d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/sys
History
andre d4f49f008f Add the option versrcreach to verify that a valid route to the 
source address of a packet exists in the routing table.  The
default route is ignored because it would match everything and
render the check pointless.

This option is very useful for routers with a complete view of
the Internet (BGP) in the routing table to reject packets with
spoofed or unrouteable source addresses.

Example:

 ipfw add 1000 deny ip from any to any not versrcreach

also known in Cisco-speak as:

  ip verify unicast source reachable-via any

Reviewed by:	luigi
2004-04-23 14:28:38 +00:00
..
alpha
MFamd64
2004-04-18 06:24:51 +00:00
amd64
Don't check for NULL, device_get_softc() always succeeds.
2004-04-21 02:10:58 +00:00
arm
Remove advertising clause from University of California Regent's license,
2004-04-05 21:29:41 +00:00
boot
Fix a last second typo in 'vi' that caused a problem.
2004-04-20 13:34:18 +00:00
cam
The opt_da.h file doesn't exist anymore since the DA_OLD_QUIRKS option
2004-04-19 13:38:10 +00:00
coda
Device megapatch 5/6:
2004-02-21 21:32:15 +00:00
compat
Ok, _really_ fix the Intel 2100B Centrino deadlock problems this time.
2004-04-22 07:08:39 +00:00
conf
Add the ACPI Asus extras driver. Provides support for cool ACPI-controled
2004-04-22 21:29:02 +00:00
contrib
Remove warnings from vendor files. This takes some files off the vendor
2004-04-14 18:12:29 +00:00
crypto
ddb
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
dev
Start programming the bus numbers for the pci<->cardbus. When the
2004-04-23 05:25:13 +00:00
fs
Do not drop Giant around the poll method yet, we're not ready for it.
2004-04-12 21:52:52 +00:00
geom
- Don't check if 'gp' is non-NULL, it always is and GEOM wants to
2004-04-20 17:07:55 +00:00
gnu
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
i4b
Convert callers to the new bus_alloc_resource_any(9) API.
2004-03-17 17:50:55 +00:00
i386
Add the ACPI Asus extras driver. Provides support for cool ACPI-controled
2004-04-22 21:29:02 +00:00
ia64
Don't check for NULL, device_get_softc() always succeeds.
2004-04-21 02:10:58 +00:00
isa
Don't check for device_get_softc() returning NULL, it can't happen.
2004-04-17 10:25:04 +00:00
isofs/cd9660
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
kern
Utilize sf_buf_alloc() rather than pmap_qenter() (and sometimes
2004-04-23 03:01:40 +00:00
libkern
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
modules
Hook up acpi_asus and its manual page in two more places I managed to overlook
2004-04-23 06:29:08 +00:00
net
Readability fixes:
2004-04-21 15:27:36 +00:00
net80211
Resolve the issue of whether frames have FCS or not. Frame data does not
2004-04-05 22:13:21 +00:00
netatalk
Lock down the netatalk AARP code, which is responsible for appletalk
2004-04-09 01:40:12 +00:00
netatm
These are changes to allow to use the Intel C/C++ compiler (lang/icc)
2004-03-12 21:45:33 +00:00
netgraph
+ rename and document an unused field in struct arpcom (field is still
2004-04-18 01:15:32 +00:00
netinet
Add the option versrcreach to verify that a valid route to the
2004-04-23 14:28:38 +00:00
netinet6
ifp has the same value as rt->rti_ifp so remove the dependency
2004-04-19 08:02:52 +00:00
netipsec
Fix a debugging printf snafu.
2004-04-20 14:53:35 +00:00
netipx
Rename dup_sockaddr() to sodupsockaddr() for consistency with other
2004-03-01 03:14:23 +00:00
netkey
netnatm
Rename dup_sockaddr() to sodupsockaddr() for consistency with other
2004-03-01 03:14:23 +00:00
netncp
Make the process_exit eventhandler run without Giant. Add Giant hooks
2004-03-14 02:06:28 +00:00
netsmb
Rename dup_sockaddr() to sodupsockaddr() for consistency with other
2004-03-01 03:14:23 +00:00
nfs
Remove advertising clause from University of California Regent's
2004-04-07 05:00:01 +00:00
nfs4client
Remove advertising clause from University of California Regent's
2004-04-07 20:46:16 +00:00
nfsclient
Let the NFS client notice a file's size changing as a modification.
2004-04-14 23:23:55 +00:00
nfsserver
Don't send the available space as is in the FSSTAT call. Under
2004-04-12 13:02:21 +00:00
opencrypto
kthread_exit() no longer requires Giant, so don't force callers to acquire
2004-03-05 22:42:17 +00:00
pc98
sx was randomly added to NOTES. Instead, place it in the misc
2004-04-14 02:25:31 +00:00
pccard
Convert callers to the new bus_alloc_resource_any(9) API.
2004-03-17 17:50:55 +00:00
pci
Add support for the AMD 8111.
2004-04-20 13:36:44 +00:00
posix4
powerpc
Include <machine/pte.h> since it has been removed from <machine/param.h>.
2004-04-21 22:59:33 +00:00
rpc
Remove advertising clause from University of California Regent's
2004-04-07 05:00:01 +00:00
security
Define BPFD_LOCK_ASSERT() to assert the BPF descriptor lock.
2004-02-29 15:33:56 +00:00
sparc64
Remove avail_end. It is not used.
2004-04-11 06:02:24 +00:00
sys
Utilize sf_buf_alloc() rather than pmap_qenter() (and sometimes
2004-04-23 03:01:40 +00:00
tools
Correct $FreeBSD$ style.
2004-04-16 05:22:11 +00:00
ufs
Record where half the bits in this file came from (from ufs_readwrite.c).
2004-04-07 11:21:18 +00:00
vm
Push down Giant into vm_pager_get_pages(). The only get pages methods that
2004-04-23 06:10:58 +00:00
Makefile