#
9b8db664 |
|
31-May-2024 |
Dmitry Lukhtionov <dmitryluhtionov@gmail.com> |
netgraph: provide separate malloc type for nodes that are missing it The kernel option NG_SEPARATE_MALLOC helps to debug memory leaks in netgraph(4). Several nodes were missing the support.
|
#
a8b70cf2 |
|
24-Dec-2023 |
Richard Scheffenegger <rscheff@FreeBSD.org> |
netpfil: Use accessor functions and named constants for all tcphdr flags Update all remaining references to the struct tcphdr th_x2 field. This completes the compatibilty of various aspects with AccECN (TH_AE), after the internal ipfw "re-checksum required" was moved to use the TH_RES1 flag. No functional change. Reviewed By: tuexen, #transport, glebius Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D43172
|
#
95ee2897 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
sys: Remove $FreeBSD$: two-line .h pattern Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
|
#
4d846d26 |
|
10-May-2023 |
Warner Losh <imp@FreeBSD.org> |
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch up to that fact and revert to their recommended match of BSD-2-Clause. Discussed with: pfg MFC After: 3 days Sponsored by: Netflix
|
#
5fe433a6 |
|
24-Jan-2021 |
Neel Chauhan <nc@FreeBSD.org> |
netgraph/ng_nat: Add RFC 6598/Carrier Grade NAT support This extends upon the RFC 6598 support to libalias/ipfw in r357092. Reviewed By: manpages (bcr), donner, adrian, kp Approved by: kp (mentor) MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D23461
|
#
662c1305 |
|
01-Sep-2020 |
Mateusz Guzik <mjg@FreeBSD.org> |
net: clean up empty lines in .c and .h files
|
#
49f384cb |
|
11-Feb-2020 |
Eugene Grosbein <eugen@FreeBSD.org> |
ng_nat: avoid panic if attached directly to ng_ether and got short packet From the beginning, ng_nat safely assumed cleansed traffic because of limited ways it could be attached to NETGRAPH: ng_ipfw or ng_ppp only. Now as it may be attached with ng_ether too, the assumption proven wrong. Add needed check to the ng_nat. Thanks for markj for debugging this. PR: 243096 Submitted by: Lutz Donnerhacke <lutz@donnerhacke.de> Reported by: Robert James Hernandez <rob@sarcasticadmin.com> Reviewed by: markj and others MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D23091
|
#
66351f51 |
|
23-Jan-2020 |
Mark Johnston <markj@FreeBSD.org> |
ng_nat: Pass IPv6 packets through. ng_nat implements NAT for IPv4 traffic only. When connected to an ng_ether node it erroneously handled IPv6 packets as well. This change is not sufficient: ng_nat does not do any validation of IP packets in this mode, even though they have not yet passed through ip_input(). PR: 243096 Reported by: Robert James Hernandez <rob@sarcasticadmin.com> Reviewed by: julian Differential Revision: https://reviews.freebsd.org/D23080
|
#
b7841ae6 |
|
17-Dec-2018 |
Maxim Sobolev <sobomax@FreeBSD.org> |
Allow ng_nat to be attached to a ethernet interface directly via ng_ether(4) or the likes. Add new control message types: setdlt and getdlt to switch from default DLT_RAW (no encapsulation) to DLT_EN10MB (ethernet). Approved by: glebius MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D18535
|
#
fe267a55 |
|
27-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
sys: general adoption of SPDX licensing ID tags. Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. No functional change intended.
|
#
74b8d63d |
|
10-Apr-2016 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
Cleanup unnecessary semicolons from the kernel. Found with devel/coccinelle.
|
#
5aedfa32 |
|
21-Mar-2013 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Add NGM_NAT_LIBALIAS_INFO command, that reports internal stats of libalias instance. To be used in the mpd5 daemon. Submitted by: Dmitry Luhtionov <dmitryluhtionov gmail.com>
|
#
23e9c6dc |
|
08-Oct-2012 |
Gleb Smirnoff <glebius@FreeBSD.org> |
After r241245 it appeared that in_delayed_cksum(), which still expects host byte order, was sometimes called with net byte order. Since we are moving towards net byte order throughout the stack, the function was converted to expect net byte order, and its consumers fixed appropriately: - ip_output(), ipfilter(4) not changed, since already call in_delayed_cksum() with header in net byte order. - divert(4), ng_nat(4), ipfw_nat(4) now don't need to swap byte order there and back. - mrouting code and IPv6 ipsec now need to switch byte order there and back, but I hope, this is temporary solution. - In ipsec(4) shifted switch to net byte order prior to in_delayed_cksum(). - pf_route() catches up on r241245 changes to ip_output().
|
#
c57e67d0 |
|
07-Jun-2011 |
Andrey V. Elsukov <ae@FreeBSD.org> |
Sync ng_nat with recent (r222806) ipfw_nat changes: Make a behaviour of the libalias based in-kernel NAT a bit closer to how natd(8) does work. natd(8) drops packets only when libalias returns PKT_ALIAS_IGNORED and "deny_incoming" option is set, but ipfw_nat always did drop packets that were not aliased, even if they should not be aliased and just are going through. Also add SCTP support: mark response packets to skip firewall processing. MFC after: 1 month
|
#
ca47294d |
|
18-Apr-2011 |
Gleb Smirnoff <glebius@FreeBSD.org> |
LibAliasInit() should allocate memory with M_WAITOK flag. Modify it and its callers.
|
#
674d86bf |
|
18-Apr-2011 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Node constructor methods are supposed to be called in syscall context always. Convert nodes to consistently use M_WAITOK flag for memory allocation. Reviewed by: julian
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
1ede983c |
|
23-Oct-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Retire the MALLOC and FREE macros. They are an abomination unto style(9). MFC after: 3 months
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
a9a13b54 |
|
01-Jun-2008 |
Alexander Motin <mav@FreeBSD.org> |
Pass really available buffer size to libalias instead of MCLBYTES constant. MCLBYTES constant were used with believe that m_megapullup() always moves date into a fresh cluster that may become not so.
|
#
fffba935 |
|
01-Mar-2008 |
Alexander Motin <mav@FreeBSD.org> |
Add support for the libalias redirect functionality. Submitted by: Vadim Goncharov <vadim_nuclight@mail.ru>
|
#
e842c540 |
|
21-May-2007 |
Alexander Motin <mav@FreeBSD.org> |
Add support for setmode and settarget messages. Approved by: glebius (mentor)
|
#
179f56e1 |
|
21-May-2007 |
Alexander Motin <mav@FreeBSD.org> |
Allow node to bypass traffic while no alias address defined. Approved by: glebius (mentor)
|
#
4b4ee018 |
|
21-Dec-2006 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Return value PKT_ALIAS_FOUND_HEADER_FRAGMENT isn't an error case. The packet shouldn't be dropped. Submitted by: Alexander Motin <mav alkar.net>
|
#
e7bf4700 |
|
11-Dec-2006 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Correctly calculate length of IP header. Submitted by: Eugene Hartmann <eugene tpsb.com.ru>
|
#
e876228e |
|
01-Dec-2006 |
Paolo Pisati <piso@FreeBSD.org> |
Remove m_megapullup from ng_nat and put it under libalias. Approved by: gleb
|
#
b0dc0083 |
|
13-Oct-2006 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Fix result of some mechanical change that I did some time ago, when writing this node.
|
#
3a48a9fa |
|
27-Jun-2005 |
Gleb Smirnoff <glebius@FreeBSD.org> |
- After LibAlias processing check for TCP packet with th_x2 field set. If found, then recalculate its checksum. - Remove debugging printfs. - Slightly rearrange code in ng_nat_rcvdata(). Approved by: re (scottl)
|
#
cc8c6970 |
|
11-May-2005 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Move assertion below initializer. Submitted by: Noritoshi Demizu Pointy hat to: glebius
|
#
2046fd5f |
|
10-May-2005 |
Gleb Smirnoff <glebius@FreeBSD.org> |
- Assert that mbuf length equals packet length. - Tell libalias, that we have MCLBYTES to play with. - Obtain length of data in mbuf from updated IP header.
|
#
c4c9b52b |
|
05-May-2005 |
Gleb Smirnoff <glebius@FreeBSD.org> |
ng_nat - a netgraph(4) node, which does NAT
|