summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_input.c
Commit message (Collapse)AuthorAgeFilesLines
* Convert ipfw to use opt_ipfw.hGary Palmer1996-06-121-1/+3
| | | | Notes: svn path=/head/; revision=16333
* Changed some memcpy()'s back to bcopy()'s.Bruce Evans1996-06-081-2/+2
| | | | | | | | | | gcc only inlines memcpy()'s whose count is constant and didn't inline these. I want memcpy() in the kernel go away so that it's obvious that it doesn't need to be optimized. Now it is only used for one struct copy in si.c. Notes: svn path=/head/; revision=16206
* Clean up various compiler warnings. Most (if not all) were benignGary Palmer1996-05-081-1/+6
| | | | | | | Reviewed by: bde Notes: svn path=/head/; revision=15680
* Fix a bogon I introduced with my last change.Poul-Henning Kamp1996-04-121-2/+2
| | | | | | | Submitted by: Andreas Klemm <andreas@knobel.gun.de> Notes: svn path=/head/; revision=15211
* Add feature for tcp "established".Poul-Henning Kamp1996-04-031-25/+10
| | | | | | | | Change interface between netinet and ip_fw to be more general, and thus hopefully also support other ip filtering implementations. Notes: svn path=/head/; revision=15026
* Check the validity of ia->ia_ifp before we dereference it.Poul-Henning Kamp1996-03-251-2/+2
| | | | Notes: svn path=/head/; revision=14817
* Make getsockopt() capable of handling more than one mbuf worth of data.Poul-Henning Kamp1996-02-241-3/+3
| | | | | | | | Use this to read rules out of ipfw. Add the lkm code to ipfw.c Notes: svn path=/head/; revision=14232
* The new firewall functionality:Poul-Henning Kamp1996-02-241-1/+4
| | | | | | | | Filter on the direction (in/out). Filter on fragment/not fragment. Notes: svn path=/head/; revision=14230
* Big sweep over the IPFIREWALL and IPACCT code.Poul-Henning Kamp1996-02-231-15/+21
| | | | | | | | | | | | | | | | | Close the ip-fragment hole. Waste less memory. Rewrite to contemporary more readable style. Kill separate IPACCT facility, use "accept" rules in IPFIREWALL. Filter incoming >and< outgoing packets. Replace "policy" by sticky "deny all" rule. Rules have numbers used for ordering and deletion. Remove "rerorder" code entirely. Count packet & bytecount matches for rules. Code in -current & -stable is now the same. Notes: svn path=/head/; revision=14209
* Provide a direct entry point for IP input. This actually resultsGarrett Wollman1996-02-051-25/+32
| | | | | | | | in a slight decrease in performance, but will lead to better performance later. Notes: svn path=/head/; revision=13929
* Finally demolished the last, tottering remnants of GATEWAY. If you wantGarrett Wollman1996-01-051-14/+3
| | | | | | | | | | to enable IP forwarding, use sysctl(8). Also did the same for IPX, which involved inventing a completely new MIB from whole cloth (which I may not quite have correct); be aware of this if you use IPX forwarding. (The two should never have been controlled by the same option anyway.) Notes: svn path=/head/; revision=13266
* Delete old-style-broadcast-address compatibility cruft in IP input path.Garrett Wollman1995-12-211-3/+3
| | | | | | | | If users want to use the old-style broadcast addresses, they will have to currectly configure their systems. Notes: svn path=/head/; revision=12955
* Demolish DIRECTED_BROADCAST. It was always a bad idea, and nobody uses it.Garrett Wollman1995-12-201-15/+8
| | | | Notes: svn path=/head/; revision=12940
* Actually call in_rtqdrain()as was originally intended.Garrett Wollman1995-12-191-2/+3
| | | | Notes: svn path=/head/; revision=12933
* Another mega commit to staticize things.Poul-Henning Kamp1995-12-141-4/+4
| | | | Notes: svn path=/head/; revision=12820
* Removed unnecessary #includes of vm stuff. Most of them were onceBruce Evans1995-12-061-3/+1
| | | | | | | | | | prerequisites for <sys/sysctl.h>. subr_prof.c: Also replaced #include of <sys/user.h> by #include of <sys/resourcevar.h>. Notes: svn path=/head/; revision=12657
* New style sysctl & staticize alot of stuff.Poul-Henning Kamp1995-11-141-68/+51
| | | | Notes: svn path=/head/; revision=12296
* Instrument the IP input queue with two new read-only MIB entries:Garrett Wollman1995-11-011-1/+6
| | | | | | | | | | | net.inet.ip.intr-queue-maxlen (=== ipintrq.ifq_maxlen) and net.inet.ip.intr-queue-drops (=== ipintrq.ifq_drops) There should probably be a standard way of getting the same information going the other way. Notes: svn path=/head/; revision=12003
* Change the compile-time option of DIRECTED_BROADCAST into a sysctlPeter Wemm1995-07-181-5/+9
| | | | | | | | | variable underneath ip, "directed-broadcast". Reviewed by: David Greenman Obtained from: NetBSD, by Darren Reed. Notes: svn path=/head/; revision=9575
* Fixed panic that occurs on certain firewall rejected packets that wasDavid Greenman1995-07-091-2/+2
| | | | | | | | | | caused by dtom() being used on an mbuf cluster. The fix involves passing around the mbuf pointer. Submitted by: Bill Fenner Notes: svn path=/head/; revision=9460
* reject option in ip_fw used to panic the system. This fixes it.Guido van Rooij1995-06-271-2/+2
| | | | | | | | | | -Guido Reviewed by: Submitted by: Obtained from: Notes: svn path=/head/; revision=9338
* Kernel side of 3.5 multicast routing code, based on work by Bill FennerGarrett Wollman1995-06-131-8/+26
| | | | | | | | and other work done here. The LKM support is probably broken, but it still compiles and will be fixed later. Notes: svn path=/head/; revision=9209
* Remove trailing whitespace.Rodney W. Grimes1995-05-301-9/+9
| | | | Notes: svn path=/head/; revision=8876
* Make networking domains drop-ins, through the magic of GNU ld. (Some day,Garrett Wollman1995-05-111-2/+5
| | | | | | | | | there may even be LKMs.) Also, change the internal name of `unixdomain' to `localdomain' since AF_LOCAL is now the preferred name of this family. Declare netisr correctly and in the right place. Notes: svn path=/head/; revision=8426
* Replaced some bcopy()'s with memcpy()'s so that gcc while inline/optimize.David Greenman1995-05-091-15/+15
| | | | Notes: svn path=/head/; revision=8384
* Reject source routes unless configured on by administrator.Garrett Wollman1995-03-161-17/+21
| | | | Notes: svn path=/head/; revision=7091
* Add and move declarations to fix all of the warnings from `gcc -Wimplicit'Bruce Evans1995-03-161-5/+4
| | | | | | | | | (except in netccitt, netiso and netns) and most of the warnings from `gcc -Wnested-externs'. Fix all the bugs found. There were no serious ones. Notes: svn path=/head/; revision=7090
* Attempt to make the host route cache a bit smarter under conditions ofGarrett Wollman1995-02-141-2/+11
| | | | | | | | | | | | | | | | high load: 1) If there ever get to be more than net.inet.ip.rtmaxcache entries in the cache, in_rtqtimo() will reduce net.inet.ip.rtexpire by 1/3 and do another round, unles net.inet.ip.rtexpire is less than net.inet.ip.rtminexpire, and never more than once in ten minutes (rtq_timeout). 2) If net.inet.ip.rtexpire is set to zero, don't bother to cache anything. Notes: svn path=/head/; revision=6399
* Remove a possible loophole - previously the code wouldn't pass packets destinedGary Palmer1995-02-071-5/+4
| | | | | | | | | to the loopback address to the packet filter. Reviewed by: "Ugen J.S.Antsilevich" <ugen@netvision.net.il> Notes: svn path=/head/; revision=6237
* Actual firewall change.Ugen J.S. Antsilevich1995-01-121-24/+18
| | | | | | | | | | 1) Firewall is not subdivided on forwarding / blocking chains anymore.Actually only one chain left-it was the blocking one. 2) LKM support.ip_fwdef.c is function pointers definition and goes into kernel along with all INET stuff. Notes: svn path=/head/; revision=5543
* Make rtq_reallyold user-configurable via sysctl.Garrett Wollman1994-12-141-1/+5
| | | | Notes: svn path=/head/; revision=5109
* Call rtalloc_ign() so that protocol cloning will not occur at the IP layer.Garrett Wollman1994-12-131-4/+6
| | | | Notes: svn path=/head/; revision=5105
* Add match by interface from which packet arrived (via)Ugen J.S. Antsilevich1994-12-121-9/+4
| | | | | | | | Handle right fragmented packets. Remove checking option from kernel.. Notes: svn path=/head/; revision=5085
* Ugen J.S.Antsilevich's latest, happiest, IP firewall code.Jordan K. Hubbard1994-11-161-1/+20
| | | | | | | | Poul: Please take this into BETA. It's non-intrusive, and a rather substantial improvement over what was there before. Notes: svn path=/head/; revision=4523
* Almost 12th hour (the 11th hour was almost an hour ago :-) patchesJordan K. Hubbard1994-11-081-3/+3
| | | | | | | from Ugen. Notes: svn path=/head/; revision=4277
* IP Firewall code from Daniel Boulet and J.S.AntsilevichJordan K. Hubbard1994-10-281-2/+24
| | | | | | | Submitted by: danny ugen Notes: svn path=/head/; revision=3969
* Cosmetics. Silence gcc -Wall.Poul-Henning Kamp1994-10-101-2/+2
| | | | Notes: svn path=/head/; revision=3497
* GCC cleanup.Poul-Henning Kamp1994-10-021-4/+5
| | | | | | | | | Reviewed by: Submitted by: Obtained from: Notes: svn path=/head/; revision=3311
* Shuffle some functions and variables around to make it possible forGarrett Wollman1994-09-141-3/+1
| | | | | | | | multicast routing to be implemented as an LKM. (There's still a bit of work to do in this area.) Notes: svn path=/head/; revision=2754
* Initial get-the-easy-case-working upgrade of the multicast codeGarrett Wollman1994-09-061-4/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to something more recent than the ancient 1.2 release contained in 4.4. This code has the following advantages as compared to previous versions (culled from the README file for the SunOS release): - True multicast delivery - Configurable rate-limiting of forwarded multicast traffic on each physical interface or tunnel, using a token-bucket limiter. - Simplistic classification of packets for prioritized dropping. - Administrative scoping of multicast address ranges. - Faster detection of hosts leaving groups. - Support for multicast traceroute (code not yet available). - Support for RSVP, the Resource Reservation Protocol. What still needs to be done: - The multicast forwarder needs testing. - The multicast routing daemon needs to be ported. - Network interface drivers need to have the `#ifdef MULTICAST' goop ripped out of them. - The IGMP code should probably be bogon-tested. Some notes about the porting process: In some cases, the Berkeley people decided to incorporate functionality from later releases of the multicast code, but then had to do things differently. As a result, if you look at Deering's patches, and then look at our code, it is not always obvious whether the patch even applies. Let the reader beware. I ran ip_mroute.c through several passes of `unifdef' to get rid of useless grot, and to permanently enable the RSVP support, which we will include as standard. Ported by: Garrett Wollman Submitted by: Steve Deering and Ajit Thyagarajan (among others) Notes: svn path=/head/; revision=2531
* Fix up some sloppy coding practices:Garrett Wollman1994-08-181-1/+4
| | | | | | | | | | | | | | | - Delete redundant declarations. - Add -Wredundant-declarations to Makefile.i386 so they don't come back. - Delete sloppy COMMON-style declarations of uninitialized data in header files. - Add a few prototypes. - Clean up warnings resulting from the above. NB: ioconf.c will still generate a redundant-declaration warning, which is unavoidable unless somebody volunteers to make `config' smarter. Notes: svn path=/head/; revision=2112
* Added $Id$David Greenman1994-08-021-0/+1
| | | | Notes: svn path=/head/; revision=1817
* The big 4.4BSD Lite to FreeBSD 2.0.0 (Development) patch.Rodney W. Grimes1994-05-251-1/+1
| | | | | | | | Reviewed by: Rodney W. Grimes Submitted by: John Dyson and David Greenman Notes: svn path=/head/; revision=1549
* BSD 4.4 Lite Kernel SourcesRodney W. Grimes1994-05-241-0/+1166
Notes: svn path=/head/; revision=1541
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-04 22:21:51 +0000