| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All changes are hidden behind the EXPERIMENTAL option and are not compiled
in by default.
Add ND6_IFF_IPV6_ONLY_MANUAL to be able to set the interface into no-IPv4-mode
manually without router advertisement options. This will allow developers to
test software for the appropriate behaviour even on dual-stack networks or
IPv6-Only networks without the option being set in RA messages.
Update ifconfig to allow setting and displaying the flag.
Update the checks for the filters to check for either the automatic or the manual
flag to be set. Add REVARP to the list of filtered IPv4-related protocols and add
an input filter similar to the output filter.
Add a check, when receiving the IPv6-Only RA flag to see if the receiving
interface has any IPv4 configured. If it does, ignore the IPv6-Only flag.
Add a per-VNET global sysctl, which is on by default, to not process the automatic
RA IPv6-Only flag. This way an administrator (if this is compiled in) has control
over the behaviour in case the node still relies on IPv4.
Notes:
svn path=/head/; revision=344859
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Eliminate trailing whitespace on inet, inet6, and groups lines. I think the
"list txpower" command will still show some, but I'm not able to test that.
PR: 153731
Reported-by: Nikolay Denev <ndenev@gmail.com>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D19004
Notes:
svn path=/head/; revision=344559
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Notes:
svn path=/head/; revision=326025
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Exit early if kldload(2) fails (1011259). This is the only change that
affects ifconfig's behavior.
* Close memory and resource leaks (1305624, 1305205, 1007100)
* Mark usage() as _Noreturn (1305806, 1305750)
* Fix some dereference after null checks (1011474, 270774)
Reported by: Coverity
CID: 1305624, 1305205, 1007100, 1305806, 1305750, 1011474,
CID: 270774, 1011259
Reviewed by: cem
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D10587
Notes:
svn path=/head/; revision=317755
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
Notes:
svn path=/head/; revision=314436
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
r301059 accidently introduced a subtle change for point to point interfaces
where an extra space is inserted before the netmask. This can cause issues
for scripts that parse ifconfig output.
Submitted by: Kevin Bowling <kevin.bowling@kev009.com>
Reviewed by: hiren
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D8199
Notes:
svn path=/head/; revision=306896
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Use NI_MAXHOST to size buffers for getnameinfo()
- remove non-standard 'full' inet6 address printing
- remove 'no scope' option
- use strchr(3) to optimize replacing separator character in lladdrs
Reviewed by: gnn, jhb
Differential Revision: https://reviews.freebsd.org/D2856
Notes:
svn path=/head/; revision=301185
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
specified by the -f flag or IFCONFIG_FORMAT environment variable, the user
can request that inet4 subnet masks be printed in CIDR or dotted-quad
notation, in addition to the traditional hex output.
inet6 prefixes can be printed in CIDR as well.
For more documentation see the ifconfig(8) man page.
PR: 169072
Requested by: seanc, marcel, brd, many others
Reviewed by: gnn, jhb (earlier version)
Relnotes: yes
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D2856
Notes:
svn path=/head/; revision=301059
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
that it is NUL terminated. Additional NUL padding is not required
for short names.
Use sizeof(destination) in a few places instead of IFNAMSIZ.
Cast afp->af_ridreq and afp->af_addreq to make the intent of
the code more obvious.
Reported by: Coverity
CID: 1009628, 1009630, 1009631, 1009632, 1009633, 1009635, 1009638
CID: 1009639, 1009640, 1009641, 1009642, 1009643, 1009644, 1009645
CID: 1009646, 1009647, 1010049, 1010050, 1010051, 1010052, 1010053
CID: 1010054, 1011293, 1011294, 1011295, 1011296, 1011297, 1011298
CID: 1011299, 1305821, 1351720, 1351721
MFC after: 1 week
Notes:
svn path=/head/; revision=299873
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=288305
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
because a link where looped back NS messages are permanently observed
does not work with either NDP or ARP for IPv4.
- draft-ietf-6man-enhanced-dad is now RFC 7527.
Discussed with: hiren
MFC after: 3 days
Notes:
svn path=/head/; revision=282805
|
| |
|
|
|
|
|
| |
Sponsored by: Nginx, Inc.
Notes:
svn path=/head/; revision=281143
|
| |
|
|
|
|
|
|
|
| |
- Add no_dad and ignoreloop per-IF knob. no_dad disables DAD completely,
and ignoreloop is to prevent infinite loop in loopback probing state when
loopback is permanently expected.
Notes:
svn path=/head/; revision=279676
|
| |
|
|
|
|
|
|
|
|
|
| |
Reverse the sorting order of the interfaces addresses familise so it should be
the same as getifaddrs(3) order. [2]
Suggested by: hrs [1], bz [2]
Approved by: hrs, bapt
Notes:
svn path=/head/; revision=278107
|
| |
|
|
|
|
|
|
| |
Approved by: bapt, ae
X-MFC-With: r278080
Notes:
svn path=/head/; revision=278081
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
based on the address family. This should help to recognize interfaces with
multiple AF (e.g. ipv4 and ipv6) with many aliases or additional addresses. The
order of addresses inside a single group is strictly preserved.
Improve the scope_id output for AF_INET6 families, as the
current approach uses hexadecimal string that is basically the ID of an
interface, whilst this information is already depicted by getnameinfo(3) call.
Therefore, now ifconfig just prints the scope of address as it is defined in
2.4 of RFC 2373.
PR: 197270
Approved by: bapt
MFC after: 2 weeks
Notes:
svn path=/head/; revision=278080
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
It affects the IPv6 source address selection algorithm (RFC 6724)
and allows override the last rule ("longest matching prefix") for
choosing among equivalent addresses. The address with `prefer_source'
will be preferred source address.
Obtained from: Yandex LLC
MFC after: 1 month
Sponsored by: Yandex LLC
Notes:
svn path=/head/; revision=271307
|
| |
|
|
|
|
|
|
|
|
|
| |
again after usage change from time_second to time_uptime.
PR: 188520
Submitted by: Guy Yur <guyyur__at__gmail.com>
MFC after: 1 week
Notes:
svn path=/head/; revision=268049
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It stops treating the address on the interface as special by source
address selection rule even when the interface is outgoing interface.
This is desired in some situation.
Requested by: hrs
Reviewed by: IHANet folks including hrs
MFC after: 1 week
Notes:
svn path=/head/; revision=245230
|
| |
|
|
|
|
|
|
|
|
| |
- Check V_deembed_scopeid before checking if sa_family == AF_INET6.
- Fix scope id handing in route(8)[2] and ifconfig(8).
Reported by: rpaulo[1], Mateusz Guzik[1], peter[2]
Notes:
svn path=/head/; revision=243866
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
userland via routing socket or sysctl. This eliminates the following
KAME-specific sin6_scope_id handling routine from each userland utility:
sin6.sin6_scope_id = ntohs(*(u_int16_t *)&sin6.sin6_addr.s6_addr[2]);
This behavior can be controlled by net.inet6.ip6.deembed_scopeid. This is
set to 1 by default (sin6_scope_id will be filled in the kernel).
Reviewed by: bz
Notes:
svn path=/head/; revision=243187
|
| |
|
|
|
|
|
|
| |
implementation of RFC 3484 for this purpose for a long time and "prefer_source"
was never implemented actually. ND6_IFF_PREFER_SOURCE macro is left intact.
Notes:
svn path=/head/; revision=238273
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.
The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.
ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.
To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]
The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.
Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!
PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
Notes:
svn path=/head/; revision=228571
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
a /rescue/ifconfig more modern than the kernel could still configure
IPv4 or IPv6 addresses.
Reported by: Andrzej Tobola (ato iem.pw.edu.pl)
Reported by: gcooper
MFC after: 1 day
X-MFC: will not MFC any time soon, just reminder for r222527
Notes:
svn path=/head/; revision=224179
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- A new per-interface knob IFF_ND6_NO_RADR and sysctl IPV6CTL_NO_RADR.
This controls if accepting a route in an RA message as the default route.
The default value for each interface can be set by net.inet6.ip6.no_radr.
The system wide default value is 0.
- A new sysctl: net.inet6.ip6.norbit_raif. This controls if setting R-bit in
NA on RA accepting interfaces. The default is 0 (R-bit is set based on
net.inet6.ip6.forwarding).
Background:
IPv6 host/router model suggests a router sends an RA and a host accepts it for
router discovery. Because of that, KAME implementation does not allow
accepting RAs when net.inet6.ip6.forwarding=1. Accepting RAs on a router can
make the routing table confused since it can change the default router
unintentionally.
However, in practice there are cases where we cannot distinguish a host from
a router clearly. For example, a customer edge router often works as a host
against the ISP, and as a router against the LAN at the same time. Another
example is a complex network configurations like an L2TP tunnel for IPv6
connection to Internet over an Ethernet link with another native IPv6 subnet.
In this case, the physical interface for the native IPv6 subnet works as a
host, and the pseudo-interface for L2TP works as the default IP forwarding
route.
Problem:
Disabling processing RA messages when net.inet6.ip6.forwarding=1 and
accepting them when net.inet6.ip6.forward=0 cause the following practical
issues:
- A router cannot perform SLAAC. It becomes a problem if a box has
multiple interfaces and you want to use SLAAC on some of them, for
example. A customer edge router for IPv6 Internet access service
using an IPv6-over-IPv6 tunnel sometimes needs SLAAC on the
physical interface for administration purpose; updating firmware
and so on (link-local addresses can be used there, but GUAs by
SLAAC are often used for scalability).
- When a host has multiple IPv6 interfaces and it receives multiple RAs on
them, controlling the default route is difficult. Router preferences
defined in RFC 4191 works only when the routers on the links are
under your control.
Details of Implementation Changes:
Router Advertisement messages will be accepted even when
net.inet6.ip6.forwarding=1. More precisely, the conditions are as
follow:
(ACCEPT_RTADV && !NO_RADR && !ip6.forwarding)
=> Normal RA processing on that interface. (as IPv6 host)
(ACCEPT_RTADV && (NO_RADR || ip6.forwarding))
=> Accept RA but add the router to the defroute list with
rtlifetime=0 unconditionally. This effectively prevents
from setting the received router address as the box's
default route.
(!ACCEPT_RTADV)
=> No RA processing on that interface.
ACCEPT_RTADV and NO_RADR are per-interface knob. In short, all interface
are classified as "RA-accepting" or not. An RA-accepting interface always
processes RA messages regardless of ip6.forwarding. The difference caused by
NO_RADR or ip6.forwarding is whether the RA source address is considered as
the default router or not.
R-bit in NA on the RA accepting interfaces is set based on
net.inet6.ip6.forwarding. While RFC 6204 W-1 rule (for CPE case) suggests
a router should disable the R-bit completely even when the box has
net.inet6.ip6.forwarding=1, I believe there is no technical reason with
doing so. This behavior can be set by a new sysctl net.inet6.ip6.norbit_raif
(the default is 0).
Usage:
# ifconfig fxp0 inet6 accept_rtadv
=> accept RA on fxp0
# ifconfig fxp0 inet6 accept_rtadv no_radr
=> accept RA on fxp0 but ignore default route information in it.
# sysctl net.inet6.ip6.norbit_no_radr=1
=> R-bit in NAs on RA accepting interfaces will always be set to 0.
Notes:
svn path=/head/; revision=222728
|
| |
|
|
|
|
|
|
|
| |
own address family.
Reviewed by: bz
Notes:
svn path=/head/; revision=222711
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If compiled in for dual-stack use, test with feature_present(3)
to see if we should register the IPv4/IPv6 address family related
options.
In case there is no "inet" support we would love to go with the
usage() and make the address family mandatory (as it is for anything
but inet in theory). Unfortunately people are used to
ifconfig IF up/down
etc. as well, so use a fallback of "link". Adjust the man page
to reflect these minor details.
Improve error handling printing a warning in addition to the usage
telling that we do not know the given address family in two places.
Reviewed by: hrs, rwatson
Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems
MFC after: 2 weeks
Notes:
svn path=/head/; revision=222527
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
automatic link-local address configuration:
- Convert a sysctl net.inet6.ip6.accept_rtadv to one for the
default value of a per-IF flag ND6_IFF_ACCEPT_RTADV, not a
global knob. The default value of the sysctl is 0.
- Add a new per-IF flag ND6_IFF_AUTO_LINKLOCAL and convert a
sysctl net.inet6.ip6.auto_linklocal to one for its default
value. The default value of the sysctl is 1.
- Make ND6_IFF_IFDISABLED more robust. It can be used to disable
IPv6 functionality of an interface now.
- Receiving RA is allowed if ip6_forwarding==0 *and*
ND6_IFF_ACCEPT_RTADV is set on that interface. The former
condition will be revisited later to support a "host + router" box
like IPv6 CPE router. The current behavior is compatible with
the older releases of FreeBSD.
- The ifconfig(8) now supports these ND6 flags as well as "nud",
"prefer_source", and "disabled" in ndp(8). The ndp(8) now
supports "auto_linklocal".
Discussed with: bz and jinmei
Reviewed by: bz
MFC after: 3 days
Notes:
svn path=/head/; revision=197138
|
| |
|
|
|
|
|
|
|
| |
- Use C99 sparse initialization.
With these changes ifconfig(8) is WARNS=2 clean.
Notes:
svn path=/head/; revision=194799
|
| |
|
|
|
|
|
|
| |
Reviewed by: bms
MFC after: 1 month
Notes:
svn path=/head/; revision=166956
|
| |
|
|
|
|
|
|
|
|
| |
A more correct fix has been committed to ifconfig(8).
Submitted by: bz
PR: 102701
Notes:
svn path=/head/; revision=166446
|
| |
|
|
|
|
|
|
|
|
|
| |
from interfaces.
PR: bin/102701
Submitted by: George Mitchell
MFC after: 3 days
Notes:
svn path=/head/; revision=162637
|
| |
|
|
|
|
|
| |
Approved by: re (dwhite)
Notes:
svn path=/head/; revision=147437
|
| |
|
|
|
|
|
|
| |
NI_WITHSCOPEID, and our getaddrinfo(3) does nothing special
for it, now.
Notes:
svn path=/head/; revision=146187
|
|
|
o break per-address family support out into separate files
o modularize per-address family and functional operations using
a registration mechanism; this permits configuration according
to which files you include (but beware that order of the files
is important to insure backwards compatibility)
o many cleanups to eliminate incestuous behaviour, global variables,
and poor coding practices (still much more to fix)
The original motivation of this work was to support dynamic addition
of functionality based on the interface so we can eliminate the various
little control programs and so that vendors can distribute ifconfig
plugins that support their in-kernel code. That work is still to be
completed.
o Update 802.11 support for all the new net80211 functionality; some
of these operations (e.g. list *) may be better suited in a different
program
Notes:
svn path=/head/; revision=138593
|
