CVS log for src/sys/net/npf/npf_mbuf.c

Up to [cvs.NetBSD.org] / src / sys / net / npf

Request diff between arbitrary revisions

Default branch: MAIN
Current tag: MAIN

Revision 1.11 / (download) - annotate - [select for diffs], Tue Feb 19 23:57:37 2013 UTC (2 months, 4 weeks ago) by rmind
Branch: MAIN
CVS Tags: tls-maxphys-nbase, tls-maxphys-base, khorben-n900, agc-symver-base, agc-symver, HEAD
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored)

nbuf_ensure_contig: fix assert (can be equal if there is zero-length mbuf).
Found by npftest on sparc64.

Revision 1.10 / (download) - annotate - [select for diffs], Sun Jan 20 18:45:56 2013 UTC (3 months, 4 weeks ago) by rmind
Branch: MAIN
CVS Tags: yamt-pagecache-base8
Changes since 1.9: +35 -29 lines
Diff to previous 1.9 (colored)

- nbuf_ensure_contig: rework to use m_ensure_contig(9), which will not free
  the mbuf chain on failure.  Fixes some corner cases.  Improve regression
  test and sprinkle some asserts.
- npf_reassembly: clear nbuf on IPv6 reassembly failure path (partial fix).
  The problem was found and fix provided by Anthony Mallet.

Revision 1.9 / (download) - annotate - [select for diffs], Mon Dec 24 19:05:44 2012 UTC (4 months, 3 weeks ago) by rmind
Branch: MAIN
Changes since 1.8: +157 -144 lines
Diff to previous 1.8 (colored)

- Rework NPF's nbuf interface: use advancing and ensuring as a main method.
  Eliminate unnecessary copy and simplify.  Adapt regression tests.
- Simplify ICMP ALG a little.  While here, handle ICMP ECHO for traceroute.
- Minor fixes, misc cleanup.

Revision 1.8 / (download) - annotate - [select for diffs], Mon Dec 10 01:11:13 2012 UTC (5 months, 1 week ago) by rmind
Branch: MAIN
CVS Tags: yamt-pagecache-base7
Changes since 1.7: +13 -2 lines
Diff to previous 1.7 (colored)

npf_rwrcksum: handle delayed checksums in the network stack; also fix
non-NPF_NAT_PORTS case and add some comments.  PR/47235.

Revision 1.7 / (download) - annotate - [select for diffs], Sat Apr 14 19:01:21 2012 UTC (13 months ago) by rmind
Branch: MAIN
CVS Tags: yamt-pagecache-base6, yamt-pagecache-base5, yamt-pagecache-base4, jmcneill-usbmp-base9, jmcneill-usbmp-base10
Branch point for: tls-maxphys
Changes since 1.6: +4 -4 lines
Diff to previous 1.6 (colored)

Update rumpdev_npf; use WARNS=4.

NPF checkpoint:
- Add the concept of rule procedure: separate normalization, logging and
  potentially other functions from the rule structure.  Rule procedure can be
  shared amongst the rules.  Separation is both at kernel level (npf_rproc_t)
  and configuration ("procedure" + "apply").
- Fix portmap sharing for NAT policy.
- Update TCP state tracking logic.  Use TCP FSM definitions.
- Add if_byindex(), OK by matt@.  Use in logging for the lookup.
- Fix traceroute ALG and many other bugs; misc clean-up.

Revision 1.5 / (download) - annotate - [select for diffs], Thu Nov 11 06:30:39 2010 UTC (2 years, 6 months ago) by rmind
Branch: MAIN
CVS Tags: matt-mips64-premerge-20101231, jruoho-x86intr-base
Branch point for: jruoho-x86intr
Changes since 1.4: +25 -4 lines
Diff to previous 1.4 (colored)

NPF checkpoint:
- Add proper TCP state tracking as described in Guido van Rooij paper,
  plus handle TCP Window Scaling option.
- Completely rework npf_cache_t, reduce granularity, simplify code.
- Add npf_addr_t as an abstraction, amend session handling code, as well
  as NAT code et al, to use it.  Now design is prepared for IPv6 support.
- Handle IPv4 fragments i.e. perform packet reassembly.
- Add support for IPv4 ID randomization and minimum TTL enforcement.
- Add support for TCP MSS "clamping".
- Random bits for IPv6.  Various fixes and clean-up.

Revision 1.4 / (download) - annotate - [select for diffs], Sun Oct 3 19:30:22 2010 UTC (2 years, 7 months ago) by rmind
Branch: MAIN
CVS Tags: yamt-nfs-mp-base11, uebayasi-xip-base4, uebayasi-xip-base3
Branch point for: yamt-nfs-mp, uebayasi-xip
Changes since 1.3: +14 -6 lines
Diff to previous 1.3 (colored)

nbuf_advfetch: fix bug and change behaviour on error case.

Revision 1.3 / (download) - annotate - [select for diffs], Sat Sep 25 00:25:31 2010 UTC (2 years, 7 months ago) by rmind
Branch: MAIN
Changes since 1.2: +17 -2 lines
Diff to previous 1.2 (colored)

Add nbuf_advfetch() and simplify some code slightly.

Revision 1.2 / (download) - annotate - [select for diffs], Thu Sep 16 04:53:27 2010 UTC (2 years, 8 months ago) by rmind
Branch: MAIN
Changes since 1.1: +6 -4 lines
Diff to previous 1.1 (colored)

NPF checkpoint:
- Add support for bi-directional NAT and redirection / port forwarding.
- Finish filtering on ICMP type/code and add filtering on TCP flags.
- Add support for TCP reset (RST) or ICMP destination unreachable on block.
- Fix a bunch of bugs; misc cleanup.

Revision 1.1 / (download) - annotate - [select for diffs], Sun Aug 22 18:56:22 2010 UTC (2 years, 8 months ago) by rmind
Branch: MAIN

Import NPF - a packet filter.  Some features:

- Designed to be fully MP-safe and highly efficient.

- Tables/IP sets (hash or red-black tree) for high performance lookups.

- Stateful filtering and Network Address Port Translation (NAPT).
  Framework for application level gateways (ALGs).

- Packet inspection engine called n-code processor - inspired by BPF -
  supporting generic RISC-like and specific CISC-like instructions for
  common patterns (e.g. IPv4 address matching).  See npf_ncode(9) manual.

- Convenient userland utility npfctl(8) with npf.conf(8).

NOTE: This is not yet a fully capable alternative to PF or IPFilter.
Further work (support for binat/rdr, return-rst/return-icmp, common ALGs,
state saving/restoring, logging, etc) is in progress.

Thanks a lot to Matt Thomas for various useful comments and code review.
Aye by: board@

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Diffs between
and

CVSweb <webmaster@jp.NetBSD.org>

Preferred Diff type:
View only Branch:
Sort log by: