE.
It compiles, but I cannot test functionality yet.
2001-01-26 06:49:34 +00:00
luigi
08392d8bb0 Pass up errors returned by dummynet. The same should be done with
divert.
2001-01-25 02:06:38 +00:00
wollman
08d0e8d96f Correct a comment. 2001-01-24 16:25:36 +00:00
wes
eeda0df2a3 When attempting to bind to an ephemeral port, if no such port is
available, the error return should be EADDRNOTAVAIL rather than
EAGAIN.

PR:		14181
Submitted by:	Dima Dorfman <dima@unixfreak.org>
Reviewed by:	Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
2001-01-23 07:27:56 +00:00
luigi
2d9565a950 Change critical section protection for dummynet from splnet() to
splimp() -- we need it because dummynet can be invoked by the
bridging code at splimp().

This should cure the pipe "stalls" that several people have been
reporting on -stable while using bridging+dummynet (the problem
would not affect routers using dummynet).
2001-01-22 23:04:13 +00:00
des
b3c27aaaf7 First step towards an MP-safe zone allocator:
- have zalloc() and zfree() always lock the vm_zone.
 - remove zalloci() and zfreei(), which are now redundant.

Reviewed by:	bmilekic, jasone
2001-01-21 22:23:11 +00:00
luigi
02bffeb68b Document data structures and operation on dummynet so next time
I or someone else browse through this code I do not have a hard
time understanding what is going on.
2001-01-17 01:09:40 +00:00
luigi
e09ccfbadf Some dummynet patches that I forgot to commit last summer.
One of them fixes a potential panic when bridging is used and
you run out of mbufs (though i have no idea if the bug has
ever hit anyone).
2001-01-16 23:49:49 +00:00
bmilekic
4cc04a654f Prototype inet_ntoa_r and thereby silence a warning from GCC. The function
is prototyped immediately under inet_ntoa, which is also from libkern.
2001-01-12 07:47:53 +00:00
rwatson
0080a88967 o Minor style(9)ism to make consistent with -STABLE 2001-01-09 18:26:17 +00:00
rwatson
c4fb1f7419 o IPFW incorrectly handled filtering in the presence of previously
reserved and now allocated TCP flags in incoming packets.  This patch
  stops overloading those bits in the IP firewall rules, and moves
  colliding flags to a seperate field, ipflg.  The IPFW userland
  management tool, ipfw(8), is updated to reflect this change.  New TCP
  flags related to ECN are now included in tcp.h for reference, although
  we don't currently implement TCP+ECN.

o To use this fix without completely rebuilding, it is sufficient to copy
  ip_fw.h and tcp.h into your appropriate include directory, then rebuild
  the ipfw kernel module, and ipfw tool, and install both.  Note that a
  mismatch between module and userland tool will result in incorrect
  installation of firewall rules that may have unexpected effects.  This
  is an MFC candidate, following shakedown.  This bug does not appear
  to affect ipfilter.

Reviewed by:	security-officer, billf
Reported by:	Aragon Gouveia <aragon@phat.za.net>
2001-01-09 03:10:30 +00:00
alfred
e06f071f56 provide a sysctl 'net.link.ether.inet.log_arp_wrong_iface' to allow one
to supress logging when ARP replies arrive on the wrong interface:
 "/kernel: arp: 1.2.3.4 is on dc0 but got reply from 00:00:c5:79:d0:0c on dc1"

the default is to log just to give notice about possibly incorrectly
configured networks.
2001-01-06 00:45:08 +00:00
alfred
43233d1e5a Fix incorrect logic wouldn't disconnect incomming connections that had been
disconnected because they were not full.

Submitted by: David Filo
2001-01-03 19:50:23 +00:00
assar
9df0aaf2c1 include tcp header files to get the prototype for tcp_seq_vs_sess 2000-12-27 03:02:29 +00:00
phk
6bfb7240b8 Update the "icmp_admin_prohib_like_rst" code to check the tcp-window and
to be configurable with respect to acting only in SYN or in all TCP states.

PR:		23665
Submitted by:	Jesper Skriver <jesper@skriver.dk>
2000-12-24 10:57:21 +00:00
bmilekic
4b6a7bddad * Rename M_WAIT mbuf subsystem flag to M_TRYWAIT.
This is because calls with M_WAIT (now M_TRYWAIT) may not wait
  forever when nothing is available for allocation, and may end up
  returning NULL. Hopefully we now communicate more of the right thing
  to developers and make it very clear that it's necessary to check whether
  calls with M_(TRY)WAIT also resulted in a failed allocation.
  M_TRYWAIT basically means "try harder, block if necessary, but don't
  necessarily wait forever." The time spent blocking is tunable with
  the kern.ipc.mbuf_wait sysctl.
  M_WAIT is now deprecated but still defined for the next little while.

* Fix a typo in a comment in mbuf.h

* Fix some code that was actually passing the mbuf subsystem's M_WAIT to
  malloc(). Made it pass M_WAITOK instead. If we were ever to redefine the
  value of the M_WAIT flag, this could have became a big problem.
2000-12-21 21:44:31 +00:00
billf
d8586c3f20 Use getmicrotime() instead of microtime() when timestamping ICMP packets,
the former is quicker and accurate enough for use here.

Submitted by:	Jason Slagle <raistlin@toledolink.com> (on IRC)
Reviewed by:	phk
2000-12-16 21:39:48 +00:00
phk
7c7359c504 We currently does not react to ICMP administratively prohibited
messages send by routers when they deny our traffic, this causes
a timeout when trying to connect to TCP ports/services on a remote
host, which is blocked by routers or firewalls.

rfc1122 (Requirements for Internet Hosts) section 3.2.2.1 actually
requi re that we treat such a message for a TCP session, that we
treat it like if we had recieved a RST.

quote begin.

            A Destination Unreachable message that is received MUST be
            reported to the transport layer.  The transport layer SHOULD
            use the information appropriately; for example, see Sections
            4.1.3.3, 4.2.3.9, and 4.2.4 below.  A transport protocol
            that has its own mechanism for notifying the sender that a
            port is unreachable (e.g., TCP, which sends RST segments)
            MUST nevertheless accept an ICMP Port Unreachable for the
            same purpose.

quote end.

I've written a small extension that implement this, it also create
a sysctl "net.inet.tcp.icmp_admin_prohib_like_rst" to control if
this new behaviour is activated.

When it's activated (set to 1) we'll treat a ICMP administratively
prohibited message (icmp type 3 code 9, 10 and 13) for a TCP
sessions, as if we recived a TCP RST, but only if the TCP session
is in SYN_SENT state.

The reason for only reacting when in SYN_SENT state, is that this
will solve the problem, and at the same time minimize the risk of
this being abused.

I suggest that we enable this new behaviour by default, but it
would be a change of current behaviour, so if people prefer to
leave it disabled by default, at least for now, this would be ok
for me, the attached diff actually have the sysctl set to 0 by
default.

PR:		23086
Submitted by:	Jesper Skriver <jesper@skriver.dk>
2000-12-16 19:42:06 +00:00
bmilekic
e94f2430fb Change the following:
1.  ICMP ECHO and TSTAMP replies are now rate limited.
  2.  RSTs generated due to packets sent to open and unopen ports
      are now limited by seperate counters.
  3.  Each rate limiting queue now has its own description, as
      follows:

      Limiting icmp unreach response from 439 to 200 packets per second
      Limiting closed port RST response from 283 to 200 packets per second
      Limiting open port RST response from 18724 to 200 packets per second
      Limiting icmp ping response from 211 to 200 packets per second
      Limiting icmp tstamp response from 394 to 200 packets per second

Submitted by: Mike Silbersack <silby@silby.com>
2000-12-15 21:45:49 +00:00
dwmalone
dd75d1d73b Convert more malloc+bzero to malloc+M_ZERO.
Submitted by:	josh@zipperup.org
Submitted by:	Robert Drehmel <robd@gmx.net>
2000-12-08 21:51:06 +00:00
phk
c3f2ee9700 Staticize some malloc M_ instances. 2000-12-08 20:09:00 +00:00
jlemon
954e1d2ccd Lock down the network interface queues. The queue mutex must be obtained
before adding/removing packets from the queue.  Also, the if_obytes and
if_omcasts fields should only be manipulated under protection of the mutex.

IF_ENQUEUE, IF_PREPEND, and IF_DEQUEUE perform all necessary locking on
the queue.  An IF_LOCK macro is provided, as well as the old (mutex-less)
versions of the macros in the form _IF_ENQUEUE, _IF_QFULL, for code which
needs them, but their use is discouraged.

Two new macros are introduced: IF_DRAIN() to drain a queue, and IF_HANDOFF,
which takes care of locking/enqueue, and also statistics updating/start
if necessary.
2000-11-25 07:35:38 +00:00
jlemon
7f57729d27 Revert the last commit to the callout interface, and add a flag to
callout_init() indicating whether the callout is safe or not.  Update
the callers of callout_init() to reflect the new interface.

Okayed by: Jake
2000-11-25 06:22:16 +00:00
bmilekic
ebe3dfc2d8 Fixup (hopefully) bridging + ipfw + dummynet together...
* Some dummynet code incorrectly handled a malloc()-allocated pseudo-mbuf
  header structure, called "pkt," and could consequently pollute the mbuf
  free list if it was ever passed to m_freem(). The fix involved passing not
  pkt, but essentially pkt->m_next (which is a real mbuf) to the mbuf
  utility routines.

* Also, for dummynet, in bdg_forward(), made the code copy the ethernet header
  back into the mbuf (prepended) because the dummynet code that follows expects
  it to be there but it is, unfortunately for dummynet, passed to bdg_forward
  as a seperate argument.

PRs: kern/19551 ; misc/21534 ; kern/23010
Submitted by: Thomas Moestl <tmoestl@gmx.net>
Reviewed by: bmilekic
Approved by: luigi
2000-11-23 22:25:03 +00:00
ru
bcfcc24426 mdoc(7) police: use the new feature of the An macro. 2000-11-22 08:47:35 +00:00
bmilekic
22569f9f96 While I'm here, get rid of (now useless) MCLISREFERENCED and use MEXT_IS_REF
instead.
Also, fix a small set of "avail." If we're setting `avail,' we shouldn't
be re-checking whether m_flags is M_EXT, because we know that it is, as if
it wasn't, we would have already returned several lines above.

Reviewed by: jlemon
2000-11-11 23:05:59 +00:00
ru
989e1579f6 Fixed the security breach I introduced in rev 1.145.
Disallow getsockopt(IP_FW_ADD) if securelevel >= 3.

PR:		22600
2000-11-07 09:20:32 +00:00
jlemon
88c9bb192d tp->snd_recover is part of the New Reno recovery algorithm, and should
only be checked if the system is currently performing New Reno style
fast recovery.  However, this value was being checked regardless of the
NR state, with the end result being that the congestion window was never
opened.

Change the logic to check t_dupack instead; the only code path that
allows it to be nonzero at this point is NewReno, so if it is nonzero,
we are in fast recovery mode and should not touch the congestion window.

Tested by:	phk
2000-11-04 15:59:39 +00:00
ru
e238590f91 Fixed the bug I have introduced in icmp_error() in revision 1.44.
The amount of data we copy from the original IP datagram into the
ICMP message was computed incorrectly for IP packets with payload
less than 8 bytes.
2000-11-02 09:46:23 +00:00
ru
549eb5cb6b Wrong checksum may have been computed for certain UDP packets.
Reviewed by:	jlemon
2000-11-01 16:56:33 +00:00
ru
add1652da4 Wrong checksum used for certain reassembled IP packets before diverting. 2000-11-01 11:21:45 +00:00
joe
cfd1f32fed It's no longer true that "nobody uses ia beyond here"; it's now
used to keep address based if_data statistics in.

Submitted by:	ru
2000-11-01 01:59:28 +00:00
ru
d498e11914 Do not waste a time saving a copy of IP header if we are certainly
not going to send an ICMP error message (net.inet.udp.blackhole=1).
2000-10-31 09:13:02 +00:00
ru
e25226e0c4 Added boolean argument to link searching functions, indicating
whether they should create a link if lookup has failed or not.
2000-10-30 17:24:12 +00:00
ru
390de194cd A significant rewrite of PPTP aliasing code.
PPTP links are no longer dropped by simple (and inappropriate in this
case) "inactivity timeout" procedure, only when requested through the
control connection.

It is now possible to have multiple PPTP servers running behind NAT.
Just redirect the incoming TCP traffic to port 1723, everything else
is done transparently.

Problems were reported and the fix was tested by:
		Michael Adler <Michael.Adler@compaq.com>,
		David Andersen <dga@lcs.mit.edu>
2000-10-30 12:39:41 +00:00
phk
ff5cdfae2d Move suser() and suser_xxx() prototypes and a related #define from
<sys/proc.h> to <sys/systm.h>.

Correctly document the #includes needed in the manpage.

Add one now needed #include of <sys/systm.h>.
Remove the consequent 48 unused #includes of <sys/proc.h>.
2000-10-29 16:06:56 +00:00
phk
94a5006c9a Remove unneeded #include <sys/proc.h> lines. 2000-10-29 13:57:19 +00:00
darrenr
df59a7ec10 Fix conflicts creted by import. 2000-10-29 07:53:05 +00:00
joe
1ade5b1eab Count per-address statistics for IP fragments.
Requested by:	ru
Obtained from:	BSD/OS
2000-10-29 01:05:09 +00:00
obrien
1712fe1dbd Include sys/param.h for `__FreeBSD_version' rather than the non-existent
osreldate.h.

Submitted by:	dougb
2000-10-27 12:53:31 +00:00
phk
54ca48450c Convert all users of fldoff() to offsetof(). fldoff() is bad
because it only takes a struct tag which makes it impossible to
use unions, typedefs etc.

Define __offsetof() in <machine/ansi.h>

Define offsetof() in terms of __offsetof() in <stddef.h> and <sys/types.h>

Remove myriad of local offsetof() definitions.

Remove includes of <stddef.h> in kernel code.

NB: Kernelcode should *never* include from /usr/include !

Make <sys/queue.h> include <machine/ansi.h> to avoid polluting the API.

Deprecate <struct.h> with a warning.  The warning turns into an error on
01-12-2000 and the file gets removed entirely on 01-01-2001.

Paritials reviews by:   various.
Significant brucifications by:  bde
2000-10-27 11:45:49 +00:00
ru
1eb23e9e86 Fetch the protocol header (TCP, UDP, ICMP) only from the first fragment
of IP datagram.  This fixes the problem when firewall denied fragmented
packets whose last fragment was less than minimum protocol header size.

Found by:	Harti Brandt <brandt@fokus.gmd.de>
PR:		kern/22309
2000-10-27 07:19:17 +00:00
ru
9018a02c92 RFC 791 says that IP_RF bit should always be zero, but nothing
in the code enforces this.  So, do not check for and attempt a
false reassembly if only IP_RF is set.

Also, removed the dead code, since we no longer use dtom() on
return from ip_reass().
2000-10-26 13:14:48 +00:00
darrenr
1a1de29bc0 fix conflicts from rcsids 2000-10-26 12:33:42 +00:00
ru
5ef89cdbba Wrong header length used for certain reassembled IP packets.
This was first fixed in rev 1.82 but then broken in rev 1.125.

PR:		6177
2000-10-26 12:18:13 +00:00
luigi
066ba04e21 Close PR22152 and PR19511 -- correct the naming of a variable 2000-10-26 00:16:12 +00:00