![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / netinet
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: MAIN
Revision 1.325 / (download) - annotate - [select for diffs], Fri Jun 22 15:09:36 2012 UTC (11 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base8,
yamt-pagecache-base7,
yamt-pagecache-base6,
tls-maxphys-nbase,
tls-maxphys-base,
tls-maxphys,
khorben-n900,
agc-symver-base,
agc-symver,
HEAD
Changes since 1.324: +2 -7
lines
Diff to previous 1.324 (colored)
remove unintended commit (this was to avoid a bug in the hme driver which I have not been able to reproduce)
Revision 1.324 / (download) - annotate - [select for diffs], Fri Jun 22 14:54:35 2012 UTC (11 months ago) by christos
Branch: MAIN
Changes since 1.323: +7 -2
lines
Diff to previous 1.323 (colored)
PR/46602: Move the rfc6056 port randomization to the IP layer.
Revision 1.323 / (download) - annotate - [select for diffs], Fri Apr 13 15:35:57 2012 UTC (13 months, 1 week ago) by yamt
Branch: MAIN
CVS Tags: yamt-pagecache-base5,
yamt-pagecache-base4,
jmcneill-usbmp-base9,
jmcneill-usbmp-base10
Changes since 1.322: +8 -2
lines
Diff to previous 1.322 (colored)
comment
Revision 1.322 / (download) - annotate - [select for diffs], Thu Mar 22 20:34:39 2012 UTC (14 months ago) by drochner
Branch: MAIN
CVS Tags: jmcneill-usbmp-base8
Changes since 1.321: +6 -11
lines
Diff to previous 1.321 (colored)
remove KAME IPSEC, replaced by FAST_IPSEC
Revision 1.321 / (download) - annotate - [select for diffs], Wed Jan 11 14:39:08 2012 UTC (16 months, 1 week ago) by drochner
Branch: MAIN
CVS Tags: netbsd-6-base,
netbsd-6-1-RELEASE,
netbsd-6-1-RC4,
netbsd-6-1-RC3,
netbsd-6-1-RC2,
netbsd-6-1-RC1,
netbsd-6-1,
netbsd-6-0-RELEASE,
netbsd-6-0-RC2,
netbsd-6-0-RC1,
netbsd-6-0-2-RELEASE,
netbsd-6-0-1-RELEASE,
netbsd-6-0,
netbsd-6,
matt-nb6-plus-nbase,
matt-nb6-plus-base,
matt-nb6-plus,
jmcneill-usbmp-base7,
jmcneill-usbmp-base6,
jmcneill-usbmp-base5,
jmcneill-usbmp-base4,
jmcneill-usbmp-base3,
jmcneill-usbmp-base2
Changes since 1.320: +3 -3
lines
Diff to previous 1.320 (colored)
fix build in the (FAST_)IPSEC & TCP_SIGNATURE case
Revision 1.320 / (download) - annotate - [select for diffs], Sat Dec 31 20:41:59 2011 UTC (16 months, 3 weeks ago) by christos
Branch: MAIN
Changes since 1.319: +4 -4
lines
Diff to previous 1.319 (colored)
- fix offsetof usage, and redundant defines - kill pointer casts to 0
Revision 1.319 / (download) - annotate - [select for diffs], Mon Dec 19 11:59:57 2011 UTC (17 months ago) by drochner
Branch: MAIN
Changes since 1.318: +9 -9
lines
Diff to previous 1.318 (colored)
rename the IPSEC in-kernel CPP variable and config(8) option to KAME_IPSEC, and make IPSEC define it so that existing kernel config files work as before Now the default can be easily be changed to FAST_IPSEC just by setting the IPSEC alias to FAST_IPSEC.
Revision 1.318 / (download) - annotate - [select for diffs], Sat Nov 19 22:51:25 2011 UTC (18 months ago) by tls
Branch: MAIN
CVS Tags: jmcneill-usbmp-pre-base2,
jmcneill-usbmp-base
Branch point for: jmcneill-usbmp
Changes since 1.317: +5 -4
lines
Diff to previous 1.317 (colored)
First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following: An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time. A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available. The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time. An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm. A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream. An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice. In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve. The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component. The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run. A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl. The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet. Manual pages for the new kernel interfaces are forthcoming.
Revision 1.317 / (download) - annotate - [select for diffs], Mon Oct 31 13:01:42 2011 UTC (18 months, 3 weeks ago) by yamt
Branch: MAIN
CVS Tags: yamt-pagecache-base3,
yamt-pagecache-base2,
yamt-pagecache-base,
jmcneill-audiomp3-base,
jmcneill-audiomp3
Branch point for: yamt-pagecache
Changes since 1.316: +2 -3
lines
Diff to previous 1.316 (colored)
fix a double unlock bug introduced by tcp_input.c rev.1.312.
Revision 1.316 / (download) - annotate - [select for diffs], Wed Aug 31 18:31:03 2011 UTC (20 months, 3 weeks ago) by plunky
Branch: MAIN
Changes since 1.315: +3 -3
lines
Diff to previous 1.315 (colored)
NULL does not need a cast
Revision 1.315 / (download) - annotate - [select for diffs], Sun Jul 17 20:54:53 2011 UTC (22 months, 1 week ago) by joerg
Branch: MAIN
Changes since 1.314: +2 -4
lines
Diff to previous 1.314 (colored)
Retire varargs.h support. Move machine/stdarg.h logic into MI sys/stdarg.h and expect compiler to provide proper builtins, defaulting to the GCC interface. lint still has a special fallback. Reduce abuse of _BSD_VA_LIST_ by defining __va_list by default and derive va_list as required by standards.
Revision 1.314 / (download) - annotate - [select for diffs], Wed May 25 23:20:57 2011 UTC (2 years ago) by gdt
Branch: MAIN
CVS Tags: rmind-uvmplock-nbase,
rmind-uvmplock-base,
cherry-xenmp-base,
cherry-xenmp
Changes since 1.313: +4 -4
lines
Diff to previous 1.313 (colored)
Remove erroneous additional tick in RTO estimation. The variable ts_rtt is 1 plus the RTT, so that 0 can mean invalid measurement. However, the code failed to subtract the 1 back out before use. With this change, TCP from Massachusetts to France now typically has 1s RTO values, rather than 1.5s. This bug was found and fixed by Bev Schwartz of BBN. This material is based upon work supported by the Defense Advanced Research Projects Agency and Space and Naval Warfare Systems Center, Pacific, under Contract No. N66001-09-C-2073. Approved for Public Release, Distribution Unlimited
Revision 1.313 / (download) - annotate - [select for diffs], Tue May 17 05:40:24 2011 UTC (2 years ago) by dholland
Branch: MAIN
Changes since 1.312: +3 -3
lines
Diff to previous 1.312 (colored)
typo in comment
Revision 1.312 / (download) - annotate - [select for diffs], Tue May 3 18:28:45 2011 UTC (2 years ago) by dyoung
Branch: MAIN
Changes since 1.311: +305 -28
lines
Diff to previous 1.311 (colored)
Reduces the resources demanded by TCP sessions in TIME_WAIT-state using methods called Vestigial Time-Wait (VTW) and Maximum Segment Lifetime Truncation (MSLT). MSLT and VTW were contributed by Coyote Point Systems, Inc. Even after a TCP session enters the TIME_WAIT state, its corresponding socket and protocol control blocks (PCBs) stick around until the TCP Maximum Segment Lifetime (MSL) expires. On a host whose workload necessarily creates and closes down many TCP sockets, the sockets & PCBs for TCP sessions in TIME_WAIT state amount to many megabytes of dead weight in RAM. Maximum Segment Lifetimes Truncation (MSLT) assigns each TCP session to a class based on the nearness of the peer. Corresponding to each class is an MSL, and a session uses the MSL of its class. The classes are loopback (local host equals remote host), local (local host and remote host are on the same link/subnet), and remote (local host and remote host communicate via one or more gateways). Classes corresponding to nearer peers have lower MSLs by default: 2 seconds for loopback, 10 seconds for local, 60 seconds for remote. Loopback and local sessions expire more quickly when MSLT is used. Vestigial Time-Wait (VTW) replaces a TIME_WAIT session's PCB/socket dead weight with a compact representation of the session, called a "vestigial PCB". VTW data structures are designed to be very fast and memory-efficient: for fast insertion and lookup of vestigial PCBs, the PCBs are stored in a hash table that is designed to minimize the number of cacheline visits per lookup/insertion. The memory both for vestigial PCBs and for elements of the PCB hashtable come from fixed-size pools, and linked data structures exploit this to conserve memory by representing references with a narrow index/offset from the start of a pool instead of a pointer. When space for new vestigial PCBs runs out, VTW makes room by discarding old vestigial PCBs, oldest first. VTW cooperates with MSLT. It may help to think of VTW as a "FIN cache" by analogy to the SYN cache. A 2.8-GHz Pentium 4 running a test workload that creates TIME_WAIT sessions as fast as it can is approximately 17% idle when VTW is active versus 0% idle when VTW is inactive. It has 103 megabytes more free RAM when VTW is active (approximately 64k vestigial PCBs are created) than when it is inactive.
Revision 1.311 / (download) - annotate - [select for diffs], Mon Apr 25 22:12:43 2011 UTC (2 years ago) by yamt
Branch: MAIN
Changes since 1.310: +7 -7
lines
Diff to previous 1.310 (colored)
tcp_input: simplify redundant assignment. no functional changes.
Revision 1.310 / (download) - annotate - [select for diffs], Wed Apr 20 14:08:07 2011 UTC (2 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.309: +4 -4
lines
Diff to previous 1.309 (colored)
Fix typos.
Revision 1.309 / (download) - annotate - [select for diffs], Wed Apr 20 13:35:51 2011 UTC (2 years, 1 month ago) by gdt
Branch: MAIN
Changes since 1.308: +53 -18
lines
Diff to previous 1.308 (colored)
Rewrite comments about TCP RTO calculations. Long ago, the storage representations of srtt and rttvar were changed from the 4.4BSD scheme, and the comments are out of sync with the code. This commit rewrites most of the comments that explain the RTO calculations, and points out some issues in the code. Joint work with Bev Schwartz of BBN (original analysis and comments), but I have rewritten and extended them, so errors are mine. This material is based upon work supported by the Defense Advanced Research Projects Agency and Space and Naval Warfare Systems Center, Pacific, under Contract No. N66001-09-C-2073. Approved for Public Release, Distribution Unlimited
Revision 1.308 / (download) - annotate - [select for diffs], Thu Apr 14 15:48:48 2011 UTC (2 years, 1 month ago) by yamt
Branch: MAIN
Changes since 1.307: +10 -3
lines
Diff to previous 1.307 (colored)
comments
Revision 1.307 / (download) - annotate - [select for diffs], Wed Mar 9 00:44:23 2011 UTC (2 years, 2 months ago) by yamt
Branch: MAIN
Changes since 1.306: +3 -3
lines
Diff to previous 1.306 (colored)
fix a typo in rev.1.283, which broke tcp dupack and duppack statistics.
Revision 1.306 / (download) - annotate - [select for diffs], Thu Dec 2 19:07:27 2010 UTC (2 years, 5 months ago) by plunky
Branch: MAIN
CVS Tags: matt-mips64-premerge-20101231,
jruoho-x86intr-base,
bouyer-quota2-nbase,
bouyer-quota2-base,
bouyer-quota2
Branch point for: jruoho-x86intr
Changes since 1.305: +3 -3
lines
Diff to previous 1.305 (colored)
fix potential mbuf overflow, from Alexander Danilov on tech-net
Revision 1.305 / (download) - annotate - [select for diffs], Wed May 26 17:38:29 2010 UTC (2 years, 11 months ago) by bouyer
Branch: MAIN
CVS Tags: yamt-nfs-mp-base11,
yamt-nfs-mp-base10,
uebayasi-xip-base4,
uebayasi-xip-base3,
uebayasi-xip-base2
Changes since 1.304: +7 -2
lines
Diff to previous 1.304 (colored)
Make sure SYN_CACHE_TIMER_ARM() has been run before calling syn_cache_put() as it will reschedule the timer. Fixes PR kern/43318.
Revision 1.304 / (download) - annotate - [select for diffs], Wed Apr 21 20:40:16 2010 UTC (3 years, 1 month ago) by bouyer
Branch: MAIN
CVS Tags: uebayasi-xip-base1
Changes since 1.303: +10 -9
lines
Diff to previous 1.303 (colored)
syn_cache_put(): defer all pool_put() to the callout. Reschedule the callout if needed so frees are not delayed too much. syn_cache_timer(): we can't call syn_cache_put() here any more, so move code deleted from syn_cache_put() here. Avoid KASSERT() in kern_timeout.c because pool_put() is called from ipintr context, as reported in http://mail-index.netbsd.org/tech-kern/2010/03/19/msg007762.html Thanks to Andrew Doran and Mindaugas Rasiukevicius for help and review.
Revision 1.303 / (download) - annotate - [select for diffs], Fri Apr 16 03:13:03 2010 UTC (3 years, 1 month ago) by rmind
Branch: MAIN
Changes since 1.302: +5 -6
lines
Diff to previous 1.302 (colored)
tcp_input: set ECE flag even if CWR flag is active. Submitted by Richard Scheffenegger in PR/43150.
Revision 1.302 / (download) - annotate - [select for diffs], Thu Apr 1 14:31:51 2010 UTC (3 years, 1 month ago) by tls
Branch: MAIN
Changes since 1.301: +6 -4
lines
Diff to previous 1.301 (colored)
Oops. Fix LOCKDEBUG panic -- and spurious calls to tcp_output()! -- in
previous. Be careful with that {}, Eugene.
Revision 1.301 / (download) - annotate - [select for diffs], Thu Apr 1 00:24:41 2010 UTC (3 years, 1 month ago) by tls
Branch: MAIN
Changes since 1.300: +12 -2
lines
Diff to previous 1.300 (colored)
After discussion with ad@: it appears that KERNEL_LOCK also protects the driver output path (that is, ifp->if_output()). In the case of entry through the socket code, we are fine, because pru_usrreq takes KERNEL_LOCK. However, there are a few other ways to cause output which require protection: 1) direct calls to tcp_output() in tcp_input() 2) fast-forwarding code (ip_flow) -- protected elsewise against itself by the softnet lock. 3) *Possibly* the ARP code. I have currently persuaded myself that it is safe because of how it's called. 4) Possibly the ICMP code. This change addresses #1 and #2.
Revision 1.300 / (download) - annotate - [select for diffs], Tue Jan 26 18:09:07 2010 UTC (3 years, 3 months ago) by pooka
Branch: MAIN
CVS Tags: yamt-nfs-mp-base9,
uebayasi-xip-base
Branch point for: uebayasi-xip,
rmind-uvmplock
Changes since 1.299: +3 -3
lines
Diff to previous 1.299 (colored)
tcp sockbuf autoscaling was initially added turned off because it was experimental. People (including myself) have been running with it turned on for eons now, so flip the default to enabled.
Revision 1.299 / (download) - annotate - [select for diffs], Wed Sep 9 22:41:28 2009 UTC (3 years, 8 months ago) by darran
Branch: MAIN
CVS Tags: yamt-nfs-mp-base8,
matt-premerge-20091211,
jym-xensuspend-nbase
Changes since 1.298: +8 -6
lines
Diff to previous 1.298 (colored)
Make tcp msl (max segment life) tunable via sysctl net.inet.tcp.msl. Okayed by tls@.
Revision 1.298 / (download) - annotate - [select for diffs], Sat Jul 18 23:09:53 2009 UTC (3 years, 10 months ago) by minskim
Branch: MAIN
CVS Tags: yamt-nfs-mp-base7,
jymxensuspend-base
Changes since 1.297: +6 -6
lines
Diff to previous 1.297 (colored)
Check the minimum ttl only when pcb is available.
Revision 1.297 / (download) - annotate - [select for diffs], Fri Jul 17 22:02:54 2009 UTC (3 years, 10 months ago) by minskim
Branch: MAIN
Changes since 1.296: +6 -2
lines
Diff to previous 1.296 (colored)
Add the IP_MINTTL socket option. The IP_MINTTL option may be used on SOCK_STREAM sockets to discard packets with a TTL lower than the option value. This can be used to implement the Generalized TTL Security Mechanism (GTSM) according to RFC 3682. OK'ed by christos@.
Revision 1.296 / (download) - annotate - [select for diffs], Sat Jun 20 17:29:31 2009 UTC (3 years, 11 months ago) by christos
Branch: MAIN
CVS Tags: yamt-nfs-mp-base6
Changes since 1.295: +4 -4
lines
Diff to previous 1.295 (colored)
Follow exactly the recommendation of draft-ietf-tcpm-tcpsecure-11.txt: Don't check gainst the last ack received, but the expected sequence number. This makes RST handling independent of delayed ACK. From Joanne M Mikkelson.
Revision 1.295 / (download) - annotate - [select for diffs], Wed Mar 18 16:00:22 2009 UTC (4 years, 2 months ago) by cegger
Branch: MAIN
CVS Tags: yamt-nfs-mp-base5,
yamt-nfs-mp-base4,
yamt-nfs-mp-base3,
nick-hppapmap-base4,
nick-hppapmap-base3,
nick-hppapmap-base,
jym-xensuspend-base
Changes since 1.294: +13 -13
lines
Diff to previous 1.294 (colored)
bzero -> memset
Revision 1.294 / (download) - annotate - [select for diffs], Wed Mar 18 15:14:31 2009 UTC (4 years, 2 months ago) by cegger
Branch: MAIN
Changes since 1.293: +6 -6
lines
Diff to previous 1.293 (colored)
bcmp -> memcmp
Revision 1.293 / (download) - annotate - [select for diffs], Sun Mar 15 21:25:32 2009 UTC (4 years, 2 months ago) by cegger
Branch: MAIN
Changes since 1.292: +3 -3
lines
Diff to previous 1.292 (colored)
ansify function definitions
Revision 1.292 / (download) - annotate - [select for diffs], Thu Jan 29 20:38:22 2009 UTC (4 years, 3 months ago) by pooka
Branch: MAIN
CVS Tags: nick-hppapmap-base2
Branch point for: jym-xensuspend
Changes since 1.291: +15 -6
lines
Diff to previous 1.291 (colored)
stinkset purge: POOL_INIT -> pool_init also, make the syncache pool static in scope
Revision 1.291 / (download) - annotate - [select for diffs], Mon Aug 4 04:08:47 2008 UTC (4 years, 9 months ago) by tls
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-4,
wrstuden-revivesa-base-3,
wrstuden-revivesa-base-2,
netbsd-5-base,
netbsd-5-0-RELEASE,
netbsd-5-0-RC4,
netbsd-5-0-RC3,
netbsd-5-0-RC2,
netbsd-5-0-RC1,
mjf-devfs2-base,
matt-mips64-base2,
haad-nbase2,
haad-dm-base2,
haad-dm-base1,
haad-dm-base,
ad-audiomp2-base,
ad-audiomp2
Branch point for: nick-hppapmap,
netbsd-5-0,
netbsd-5
Changes since 1.290: +4 -3
lines
Diff to previous 1.290 (colored)
Unlock reassembly queue before calling sorwakeup(), not after. In unusual cases with in-kernel consumers which might send data on the same socket, we can deadlock on the reassembly queue otherwise (observed while testing accept filters).
Revision 1.290 / (download) - annotate - [select for diffs], Mon Jul 28 18:41:07 2008 UTC (4 years, 9 months ago) by matt
Branch: MAIN
CVS Tags: simonb-wapbl-nbase,
simonb-wapbl-base
Changes since 1.289: +3 -2
lines
Diff to previous 1.289 (colored)
Reacquire softnet_lock after calling soabort which returns with the socket unlocked.
Revision 1.289 / (download) - annotate - [select for diffs], Fri Jul 4 18:22:21 2008 UTC (4 years, 10 months ago) by ad
Branch: MAIN
Branch point for: haad-dm
Changes since 1.288: +5 -2
lines
Diff to previous 1.288 (colored)
tcp_input: add a couple of assertions.
Revision 1.288 / (download) - annotate - [select for diffs], Thu Jul 3 15:35:28 2008 UTC (4 years, 10 months ago) by ad
Branch: MAIN
Changes since 1.287: +5 -3
lines
Diff to previous 1.287 (colored)
syn_cache_get: remove new endpoint's socket from head's queue if aborting the connection. Should fix KASSERT(so->so_head == NULL).
Revision 1.287 / (download) - annotate - [select for diffs], Mon Apr 28 20:24:09 2008 UTC (5 years ago) by martin
Branch: MAIN
CVS Tags: yamt-pf42-base4,
yamt-pf42-base3,
yamt-pf42-base2,
yamt-nfs-mp-base2,
wrstuden-revivesa-base-1,
wrstuden-revivesa-base,
hpcarm-cleanup-nbase
Branch point for: wrstuden-revivesa,
simonb-wapbl
Changes since 1.286: +2 -9
lines
Diff to previous 1.286 (colored)
Remove clause 3 and 4 from TNF licenses
Revision 1.286 / (download) - annotate - [select for diffs], Thu Apr 24 11:38:38 2008 UTC (5 years, 1 month ago) by ad
Branch: MAIN
CVS Tags: yamt-nfs-mp-base
Branch point for: yamt-nfs-mp
Changes since 1.285: +11 -8
lines
Diff to previous 1.285 (colored)
Merge the socket locking patch: - Socket layer becomes MP safe. - Unix protocols become MP safe. - Allows protocol processing interrupts to safely block on locks. - Fixes a number of race conditions. With much feedback from matt@ and plunky@.
Revision 1.285 / (download) - annotate - [select for diffs], Wed Apr 23 06:09:05 2008 UTC (5 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.284: +10 -8
lines
Diff to previous 1.284 (colored)
Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
Revision 1.284 / (download) - annotate - [select for diffs], Sat Apr 12 05:58:22 2008 UTC (5 years, 1 month ago) by thorpej
Branch: MAIN
CVS Tags: yamt-pf42-baseX,
yamt-pf42-base
Branch point for: yamt-pf42
Changes since 1.283: +105 -78
lines
Diff to previous 1.283 (colored)
Make IP, TCP, UDP, and ICMP statistics per-CPU. The stats are collated when the user requests them via sysctl.
Revision 1.283 / (download) - annotate - [select for diffs], Tue Apr 8 01:03:58 2008 UTC (5 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.282: +78 -78
lines
Diff to previous 1.282 (colored)
Change TCP stats from a structure to an array of uint64_t's. Note: This is ABI-compatible with the old tcpstat structure; old netstat binaries will continue to work properly.
Revision 1.282 / (download) - annotate - [select for diffs], Sat Mar 1 14:16:52 2008 UTC (5 years, 2 months ago) by rmind
Branch: MAIN
CVS Tags: yamt-lazymbuf-base15,
yamt-lazymbuf-base14,
matt-armv6-nbase,
keiichi-mipv6-nbase,
keiichi-mipv6-base,
ad-socklock-base1
Changes since 1.281: +3 -3
lines
Diff to previous 1.281 (colored)
Welcome to 4.99.55: - Add a lot of missing selinit() and seldestroy() calls. - Merge selwakeup() and selnotify() calls into a single selnotify(). - Add an additional 'events' argument to selnotify() call. It will indicate which event (POLL_IN, POLL_OUT, etc) happen. If unknown, zero may be used. Note: please pass appropriate value of 'events' where possible. Proposed on: <tech-kern>
Revision 1.281 / (download) - annotate - [select for diffs], Wed Feb 27 19:41:51 2008 UTC (5 years, 2 months ago) by matt
Branch: MAIN
Changes since 1.280: +3 -3
lines
Diff to previous 1.280 (colored)
Convert stragglers to ansi definitions from old-style definitons. Remember that func() is not ansi, func(void) is.
Revision 1.280 / (download) - annotate - [select for diffs], Wed Feb 20 11:44:07 2008 UTC (5 years, 3 months ago) by yamt
Branch: MAIN
CVS Tags: nick-net80211-sync-base,
nick-net80211-sync,
hpcarm-cleanup-base
Branch point for: mjf-devfs2,
keiichi-mipv6
Changes since 1.279: +62 -56
lines
Diff to previous 1.279 (colored)
make TCP_SETUP_ACK, ICMP_CHECK, TCP_FIELDS_TO_HOST, and TCP_FIELDS_TO_NET static functions.
Revision 1.279 / (download) - annotate - [select for diffs], Tue Feb 5 09:38:47 2008 UTC (5 years, 3 months ago) by yamt
Branch: MAIN
CVS Tags: mjf-devfs-base
Changes since 1.278: +1 -1
lines
Diff to previous 1.278 (colored)
- start tcp timestamp from 1 instead of 0. - add a comment to explain why: + * We start with 1, because 0 doesn't work with linux, which + * considers timestamp 0 in a SYN packet as a bug and disables + * timestamps.
Revision 1.278 / (download) - annotate - [select for diffs], Mon Feb 4 23:56:14 2008 UTC (5 years, 3 months ago) by yamt
Branch: MAIN
Changes since 1.277: +27 -24
lines
Diff to previous 1.277 (colored)
redo tcp_input.c rev.1.230 correctly.
revision 1.230
date: 2005/06/30 02:58:28; author: christos; state: Exp; lines: +20 -4
Normalize our PAWS code with Free and Open, as mentioned in tech-security.
reviewed by christos@ and matt@.
Revision 1.277 / (download) - annotate - [select for diffs], Tue Jan 29 12:34:47 2008 UTC (5 years, 3 months ago) by yamt
Branch: MAIN
Changes since 1.276: +3 -4
lines
Diff to previous 1.276 (colored)
revert tcp_output.c 1.253 because it has an ill effect when sending small (not full-sized) segments. http://mail-index.NetBSD.org/tech-net/2008/01/27/0009.html
Revision 1.276 / (download) - annotate - [select for diffs], Mon Jan 14 04:19:10 2008 UTC (5 years, 4 months ago) by dyoung
Branch: MAIN
CVS Tags: bouyer-xeni386-nbase,
bouyer-xeni386-base
Changes since 1.275: +5 -5
lines
Diff to previous 1.275 (colored)
Use rtcache_validate() instead of rtcache_getrt(). Shorten staircase in in_losing().
Revision 1.275 / (download) - annotate - [select for diffs], Thu Dec 20 20:24:49 2007 UTC (5 years, 5 months ago) by martin
Branch: MAIN
CVS Tags: vmlocking2-base3,
matt-armv6-base
Changes since 1.274: +4 -2
lines
Diff to previous 1.274 (colored)
A few missing ifdefs to make non-INET6 kernels build again.
Revision 1.274 / (download) - annotate - [select for diffs], Thu Dec 20 19:53:32 2007 UTC (5 years, 5 months ago) by dyoung
Branch: MAIN
Changes since 1.273: +23 -16
lines
Diff to previous 1.273 (colored)
Poison struct route->ro_rt uses in the kernel by changing the name to _ro_rt. Use rtcache_getrt() to access a route cache's struct rtentry *. Introduce struct ifnet->if_dl that always points at the interface identifier/link-layer address. Make code that treated the first ifaddr on struct ifnet->if_addrlist as the interface address use if_dl, instead. Remove stale debugging code from net/route.c. Move the rtflush() code into rtcache_clear() and delete rtflush(). Delete rtalloc(), because nothing uses it any more. Make ND6_HINT an inline, lowercase subroutine, nd6_hint. I've done my best to convert IP Filter, the ISO stack, and the AppleTalk stack to rtcache_getrt(). They compile, but I have not tested them. I have given the changes to PF, GRE, IPv4 and IPv6 stacks a lot of exercise.
Revision 1.273 / (download) - annotate - [select for diffs], Sun Dec 16 14:12:34 2007 UTC (5 years, 5 months ago) by elad
Branch: MAIN
Changes since 1.272: +4 -3
lines
Diff to previous 1.272 (colored)
Really fix low port allocation, by always passing a valid lwp to in_pcbbind(). Okay dyoung@. Note that the network code is another candidate for major cleanup... also note that this issue is likely to be present in netinet6 code, too.
Revision 1.272 / (download) - annotate - [select for diffs], Fri Nov 9 23:55:58 2007 UTC (5 years, 6 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-kmem-base3,
yamt-kmem-base2,
yamt-kmem-base,
yamt-kmem,
vmlocking2-base2,
vmlocking2-base1,
vmlocking-nbase,
reinoud-bufcleanup-nbase,
reinoud-bufcleanup-base,
jmcneill-pm-base,
cube-autoconf-base,
cube-autoconf,
bouyer-xenamd64-base2,
bouyer-xenamd64-base
Branch point for: vmlocking2,
bouyer-xeni386
Changes since 1.271: +44 -42
lines
Diff to previous 1.271 (colored)
Change macros SYN_CACHE_PUT() and SYN_CACHE_RM() into inline subroutines syn_cache_put() and syn_cache_rm().
Revision 1.271 / (download) - annotate - [select for diffs], Sun Nov 4 11:04:26 2007 UTC (5 years, 6 months ago) by rmind
Branch: MAIN
CVS Tags: jmcneill-base
Branch point for: mjf-devfs
Changes since 1.270: +18 -8
lines
Diff to previous 1.270 (colored)
Pick the smallest possible TCP window scaling factor that will still allow us to scale up to sb_max. This might fix the problems with some firewalls. Taken from FreeBSD (silby). OK by <dyoung>.
Revision 1.270 / (download) - annotate - [select for diffs], Thu Aug 2 13:06:30 2007 UTC (5 years, 9 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-x86pmap-base4,
yamt-x86pmap-base3,
yamt-x86pmap-base2,
yamt-x86pmap-base,
yamt-x86pmap,
vmlocking-base,
nick-csl-alignment-base5,
matt-mips64-base
Branch point for: matt-mips64,
matt-armv6,
jmcneill-pm,
bouyer-xenamd64
Changes since 1.269: +3 -3
lines
Diff to previous 1.269 (colored)
our tcp timestamps are in PR_SLOWHZ, not HZ.
Revision 1.269 / (download) - annotate - [select for diffs], Thu Aug 2 02:42:40 2007 UTC (5 years, 9 months ago) by rmind
Branch: MAIN
Changes since 1.268: +84 -4
lines
Diff to previous 1.268 (colored)
TCP socket buffers automatic sizing - ported from FreeBSD. http://mail-index.netbsd.org/tech-net/2007/02/04/0006.html ! Disabled by default, marked as experimental. Testers are very needed. ! Someone should thoroughly test this, and improve if possible. Discussed on <tech-net>: http://mail-index.netbsd.org/tech-net/2007/07/12/0002.html Thanks Greg Troxel for comments. OK by the long silence on <tech-net>.
Revision 1.268 / (download) - annotate - [select for diffs], Mon Jul 9 21:11:11 2007 UTC (5 years, 10 months ago) by ad
Branch: MAIN
CVS Tags: nick-csl-alignment-base,
mjf-ufs-trans-base,
hpcarm-cleanup
Branch point for: nick-csl-alignment
Changes since 1.267: +7 -4
lines
Diff to previous 1.267 (colored)
Merge some of the less invasive changes from the vmlocking branch: - kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
Revision 1.267 / (download) - annotate - [select for diffs], Wed Jun 20 15:29:18 2007 UTC (5 years, 11 months ago) by christos
Branch: MAIN
Changes since 1.266: +7 -7
lines
Diff to previous 1.266 (colored)
- per socket keepalive settings - settable connection establishment timeout
Revision 1.266 / (download) - annotate - [select for diffs], Fri May 18 21:48:43 2007 UTC (6 years ago) by riz
Branch: MAIN
Changes since 1.265: +2 -3
lines
Diff to previous 1.265 (colored)
Fix compilation in the TCP_SIGNATURE case: - don't use void * for pointer arithmetic - don't try to modify const parameters A kernel with 'options TCP_SIGNATURE' works as well as it ever did, now. (ie, clunky, but passable)
Revision 1.265 / (download) - annotate - [select for diffs], Fri May 18 21:31:16 2007 UTC (6 years ago) by riz
Branch: MAIN
Changes since 1.264: +4 -4
lines
Diff to previous 1.264 (colored)
Revert a small part of revision 1.254 - remove const qualifier from the struct tcphdr * argument of tcp_dooptions(). RFC2385 support (options TCP_SIGNATURE) needs to modify the header during options processing, and this revision broke it. OK yamt@.
Revision 1.264 / (download) - annotate - [select for diffs], Wed May 2 20:40:25 2007 UTC (6 years ago) by dyoung
Branch: MAIN
CVS Tags: yamt-idlelwp-base8
Changes since 1.263: +9 -12
lines
Diff to previous 1.263 (colored)
Eliminate address family-specific route caches (struct route, struct
route_in6, struct route_iso), replacing all caches with a struct
route.
The principle benefit of this change is that all of the protocol
families can benefit from route cache-invalidation, which is
necessary for correct routing. Route-cache invalidation fixes an
ancient PR, kern/3508, at long last; it fixes various other PRs,
also.
Discussions with and ideas from Joerg Sonnenberger influenced this
work tremendously. Of course, all design oversights and bugs are
mine.
DETAILS
1 I added to each address family a pool of sockaddrs. I have
introduced routines for allocating, copying, and duplicating,
and freeing sockaddrs:
struct sockaddr *sockaddr_alloc(sa_family_t af, int flags);
struct sockaddr *sockaddr_copy(struct sockaddr *dst,
const struct sockaddr *src);
struct sockaddr *sockaddr_dup(const struct sockaddr *src, int flags);
void sockaddr_free(struct sockaddr *sa);
sockaddr_alloc() returns either a sockaddr from the pool belonging
to the specified family, or NULL if the pool is exhausted. The
returned sockaddr has the right size for that family; sa_family
and sa_len fields are initialized to the family and sockaddr
length---e.g., sa_family = AF_INET and sa_len = sizeof(struct
sockaddr_in). sockaddr_free() puts the given sockaddr back into
its family's pool.
sockaddr_dup() and sockaddr_copy() work analogously to strdup()
and strcpy(), respectively. sockaddr_copy() KASSERTs that the
family of the destination and source sockaddrs are alike.
The 'flags' argumet for sockaddr_alloc() and sockaddr_dup() is
passed directly to pool_get(9).
2 I added routines for initializing sockaddrs in each address
family, sockaddr_in_init(), sockaddr_in6_init(), sockaddr_iso_init(),
etc. They are fairly self-explanatory.
3 structs route_in6 and route_iso are no more. All protocol families
use struct route. I have changed the route cache, 'struct route',
so that it does not contain storage space for a sockaddr. Instead,
struct route points to a sockaddr coming from the pool the sockaddr
belongs to. I added a new method to struct route, rtcache_setdst(),
for setting the cache destination:
int rtcache_setdst(struct route *, const struct sockaddr *);
rtcache_setdst() returns 0 on success, or ENOMEM if no memory is
available to create the sockaddr storage.
It is now possible for rtcache_getdst() to return NULL if, say,
rtcache_setdst() failed. I check the return value for NULL
everywhere in the kernel.
4 Each routing domain (struct domain) has a list of live route
caches, dom_rtcache. rtflushall(sa_family_t af) looks up the
domain indicated by 'af', walks the domain's list of route caches
and invalidates each one.
Revision 1.263 / (download) - annotate - [select for diffs], Mon Mar 12 18:18:36 2007 UTC (6 years, 2 months ago) by ad
Branch: MAIN
CVS Tags: thorpej-atomic-base,
thorpej-atomic,
reinoud-bufcleanup
Branch point for: mjf-ufs-trans
Changes since 1.262: +5 -4
lines
Diff to previous 1.262 (colored)
Pass an ipl argument to pool_init/POOL_INIT to be used when initializing the pool's lock.
Revision 1.262 / (download) - annotate - [select for diffs], Sun Mar 4 06:03:22 2007 UTC (6 years, 2 months ago) by christos
Branch: MAIN
Branch point for: vmlocking
Changes since 1.261: +13 -13
lines
Diff to previous 1.261 (colored)
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
Revision 1.261 / (download) - annotate - [select for diffs], Thu Feb 22 06:17:51 2007 UTC (6 years, 3 months ago) by thorpej
Branch: MAIN
CVS Tags: ad-audiomp-base,
ad-audiomp
Changes since 1.260: +4 -4
lines
Diff to previous 1.260 (colored)
TRUE -> true, FALSE -> false
Revision 1.260 / (download) - annotate - [select for diffs], Sat Feb 10 09:43:05 2007 UTC (6 years, 3 months ago) by degroote
Branch: MAIN
Branch point for: yamt-idlelwp
Changes since 1.259: +15 -9
lines
Diff to previous 1.259 (colored)
Commit my SoC work Add ipv6 support for fast_ipsec Note that currently, packet with extensions headers are not correctly supported Change the ipcomp logic
Revision 1.259 / (download) - annotate - [select for diffs], Fri Dec 15 21:18:54 2006 UTC (6 years, 5 months ago) by joerg
Branch: MAIN
CVS Tags: yamt-splraiseipl-base5,
yamt-splraiseipl-base4,
post-newlock2-merge,
newlock2-nbase,
newlock2-base
Changes since 1.258: +8 -18
lines
Diff to previous 1.258 (colored)
Introduce new helper functions to abstract the route caching. rtcache_init and rtcache_init_noclone lookup ro_dst and store the result in ro_rt, taking care of the reference counting and calling the domain specific route cache. rtcache_free checks if a route was cashed and frees the reference. rtcache_copy copies ro_dst of the given struct route, checking that enough space is available and incrementing the reference count of the cached rtentry if necessary. rtcache_check validates that the cached route is still up. If it isn't, it tries to look it up again. Afterwards ro_rt is either a valid again or NULL. rtcache_copy is used internally. Adjust to callers of rtalloc/rtflush in the tree to check the sanity of ro_dst first (if necessary). If it doesn't fit the expectations, free the cache, otherwise check if the cached route is still valid. After that combination, a single check for ro_rt == NULL is enough to decide whether a new lookup needs to be done with a different ro_dst. Make the route checking in gre stricter by repeating the loop check after revalidation. Remove some unused RADIX_MPATH code in in6_src.c. The logic is slightly changed here to first validate the route and check RTF_GATEWAY afterwards. This is sementically equivalent though. etherip doesn't need sc_route_expire similiar to the gif changes from dyoung@ earlier. Based on the earlier patch from dyoung@, reviewed and discussed with him.
Revision 1.258 / (download) - annotate - [select for diffs], Sat Dec 9 05:33:04 2006 UTC (6 years, 5 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-splraiseipl-base3
Changes since 1.257: +19 -6
lines
Diff to previous 1.257 (colored)
Here are various changes designed to protect against bad IPv4 routing caused by stale route caches (struct route). Route caches are sprinkled throughout PCBs, the IP fast-forwarding table, and IP tunnel interfaces (gre, gif, stf). Stale IPv6 and ISO route caches will be treated by separate patches. Thank you to Christoph Badura for suggesting the general approach to invalidating route caches that I take here. Here are the details: Add hooks to struct domain for tracking and for invalidating each domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall. Introduce helper subroutines, rtflush(ro) for invalidating a route cache, rtflushall(family) for invalidating all route caches in a routing domain, and rtcache(ro) for notifying the domain of a new cached route. Chain together all IPv4 route caches where ro_rt != NULL. Provide in_rtcache() for adding a route to the chain. Provide in_rtflush() and in_rtflushall() for invalidating IPv4 route caches. In in_rtflush(), set ro_rt to NULL, and remove the route from the chain. In in_rtflushall(), walk the chain and remove every route cache. In rtrequest1(), call rtflushall() to invalidate route caches when a route is added. In gif(4), discard the workaround for stale caches that involves expiring them every so often. Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a call to rtflush(ro). Update ipflow_fastforward() and all other users of route caches so that they expect a cached route, ro->ro_rt, to turn to NULL. Take care when moving a 'struct route' to rtflush() the source and to rtcache() the destination. In domain initializers, use .dom_xxx tags. KNF here and there.
Revision 1.257 / (download) - annotate - [select for diffs], Wed Dec 6 09:10:45 2006 UTC (6 years, 5 months ago) by yamt
Branch: MAIN
Changes since 1.256: +8 -2
lines
Diff to previous 1.256 (colored)
add some more tcp mowners.
Revision 1.256 / (download) - annotate - [select for diffs], Wed Dec 6 09:08:27 2006 UTC (6 years, 5 months ago) by yamt
Branch: MAIN
Changes since 1.255: +6 -4
lines
Diff to previous 1.255 (colored)
- make tcp_reass static. - constify.
Revision 1.255 / (download) - annotate - [select for diffs], Thu Nov 16 01:33:45 2006 UTC (6 years, 6 months ago) by christos
Branch: MAIN
CVS Tags: netbsd-4-base
Branch point for: wrstuden-fixsa,
netbsd-4
Changes since 1.254: +5 -5
lines
Diff to previous 1.254 (colored)
__unused removal on arguments; approved by core.
Revision 1.254 / (download) - annotate - [select for diffs], Sat Oct 21 10:08:54 2006 UTC (6 years, 7 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-splraiseipl-base2
Changes since 1.253: +8 -3
lines
Diff to previous 1.253 (colored)
- constify. - make tcp_dooptions and tcpipqent_pool static.
Revision 1.253 / (download) - annotate - [select for diffs], Tue Oct 17 09:31:17 2006 UTC (6 years, 7 months ago) by yamt
Branch: MAIN
Changes since 1.252: +4 -3
lines
Diff to previous 1.252 (colored)
tcp_input: if we have SACK, don't enter fastrecovery on three dupacks. otherwise, we can enter fastrecovery due to DSACKs, which we treat as dupacks here. PR/34748. reviewed by Rui Paulo.
Revision 1.252 / (download) - annotate - [select for diffs], Sun Oct 15 17:53:30 2006 UTC (6 years, 7 months ago) by rpaulo
Branch: MAIN
Changes since 1.251: +2 -23
lines
Diff to previous 1.251 (colored)
Move comments to proper places.
Revision 1.251 / (download) - annotate - [select for diffs], Sun Oct 15 17:45:06 2006 UTC (6 years, 7 months ago) by rpaulo
Branch: MAIN
Changes since 1.250: +3 -3
lines
Diff to previous 1.250 (colored)
Add a new tcp_congctl(9) structure member for congestion experienced callback. Needed by HSTCP.
Revision 1.250 / (download) - annotate - [select for diffs], Thu Oct 12 11:46:30 2006 UTC (6 years, 7 months ago) by rpaulo
Branch: MAIN
Changes since 1.249: +20 -23
lines
Diff to previous 1.249 (colored)
PR 34776: don't accept TCP connections to broadcast addresses. Move the multicast/broadcast check above (before creating a syn_cache entry) By Yasuoka Yasuoka.
Revision 1.249 / (download) - annotate - [select for diffs], Thu Oct 12 01:32:38 2006 UTC (6 years, 7 months ago) by christos
Branch: MAIN
Changes since 1.248: +6 -6
lines
Diff to previous 1.248 (colored)
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
Revision 1.248 / (download) - annotate - [select for diffs], Tue Oct 10 11:13:02 2006 UTC (6 years, 7 months ago) by rpaulo
Branch: MAIN
Changes since 1.247: +3 -5
lines
Diff to previous 1.247 (colored)
Revert previous. The check is now done in tcp_congctl.
Revision 1.247 / (download) - annotate - [select for diffs], Tue Oct 10 09:19:40 2006 UTC (6 years, 7 months ago) by yamt
Branch: MAIN
Changes since 1.246: +5 -3
lines
Diff to previous 1.246 (colored)
tcp_input: don't call congctl->newack when doing fast retransmit.
Revision 1.246 / (download) - annotate - [select for diffs], Mon Oct 9 16:27:07 2006 UTC (6 years, 7 months ago) by rpaulo
Branch: MAIN
Changes since 1.245: +19 -167
lines
Diff to previous 1.245 (colored)
Modular (I tried ;-) TCP congestion control API. Whenever certain conditions
happen in the TCP stack, this interface calls the specified callback to
handle the situation according to the currently selected congestion
control algorithm.
A new sysctl node was created: net.inet.tcp.congctl.{available,selected}
with obvious meanings.
The old net.inet.tcp.newreno MIB was removed.
The API is discussed in tcp_congctl(9).
In the near future, it will be possible to selected a congestion control
algorithm on a per-socket basis.
Discussed on tech-net and reviewed by <yamt>.
Revision 1.245 / (download) - annotate - [select for diffs], Thu Oct 5 17:35:19 2006 UTC (6 years, 7 months ago) by tls
Branch: MAIN
Changes since 1.244: +19 -10
lines
Diff to previous 1.244 (colored)
Protect calls to pool_put/pool_get that may occur in interrupt context with spl used to protect other allocations and frees, or datastructure element insertion and removal, in adjacent code. It is almost unquestionably the case that some of the spl()/splx() calls added here are superfluous, but it really seems wrong to see: s=splfoo(); /* frob data structure */ splx(s); pool_put(x); and if we think we need to protect the first operation, then it is hard to see why we should not think we need to protect the next. "Better safe than sorry". It is also almost unquestionably the case that I missed some pool gets/puts from interrupt context with my strategy for finding these calls; use of PR_NOWAIT is a strong hint that a pool may be used from interrupt context but many callers in the kernel pass a "can wait/can't wait" flag down such that my searches might not have found them. One notable area that needs to be looked at is pf. See also: http://mail-index.netbsd.org/tech-kern/2006/07/19/0003.html http://mail-index.netbsd.org/tech-kern/2006/07/19/0009.html
Revision 1.244 / (download) - annotate - [select for diffs], Tue Sep 5 00:29:36 2006 UTC (6 years, 8 months ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-splraiseipl-base,
yamt-pdpolicy-base9,
rpaulo-netinet-merge-pcb-base
Branch point for: yamt-splraiseipl,
newlock2
Changes since 1.243: +132 -13
lines
Diff to previous 1.243 (colored)
Import of TCP ECN algorithm for congestion control. Both available for IPv4 and IPv6. Basic implementation test results are available at http://netbsd-soc.sourceforge.net/projects/ecn/testresults.html. Work sponsored by the Google Summer of Code project 2006. Special thanks to Kentaro Kurahone, Allen Briggs and Matt Thomas for their help, comments and support during the project.
Revision 1.243 / (download) - annotate - [select for diffs], Wed Jun 7 22:34:01 2006 UTC (6 years, 11 months ago) by kardel
Branch: MAIN
CVS Tags: yamt-pdpolicy-base8,
yamt-pdpolicy-base7,
yamt-pdpolicy-base6,
gdamore-uart-base,
gdamore-uart,
chap-midi-nbase,
chap-midi-base,
abandoned-netbsd-4-base,
abandoned-netbsd-4
Changes since 1.242: +2 -4
lines
Diff to previous 1.242 (colored)
merge FreeBSD timecounters from branch simonb-timecounters
- struct timeval time is gone
time.tv_sec -> time_second
- struct timeval mono_time is gone
mono_time.tv_sec -> time_uptime
- access to time via
{get,}{micro,nano,bin}time()
get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
Revision 1.242 / (download) - annotate - [select for diffs], Sat May 27 13:35:20 2006 UTC (6 years, 11 months ago) by bouyer
Branch: MAIN
CVS Tags: simonb-timecounters-base
Changes since 1.241: +0 -14
lines
Diff to previous 1.241 (colored)
Revert rev 1.241: calling m_makewritable() in tcp_input causes problems when it has to change the mbuf chain. I experience hard hang on a Xen2 domU after TCP connections have been closed, and a crash has been reported which may be caused by this too.
Revision 1.241 / (download) - annotate - [select for diffs], Thu May 25 21:49:19 2006 UTC (7 years ago) by bouyer
Branch: MAIN
Changes since 1.240: +16 -2
lines
Diff to previous 1.240 (colored)
If we're going to byteswap fields in the TCP header, make sure the mbuf area is writable first.
Revision 1.240 / (download) - annotate - [select for diffs], Sat Apr 15 02:32:22 2006 UTC (7 years, 1 month ago) by christos
Branch: MAIN
CVS Tags: yamt-pdpolicy-base5,
elad-kernelauth-base
Branch point for: chap-midi
Changes since 1.239: +3 -2
lines
Diff to previous 1.239 (colored)
Coverity CID 1152: Add KASSERT before deref.
Revision 1.239 / (download) - annotate - [select for diffs], Sat Feb 18 17:34:49 2006 UTC (7 years, 3 months ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-uio_vmspace-base5,
yamt-pdpolicy-base4,
yamt-pdpolicy-base3,
yamt-pdpolicy-base2,
yamt-pdpolicy-base,
peter-altq-base
Branch point for: yamt-pdpolicy,
peter-altq,
elad-kernelauth
Changes since 1.238: +4 -4
lines
Diff to previous 1.238 (colored)
PR 13952: Noritoshi Demizu: correct the TCP window information update check.
Revision 1.238 / (download) - annotate - [select for diffs], Thu Feb 2 05:52:23 2006 UTC (7 years, 3 months ago) by riz
Branch: MAIN
Branch point for: simonb-timecounters
Changes since 1.237: +5 -2
lines
Diff to previous 1.237 (colored)
If TCP_SIGNATURE is defined, include netinet6/scope6_var.h for the prototype of in6_clearscope(). Kernels with options TCP_SIGNATURE now compile again after the IPv6 scoped address changes.
Revision 1.237 / (download) - annotate - [select for diffs], Tue Nov 15 18:39:46 2005 UTC (7 years, 6 months ago) by dsl
Branch: MAIN
CVS Tags: yamt-readahead-base3,
yamt-readahead-base2,
ktrace-lwp-base
Branch point for: yamt-uio_vmspace,
rpaulo-netinet-merge-pcb
Changes since 1.236: +4 -4
lines
Diff to previous 1.236 (colored)
Pass the current process structure to in_pcbconnect() so that it can pass it to in_pcbbind() so that can allocate a low numbered port if setsockopt() has been used to set IP_PORTRANGE to IP_PORTRANGE_LOW. While there, fail in_pcbconnect() if the in_pcbbind() fails - rather than sending the request out from a port of zero. This has been largely broken since the socket option was added in 1998.
Revision 1.236 / (download) - annotate - [select for diffs], Fri Aug 12 14:41:00 2005 UTC (7 years, 9 months ago) by christos
Branch: MAIN
CVS Tags: yamt-vop-base3,
yamt-vop-base2,
yamt-vop-base,
yamt-vop,
yamt-readahead-pervnode,
yamt-readahead-perfile,
yamt-readahead-base,
thorpej-vnode-attr-base,
thorpej-vnode-attr
Branch point for: yamt-readahead
Changes since 1.235: +3 -2
lines
Diff to previous 1.235 (colored)
If called from syn_cache_add, we need to initialize t_state before calling tcp_dooptions. Pointed out by yamt.
Revision 1.235 / (download) - annotate - [select for diffs], Fri Aug 12 04:19:22 2005 UTC (7 years, 9 months ago) by hubertf
Branch: MAIN
Changes since 1.234: +3 -4
lines
Diff to previous 1.234 (colored)
Clarify comment that "the protocol specification dated September, 1981" is really RFC 793.
Revision 1.234 / (download) - annotate - [select for diffs], Thu Aug 11 22:25:18 2005 UTC (7 years, 9 months ago) by christos
Branch: MAIN
Changes since 1.233: +15 -7
lines
Diff to previous 1.233 (colored)
Don't process TCP options in SYN packets after the connection has been established. (FreeBSD-SA-05:15.tcp)
Revision 1.233 / (download) - annotate - [select for diffs], Wed Aug 10 13:06:49 2005 UTC (7 years, 9 months ago) by yamt
Branch: MAIN
Changes since 1.232: +3 -2
lines
Diff to previous 1.232 (colored)
move {tcp,udp}_do_loopback_cksum back to tcp/udp
so that they can be referenced by ipv6.
Revision 1.232 / (download) - annotate - [select for diffs], Wed Aug 10 13:05:16 2005 UTC (7 years, 9 months ago) by yamt
Branch: MAIN
Changes since 1.231: +38 -6
lines
Diff to previous 1.231 (colored)
device independent part of ipv6 rx checksum offloading.
Revision 1.231 / (download) - annotate - [select for diffs], Tue Jul 19 17:00:02 2005 UTC (7 years, 10 months ago) by christos
Branch: MAIN
Changes since 1.230: +27 -2
lines
Diff to previous 1.230 (colored)
Implement PMTU checks from:
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
1. Don't act on ICMP-need-frag immediately if adhoc checks on the
advertised MTU fail. The MTU update is delayed until a TCP retransmit
happens.
2. Ignore ICMP Source Quench messages meant for TCP connections.
From OpenBSD.
Revision 1.230 / (download) - annotate - [select for diffs], Thu Jun 30 02:58:28 2005 UTC (7 years, 10 months ago) by christos
Branch: MAIN
Branch point for: yamt-lazymbuf
Changes since 1.229: +20 -4
lines
Diff to previous 1.229 (colored)
Normalize our PAWS code with Free and Open, as mentioned in tech-security.
Revision 1.229 / (download) - annotate - [select for diffs], Mon Jun 6 12:10:09 2005 UTC (7 years, 11 months ago) by yamt
Branch: MAIN
Changes since 1.228: +12 -9
lines
Diff to previous 1.228 (colored)
tcp_input: don't overload opti.ts_ecr.
Revision 1.228 / (download) - annotate - [select for diffs], Sun May 29 21:41:23 2005 UTC (7 years, 11 months ago) by christos
Branch: MAIN
Changes since 1.227: +13 -13
lines
Diff to previous 1.227 (colored)
- add const - remove bogus casts - avoid nested variables
Revision 1.227 / (download) - annotate - [select for diffs], Tue Apr 26 05:37:45 2005 UTC (8 years, 1 month ago) by manu
Branch: MAIN
CVS Tags: kent-audio2-base
Changes since 1.226: +4 -4
lines
Diff to previous 1.226 (colored)
Fix build problem after recent NAT-T changes
Revision 1.226 / (download) - annotate - [select for diffs], Sun Apr 3 05:02:46 2005 UTC (8 years, 1 month ago) by yamt
Branch: MAIN
Changes since 1.225: +3 -5
lines
Diff to previous 1.225 (colored)
tcp_input: update a comment to match with the code.
Revision 1.225 / (download) - annotate - [select for diffs], Tue Mar 29 20:10:16 2005 UTC (8 years, 1 month ago) by yamt
Branch: MAIN
Changes since 1.224: +38 -12
lines
Diff to previous 1.224 (colored)
protect tcpipqent with splvm.
Revision 1.224 / (download) - annotate - [select for diffs], Wed Mar 16 00:39:56 2005 UTC (8 years, 2 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-km-base4,
yamt-km-base3,
netbsd-3-base
Branch point for: netbsd-3
Changes since 1.223: +16 -6
lines
Diff to previous 1.223 (colored)
simplify data receiver side sack processing. - introduce t_segqlen, the number of segments in segq/timeq. the name is from freebsd. - rather than maintaining a copy of sack blocks (rcv_sack_block[]), build it directly from the segment list when needed.
Revision 1.223 / (download) - annotate - [select for diffs], Wed Mar 2 10:20:18 2005 UTC (8 years, 2 months ago) by mycroft
Branch: MAIN
Changes since 1.222: +5 -3
lines
Diff to previous 1.222 (colored)
Copyright maintenance.
Revision 1.222 / (download) - annotate - [select for diffs], Mon Feb 28 16:20:59 2005 UTC (8 years, 2 months ago) by jonathan
Branch: MAIN
Changes since 1.221: +61 -23
lines
Diff to previous 1.221 (colored)
Commit TCP SACK patches from Kentaro A. Karahone's patch at: http://www.sigusr1.org/~kurahone/tcp-sack-netbsd-02152005.diff.gz Fixes in that patch for pre-existing TCP pcb initializations were already committed to NetBSD-current, so are not included in this commit. The SACK patch has been observed to correctly negotiate and respond, to SACKs in wide-area traffic. There are two indepenently-observed, as-yet-unresolved anomalies: First, seeing unexplained delays between in fast retransmission (potentially explainable by an 0.2sec RTT between adjacent ethernet/wifi NICs); and second, peculiar and unepxlained TCP retransmits observed over an ath0 card. After discussion with several interested developers, I'm committing this now, as-is, for more eyes to use and look over. Current hypothesis is that the anomalies above may in fact be due to link/level (hardware, driver, HAL, firmware) abberations in the test setup, affecting both Kentaro's wired-Ethernet NIC and in my two (different) WiFi NICs.
Revision 1.221 / (download) - annotate - [select for diffs], Sat Feb 26 22:45:12 2005 UTC (8 years, 2 months ago) by perry
Branch: MAIN
Changes since 1.220: +6 -6
lines
Diff to previous 1.220 (colored)
nuke trailing whitespace
Revision 1.220 / (download) - annotate - [select for diffs], Thu Feb 3 23:39:32 2005 UTC (8 years, 3 months ago) by perry
Branch: MAIN
CVS Tags: yamt-km-base2,
matt-timespec
Changes since 1.219: +28 -76
lines
Diff to previous 1.219 (colored)
ANSIfy function declarations
Revision 1.219 / (download) - annotate - [select for diffs], Wed Feb 2 21:41:55 2005 UTC (8 years, 3 months ago) by perry
Branch: MAIN
Changes since 1.218: +4 -5
lines
Diff to previous 1.218 (colored)
de-__P -- will ANSIfy .c files later.
Revision 1.218 / (download) - annotate - [select for diffs], Fri Jan 28 00:18:22 2005 UTC (8 years, 3 months ago) by mycroft
Branch: MAIN
Changes since 1.217: +20 -15
lines
Diff to previous 1.217 (colored)
Several changes based on comparison with NS: 1) dupseg_fix_=true from NS: do not count a segment with completely duplicate data as a duplicate ack. This can occur due to duplicate packets in the network, or due to fast retransmit from the other side. 2) dupack_reset_=false from NS: do not reset the duplicate ack counter or exit fast recovery if we happen to get data or a window update along with a duplicate ack. 3) In the "very old ack" case that itojun added, send an ACK before dropping the segment, to try to update the other side's send sequence number. 4) Check the ssthresh crossover point with >= rather than >. Otherwise we start to do "exponential" growth immediately following recovery, where we should be doing "linear". This is what NS does.
Revision 1.217 / (download) - annotate - [select for diffs], Thu Jan 27 17:14:04 2005 UTC (8 years, 3 months ago) by mycroft
Branch: MAIN
Changes since 1.216: +6 -6
lines
Diff to previous 1.216 (colored)
There is no reason to adjust ts_recent_age for ts_timebase; it's strictly an internal variable.
Revision 1.216 / (download) - annotate - [select for diffs], Thu Jan 27 17:10:07 2005 UTC (8 years, 3 months ago) by mycroft
Branch: MAIN
Changes since 1.215: +4 -5
lines
Diff to previous 1.215 (colored)
Do the other TCP_PAWS_IDLE check unsigned as well. It doesn't do us any harm, and it could detect even older time stamps. (Really, to be 100% correct, there should be a timer that clears these out -- but it probably doesn't matter in the real world.)
Revision 1.215 / (download) - annotate - [select for diffs], Thu Jan 27 16:56:06 2005 UTC (8 years, 3 months ago) by mycroft
Branch: MAIN
Changes since 1.214: +7 -9
lines
Diff to previous 1.214 (colored)
Also check whether an echoed RTT is very large -- this *could* cause the smoothing function to overflow. I use TCP_PAWS_IDLE (24 days) for this.
Revision 1.214 / (download) - annotate - [select for diffs], Thu Jan 27 03:39:36 2005 UTC (8 years, 3 months ago) by mycroft
Branch: MAIN
Changes since 1.213: +42 -17
lines
Diff to previous 1.213 (colored)
Introduce a new state variable, t_partialacks. It has 3 states: * t_partialacks<0 means we are not in fast recovery. * t_partialacks==0 means we are in fast recovery, but we have not received any partial acks yet. * t_partialacks>0 means we are in fast recovery, and we have received partial acks. This is used to implement 2 changes in RFC 3782: * We keep the notion that we are in fast recovery separate from t_dupacks, so it is not reset due to out-of-order acks. (This affects both the Reno and NewReno cases.) * We only reset the retransmit timer on the first partial ack -- preventing us from possibly taking one RTO per segment once fast recovery is initiated. As before, it is hard to measure any difference between Reno and NewReno in the real-world cases that I've tested.
Revision 1.213 / (download) - annotate - [select for diffs], Wed Jan 26 21:49:27 2005 UTC (8 years, 3 months ago) by mycroft
Branch: MAIN
Changes since 1.212: +86 -59
lines
Diff to previous 1.212 (colored)
Fix two problems in our TCP stack:
1) If an echoed RFC 1323 time stamp appears to be later than the current time,
ignore it and fall back to old-style RTT calculation. This prevents ending
up with a negative RTT and panicking later.
2) Fix NewReno. This involves a few changes:
a) Implement the send_high variable in RFC 2582. Our implementation is
subtly different; it is one *past* the last sequence number transmitted
rather than being equal to it. This simplifies some logic and makes
the code smaller. Additional logic was required to prevent sequence
number wraparound problems; this is not mentioned in RFC 2582.
b) Make sure we reset t_dupacks on new acks, but *not* on a partial ack.
All of the new ack code is pushed out into tcp_newreno(). (Later this
will probably be a pluggable function.) Thus t_dupacks keeps track of
whether we're in fast recovery all the time, with Reno or NewReno, which
keeps some logic simpler.
c) We do not need to update snd_recover when we're not in fast recovery.
See tech-net for an explanation of this.
d) In the gratuitous fast retransmit prevention case, do not send a packet.
RFC 2582 specifically says that we should "do nothing".
e) Do not inflate the congestion window on a partial ack. (This is done by
testing t_dupacks to see whether we're still in fast recovery.)
This brings the performance of NewReno back up to the same as Reno in a few
random test cases (e.g. transferring peer-to-peer over my wireless network).
I have not concocted a good test case for the behavior specific to NewReno.
Revision 1.212 / (download) - annotate - [select for diffs], Tue Dec 21 05:51:31 2004 UTC (8 years, 5 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-km-base,
kent-audio1-beforemerge
Branch point for: yamt-km,
kent-audio2
Changes since 1.211: +85 -59
lines
Diff to previous 1.211 (colored)
factor out receive side tcp/udp checksum handling code so that they can be used by eg. packet filters. reviewed by Christos Zoulas on tech-net@. (slightly tweaked since then to make tcp and udp similar.)
Revision 1.211 / (download) - annotate - [select for diffs], Sat Dec 18 07:30:17 2004 UTC (8 years, 5 months ago) by yamt
Branch: MAIN
Changes since 1.210: +7 -4
lines
Diff to previous 1.210 (colored)
tcp_input: add missing loopback checksum omission code for ipv6.
Revision 1.210 / (download) - annotate - [select for diffs], Wed Dec 15 04:25:19 2004 UTC (8 years, 5 months ago) by thorpej
Branch: MAIN
Changes since 1.209: +14 -6
lines
Diff to previous 1.209 (colored)
Don't perform checksums on loopback interfaces. They can be reenabled with the net.inet.*.do_loopback_cksum sysctl. Approved by: groo
Revision 1.209 / (download) - annotate - [select for diffs], Wed Sep 15 09:21:22 2004 UTC (8 years, 8 months ago) by yamt
Branch: MAIN
CVS Tags: kent-audio1-base,
kent-audio1
Changes since 1.208: +9 -7
lines
Diff to previous 1.208 (colored)
fix ipqent pool corruption problems. make tcp reass code use its own pool of ipqent rather than sharing it with ip reass code. PR/24782.
Revision 1.208 / (download) - annotate - [select for diffs], Sat Jun 26 03:29:15 2004 UTC (8 years, 11 months ago) by itojun
Branch: MAIN
CVS Tags: BEFORE-IPF413
Changes since 1.207: +18 -6
lines
Diff to previous 1.207 (colored)
correct TCP-MD5 support. Jeff Rizzo
Revision 1.207 / (download) - annotate - [select for diffs], Sun May 23 00:37:27 2004 UTC (9 years ago) by jonathan
Branch: MAIN
Changes since 1.206: +2 -5
lines
Diff to previous 1.206 (colored)
Remove now-unused variable.
Revision 1.206 / (download) - annotate - [select for diffs], Tue May 18 14:44:14 2004 UTC (9 years ago) by itojun
Branch: MAIN
Changes since 1.205: +259 -47
lines
Diff to previous 1.205 (colored)
fix MD5 signature support to actually validate inbound signature, and drop packet if fails.
Revision 1.205 / (download) - annotate - [select for diffs], Fri May 7 00:55:15 2004 UTC (9 years ago) by jonathan
Branch: MAIN
Changes since 1.204: +3 -2
lines
Diff to previous 1.204 (colored)
Redo net.inet.* sysctl subtree for fast-ipsec from scratch. Attach FAST-IPSEC statistics with 64-bit counters to new sysctl MIB. Rework netstat to show FAST_IPSEC statistics, via sysctl, for netstat -p ipsec. New kernel files: sys/netipsec/Makefile (new file; install *_var.h includes) sys/netipsec/ipsec_var.h (new 64-bit mib counter struct) Changed kernel files: sys/Makefile (recurse into sys/netipsec/) sys/netinet/in.h (fake IP_PROTO name for fast_ipsec sysctl subtree.) sys/netipsec/ipsec.h (minimal userspace inclusion) sys/netipsec/ipsec_osdep.h (minimal userspace inclusion) sys/netipsec/ipsec_netbsd.c (redo sysctl subtree from scratch) sys/netipsec/key*.c (fix broken net.key subtree) sys/netipsec/ah_var.h (increase all counters to 64 bits) sys/netipsec/esp_var.h (increase all counters to 64 bits) sys/netipsec/ipip_var.h (increase all counters to 64 bits) sys/netipsec/ipcomp_var.h (increase all counters to 64 bits) sys/netipsec/ipsec.c (add #include netipsec/ipsec_var.h) sys/netipsec/ipsec_mbuf.c (add #include netipsec/ipsec_var.h) sys/netipsec/ipsec_output.c (add #include netipsec/ipsec_var.h) sys/netinet/raw_ip.c (add #include netipsec/ipsec_var.h) sys/netinet/tcp_input.c (add #include netipsec/ipsec_var.h) sys/netinet/udp_usrreq.c (add #include netipsec/ipsec_var.h) Changes to usr.bin/netstat to print the new fast-ipsec sysctl tree for "netstat -s -p ipsec": New file: usr.bin/netstat/fast_ipsec.c (print fast-ipsec counters) Changed files: usr.bin/netstat/Makefile (add fast_ipsec.c) usr.bin/netstat/netstat.h (declarations for fast_ipsec.c) usr.bin/netstat/main.c (call KAME-vs-fast-ipsec dispatcher)
Revision 1.204 / (download) - annotate - [select for diffs], Tue Apr 27 14:46:07 2004 UTC (9 years ago) by matt
Branch: MAIN
Changes since 1.203: +9 -2
lines
Diff to previous 1.203 (colored)
When a packet is received that overlaps the left side of the window, check for RST *before* trimming data and adjust its sequence number.
Revision 1.203 / (download) - annotate - [select for diffs], Mon Apr 26 03:54:28 2004 UTC (9 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.202: +4 -4
lines
Diff to previous 1.202 (colored)
make TCP MD5 signature work with KAME IPSEC (#define IPSEC). support IPv6 if KAME IPSEC (RFC is not explicit about how we make data stream for checksum with IPv6, but i'm pretty sure using normal pseudo-header is the right thing). XXX current TCP MD5 signature code has giant flaw: it does not validate signature on input (can't believe it! what is the point?)
Revision 1.202 / (download) - annotate - [select for diffs], Mon Apr 26 01:31:57 2004 UTC (9 years, 1 month ago) by matt
Branch: MAIN
Changes since 1.201: +2 -7
lines
Diff to previous 1.201 (colored)
Remove #else clause of __STDC__
Revision 1.201 / (download) - annotate - [select for diffs], Sun Apr 25 22:25:03 2004 UTC (9 years, 1 month ago) by jonathan
Branch: MAIN
Changes since 1.200: +56 -2
lines
Diff to previous 1.200 (colored)
Initial commit of a port of the FreeBSD implementation of RFC 2385 (MD5 signatures for TCP, as used with BGP). Credit for original FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship credited to sentex.net. Shortening of the setsockopt() name attributed to Vincent Jardin. This commit is a minimal, working version of the FreeBSD code, as MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp modified to set the TCP-MD5 option; BMS's additions to tcpdump-current (tcpdump -M) confirm that the MD5 signatures are correct. Committed as-is for further testing between a NetBSD BGP speaker (e.g., quagga) and industry-standard BGP speakers (e.g., Cisco, Juniper). NOTE: This version has two potential flaws. First, I do see any code that verifies recieved TCP-MD5 signatures. Second, the TCP-MD5 options are internally padded and assumed to be 32-bit aligned. A more space-efficient scheme is to pack all TCP options densely (and possibly unaligned) into the TCP header ; then do one final padding to a 4-byte boundary. Pre-existing comments note that accounting for TCP-option space when we add SACK is yet to be done. For now, I'm punting on that; we can solve it properly, in a way that will handle SACK blocks, as a separate exercise. In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c ,and modifies: sys/net/pfkeyv2.h,v 1.15 sys/netinet/files.netinet,v 1.5 sys/netinet/ip.h,v 1.25 sys/netinet/tcp.h,v 1.15 sys/netinet/tcp_input.c,v 1.200 sys/netinet/tcp_output.c,v 1.109 sys/netinet/tcp_subr.c,v 1.165 sys/netinet/tcp_usrreq.c,v 1.89 sys/netinet/tcp_var.h,v 1.109 sys/netipsec/files.netipsec,v 1.3 sys/netipsec/ipsec.c,v 1.11 sys/netipsec/ipsec.h,v 1.7 sys/netipsec/key.c,v 1.11 share/man/man4/tcp.4,v 1.16 lib/libipsec/pfkey.c,v 1.20 lib/libipsec/pfkey_dump.c,v 1.17 lib/libipsec/policy_token.l,v 1.8 sbin/setkey/parse.y,v 1.14 sbin/setkey/setkey.8,v 1.27 sbin/setkey/token.l,v 1.15 Note that the preceding two revisions to tcp.4 will be required to cleanly apply this diff.
Revision 1.200 / (download) - annotate - [select for diffs], Sun Apr 25 16:42:42 2004 UTC (9 years, 1 month ago) by simonb
Branch: MAIN
Changes since 1.199: +3 -7
lines
Diff to previous 1.199 (colored)
Initialise (most) pools from a link set instead of explicit calls to pool_init. Untouched pools are ones that either in arch-specific code, or aren't initialiased during initial system startup. Convert struct session, ucred and lockf to pools.
Revision 1.199 / (download) - annotate - [select for diffs], Sun Apr 25 03:29:11 2004 UTC (9 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.198: +3 -4
lines
Diff to previous 1.198 (colored)
fix how we send RST against ACK. markus@openbsd
Revision 1.198 / (download) - annotate - [select for diffs], Sun Apr 25 00:08:54 2004 UTC (9 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.197: +3 -3
lines
Diff to previous 1.197 (colored)
indent for little bit better readability
Revision 1.197 / (download) - annotate - [select for diffs], Sat Apr 24 23:59:13 2004 UTC (9 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.196: +3 -3
lines
Diff to previous 1.196 (colored)
fix comment; we no longer move ip+tcp into the same mbuf
Revision 1.196 / (download) - annotate - [select for diffs], Thu Apr 22 15:05:33 2004 UTC (9 years, 1 month ago) by ragge
Branch: MAIN
Changes since 1.195: +13 -5
lines
Diff to previous 1.195 (colored)
Avoid performance problem in tcp_reass() when appending mbufs to a chain by keeping a pointer to the last mbuf in the chain.
Revision 1.195 / (download) - annotate - [select for diffs], Tue Apr 20 19:49:15 2004 UTC (9 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.194: +12 -3
lines
Diff to previous 1.194 (colored)
follow draft-ietf-tcpm-tcpsecure-00.txt 3.2 (B): if SYN is coming and RCV.NXT == SEG.SEQ, then ACK with value - 1.
Revision 1.194 / (download) - annotate - [select for diffs], Tue Apr 20 16:52:12 2004 UTC (9 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.193: +51 -22
lines
Diff to previous 1.193 (colored)
- respond to RST by ACK, as suggested in NISCC recommendation - rate-limit ACKs against RSTs and SYNs
Revision 1.193 / (download) - annotate - [select for diffs], Sat Apr 17 23:35:37 2004 UTC (9 years, 1 month ago) by matt
Branch: MAIN
Changes since 1.192: +23 -13
lines
Diff to previous 1.192 (colored)
If a segment is received with RST set and the segment is completely to the left of the receive window, ignore it. Add some additional comments to the code that deals with received segemnts that are completely to the right of the receive window. If an invalid SYN is received, force an ACK and drop it; if the other side really sent the SYN; it'll respond with a reset.
Revision 1.192 / (download) - annotate - [select for diffs], Wed Apr 14 18:07:52 2004 UTC (9 years, 1 month ago) by ragge
Branch: MAIN
Changes since 1.191: +3 -2
lines
Diff to previous 1.191 (colored)
Add back one line which was accidentially removed (by me) a while ago. Spotted by Markus Friedl (markus at openbsd.org).
Revision 1.191 / (download) - annotate - [select for diffs], Mon Mar 29 04:59:02 2004 UTC (9 years, 1 month ago) by atatat
Branch: MAIN
Changes since 1.190: +4 -2
lines
Diff to previous 1.190 (colored)
Make these compile without INET. tcp_input probably needs a lot more work...
Revision 1.190 / (download) - annotate - [select for diffs], Wed Mar 10 18:50:45 2004 UTC (9 years, 2 months ago) by drochner
Branch: MAIN
CVS Tags: netbsd-2-0-base,
BEFORE-IPF411
Branch point for: netbsd-2-0
Changes since 1.189: +3 -4
lines
Diff to previous 1.189 (colored)
fix tcp/udp checksum test in the M_CSUM_NO_PSEUDOHDR case (this can never have worked) now I can use a "bge" gigabit interface with hw checksumming ttcp-t: 2147483648 bytes in 18.31 real seconds = 114527.11 KB/sec +++ woow!
Revision 1.189 / (download) - annotate - [select for diffs], Thu Feb 26 02:34:59 2004 UTC (9 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.188: +17 -18
lines
Diff to previous 1.188 (colored)
KNF
Revision 1.188 / (download) - annotate - [select for diffs], Fri Jan 2 12:01:39 2004 UTC (9 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.187: +6 -8
lines
Diff to previous 1.187 (colored)
some corrections from markus@openbsd; - callout_ack() was called with wrong argument - no need for xor with timestamp as we are using arc4random() - minor typo/cleanup
Revision 1.187 / (download) - annotate - [select for diffs], Wed Nov 19 20:47:00 2003 UTC (9 years, 6 months ago) by jonathan
Branch: MAIN
Changes since 1.186: +5 -2
lines
Diff to previous 1.186 (colored)
Footwork for fast-ipsec and IPv6: when compiling sys/netinet/tcp_input.c for both FAST_IPSEC and INET6, include <netipsec/ipsec6.h>.
Revision 1.186 / (download) - annotate - [select for diffs], Fri Oct 24 10:25:40 2003 UTC (9 years, 7 months ago) by ragge
Branch: MAIN
Changes since 1.185: +8 -21
lines
Diff to previous 1.185 (colored)
Fix the bug in the tcp transmit prediction code. During testing the prediction counters show a hit-rate on about 85% for packets sent on a local LAN, and better than 99% for intercontinental high-speed bulk traffic (!).
Revision 1.185 / (download) - annotate - [select for diffs], Thu Oct 23 20:55:08 2003 UTC (9 years, 7 months ago) by mycroft
Branch: MAIN
Changes since 1.184: +2 -9
lines
Diff to previous 1.184 (colored)
Remove all the code to maintain ia_inpcbs. This information was only used to close sockets on address changes, which was deemed to be a bad idea and was summarily removed, so there is no point in wasting effort on maintaining it any more.
Revision 1.184 / (download) - annotate - [select for diffs], Wed Sep 10 01:46:27 2003 UTC (9 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.183: +2 -12
lines
Diff to previous 1.183 (colored)
cut-and-paste error. Valeriy E. Ushakov
Revision 1.183 / (download) - annotate - [select for diffs], Wed Sep 10 00:58:29 2003 UTC (9 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.182: +40 -5
lines
Diff to previous 1.182 (colored)
if IPsec inbound policy mismatches, respond to SYN with RST (instead of just dropping it), allow client to react quickly.
Revision 1.182 / (download) - annotate - [select for diffs], Sat Sep 6 03:12:51 2003 UTC (9 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.181: +2 -6
lines
Diff to previous 1.181 (colored)
clarify flowlabel handling
Revision 1.181 / (download) - annotate - [select for diffs], Thu Sep 4 09:16:59 2003 UTC (9 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.180: +11 -9
lines
Diff to previous 1.180 (colored)
revamp inpcb/in6pcb so that they are more aligned with each other. in6pcb lookup now uses hash(9).
Revision 1.180 / (download) - annotate - [select for diffs], Fri Aug 22 22:49:34 2003 UTC (9 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.179: +4 -5
lines
Diff to previous 1.179 (colored)
make sure so is properly initialized
Revision 1.179 / (download) - annotate - [select for diffs], Fri Aug 22 22:00:37 2003 UTC (9 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.178: +2 -9
lines
Diff to previous 1.178 (colored)
remove ipsec_set/getsocket. now we explicitly pass socket * to ip{,6}_output.
Revision 1.178 / (download) - annotate - [select for diffs], Fri Aug 22 21:53:05 2003 UTC (9 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.177: +7 -8
lines
Diff to previous 1.177 (colored)
change the additional arg to be passed to ip{,6}_output to struct socket *.
this fixes KAME policy lookup which was broken by the previous commit.
Revision 1.177 / (download) - annotate - [select for diffs], Fri Aug 22 20:20:11 2003 UTC (9 years, 9 months ago) by jonathan
Branch: MAIN
Changes since 1.176: +11 -6
lines
Diff to previous 1.176 (colored)
Replace the set_socket() method of passing an extra struct socket* argument to ip6_output() with a new explicit struct in6pcb* argument. (The underlying socket can be obtained via in6pcb->inp6_socket.) In preparation for fast-ipsec. Reviewed by itojun.
Revision 1.176 / (download) - annotate - [select for diffs], Thu Aug 21 14:49:49 2003 UTC (9 years, 9 months ago) by jonathan
Branch: MAIN
Changes since 1.175: +12 -4
lines
Diff to previous 1.175 (colored)
Honour the M_CSUM_NO_PSEUDOHDR, if set on inbound TCP and UDP packets. Tested against bcm5700 with patched if_bge.c.
Revision 1.175 / (download) - annotate - [select for diffs], Fri Aug 15 03:42:04 2003 UTC (9 years, 9 months ago) by jonathan
Branch: MAIN
Changes since 1.174: +14 -8
lines
Diff to previous 1.174 (colored)
(fast-ipsec): Add hooks to pass IPv4 IPsec traffic into fast-ipsec, if configured with ``options FAST_IPSEC''. Kernels with KAME IPsec or with no IPsec should work as before. All calls to ip_output() now always pass an additional compulsory argument: the inpcb associated with the packet being sent, or 0 if no inpcb is available. Fast-ipsec tested with ICMP or UDP over ESP. TCP doesn't work, yet.
Revision 1.174 / (download) - annotate - [select for diffs], Thu Aug 7 16:33:15 2003 UTC (9 years, 9 months ago) by agc
Branch: MAIN
Changes since 1.173: +3 -7
lines
Diff to previous 1.173 (colored)
Move UCB-licensed code from 4-clause to 3-clause licence. Patches provided by Joel Baker in PR 22364, verified by myself.
Revision 1.173 / (download) - annotate - [select for diffs], Sun Jul 20 16:35:07 2003 UTC (9 years, 10 months ago) by he
Branch: MAIN
Changes since 1.172: +14 -3
lines
Diff to previous 1.172 (colored)
As a temporary workaround, apply the fix from PR#20390, thereby cooperating with the callout code in working around the race condition caused by the TCP code's use of the callout facility. Instead of unconditionally releasing memory in tcp_close() and SYN_CACHE_PUT(), check whether any of the related callout handlers are about to be invoked (but have not yet done callout_ack()), and if so, just mark the associated data structure (tcpcb or syn cache entry) as "dead", and test for this (and release storage) in the callout handler functions.
Revision 1.172 / (download) - annotate - [select for diffs], Wed Jul 2 19:33:20 2003 UTC (9 years, 10 months ago) by ragge
Branch: MAIN
Changes since 1.171: +20 -7
lines
Diff to previous 1.171 (colored)
Fix previous bug. Thanks to Enami for spotting the (obvious) error, and to other people with much help with bug reports etc. While fixing, change some of the code I added last time to make it cleaner and simpler.
Revision 1.171 / (download) - annotate - [select for diffs], Sun Jun 29 22:31:58 2003 UTC (9 years, 10 months ago) by fvdl
Branch: MAIN
Branch point for: ktrace-lwp
Changes since 1.170: +0 -0
lines
Diff to previous 1.170 (colored)
Back out the lwp/ktrace changes. They contained a lot of colateral damage, and need to be examined and discussed more.
Revision 1.170 / (download) - annotate - [select for diffs], Sun Jun 29 18:58:26 2003 UTC (9 years, 10 months ago) by ragge
Branch: MAIN
Changes since 1.169: +9 -2
lines
Diff to previous 1.169 (colored)
Add code to remember where in the send queue of mbufs the last packet was sent from. This change avoid a linear search through all mbufs when using large TCP windows, and therefore permit high-speed connections on long distances. Tested on a 1 Gigabit connection between Luleand San Francisco, a distance of about 15000km. With TCP windows of just over 20 Mbytes it could keep up with 950Mbit/s. After discussions with Matt Thomas and Jason Thorpe.
Revision 1.169 / (download) - annotate - [select for diffs], Sun Jun 15 02:49:33 2003 UTC (9 years, 11 months ago) by matt
Branch: MAIN
Changes since 1.168: +22 -14
lines
Diff to previous 1.168 (colored)
Change the way multicasts are kept. They now use a hash table in the same manner as the ifaddr hash table. By doing this, the mkludge code can go away. At the same time, keep track of what pcbs are using what ifaddr and when an address is deleted from an interface, notify/abort all sockets that have that address as a source. Switch IGMP and multicasts to use pools for allocation. Fix a number of potential problems in the igmp code where allocation failures could cause a trap/panic.
Revision 1.168 / (download) - annotate - [select for diffs], Fri May 30 01:15:04 2003 UTC (9 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.167: +6 -2
lines
Diff to previous 1.167 (colored)
inherit IPV6_V6ONLY from listening socket. PR 21713
Revision 1.167 / (download) - annotate - [select for diffs], Sat May 17 17:16:20 2003 UTC (10 years ago) by itojun
Branch: MAIN
Changes since 1.166: +2 -22
lines
Diff to previous 1.166 (colored)
no need for ip_v recovery in output path too (tcp_template includes ip_v setting)
Revision 1.166 / (download) - annotate - [select for diffs], Sat May 17 17:08:15 2003 UTC (10 years ago) by itojun
Branch: MAIN
Changes since 1.165: +2 -22
lines
Diff to previous 1.165 (colored)
ip checksum logic no longer damage ip_v
Revision 1.165 / (download) - annotate - [select for diffs], Fri May 16 03:58:33 2003 UTC (10 years ago) by itojun
Branch: MAIN
Changes since 1.164: +10 -10
lines
Diff to previous 1.164 (colored)
use strlcpy
Revision 1.164 / (download) - annotate - [select for diffs], Wed May 14 06:47:35 2003 UTC (10 years ago) by itojun
Branch: MAIN
Changes since 1.163: +2 -66
lines
Diff to previous 1.163 (colored)
always use PULLDOWN_TEST codepath.
Revision 1.163 / (download) - annotate - [select for diffs], Sat Mar 1 04:40:27 2003 UTC (10 years, 2 months ago) by thorpej
Branch: MAIN
Changes since 1.162: +26 -7
lines
Diff to previous 1.162 (colored)
Allow TCP connections to hosts on a local network to use a larger slow start initial window. Default this larger initial window to 4 packets, allowing it to be adjusted with net.inet.tcp.init_win_local.
Revision 1.162 / (download) - annotate - [select for diffs], Wed Feb 26 06:31:15 2003 UTC (10 years, 2 months ago) by matt
Branch: MAIN
Changes since 1.161: +6 -2
lines
Diff to previous 1.161 (colored)
Add MBUFTRACE kernel option. Do a little mbuf rework while here. Change all uses of MGET*(*, M_WAIT, *) to m_get*(M_WAIT, *). These are not performance critical and making them call m_get saves considerable space. Add m_clget analogue of MCLGET and make corresponding change for M_WAIT uses. Modify netinet, gem, fxp, tulip, nfs to support MBUFTRACE. Begin to change netstat to use sysctl.
Revision 1.161 / (download) - annotate - [select for diffs], Tue Feb 25 22:12:24 2003 UTC (10 years, 2 months ago) by he
Branch: MAIN
Changes since 1.160: +3 -3
lines
Diff to previous 1.160 (colored)
Swap neighboring lines of callout_init() and bzero() of container struct in syn_cache_add(); the bzero() invalidates whatever callout_init() has done (which might matter, but presently doesn't).
Revision 1.160 / (download) - annotate - [select for diffs], Sat Jan 4 23:43:06 2003 UTC (10 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: nathanw_sa_before_merge,
nathanw_sa_base
Changes since 1.159: +3 -3
lines
Diff to previous 1.159 (colored)
Spell output with two ts.
Revision 1.159 / (download) - annotate - [select for diffs], Sat Nov 2 07:28:14 2002 UTC (10 years, 6 months ago) by perry
Branch: MAIN
CVS Tags: gmcgarry_ucred_base,
gmcgarry_ucred,
gmcgarry_ctxsw_base,
gmcgarry_ctxsw,
fvdl_fs64_base
Changes since 1.158: +7 -7
lines
Diff to previous 1.158 (colored)
/*CONTCOND*/ while (0)'ed macros
Revision 1.158 / (download) - annotate - [select for diffs], Tue Oct 22 04:24:50 2002 UTC (10 years, 7 months ago) by thorpej
Branch: MAIN
CVS Tags: kqueue-beforemerge,
kqueue-aftermerge
Changes since 1.157: +8 -7
lines
Diff to previous 1.157 (colored)
Make sure TF_REQ_TSTMP and TF_REQ_SCALE get set correctly in the new TCPCB in the passive-open case. Fixes PR 18677.
Revision 1.157 / (download) - annotate - [select for diffs], Tue Oct 22 03:07:06 2002 UTC (10 years, 7 months ago) by simonb
Branch: MAIN
Changes since 1.156: +7 -10
lines
Diff to previous 1.156 (colored)
In tcp_input(): Remove the set-but-not-used "proto" variable. Guard the "ostate" variable in #ifdef TCP_DEBUG. Remove the set-but-not-used "parentinpcb" variable in syn_cache_get().
Revision 1.156 / (download) - annotate - [select for diffs], Wed Oct 16 15:15:28 2002 UTC (10 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.155: +6 -4
lines
Diff to previous 1.155 (colored)
correct log_refused check (TH_SYN, !TH_RST and !TH_ACK). PR 18669
Revision 1.155 / (download) - annotate - [select for diffs], Wed Sep 11 02:41:21 2002 UTC (10 years, 8 months ago) by itojun
Branch: MAIN
CVS Tags: kqueue-base
Changes since 1.154: +4 -4
lines
Diff to previous 1.154 (colored)
correct signedness mixup in pointer passing. sync w/kame
Revision 1.154 / (download) - annotate - [select for diffs], Thu Sep 5 23:02:18 2002 UTC (10 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.153: +14 -6
lines
Diff to previous 1.153 (colored)
always consult SS_CANTRCVMORE. PR 18185
Revision 1.153 / (download) - annotate - [select for diffs], Wed Aug 28 02:23:57 2002 UTC (10 years, 8 months ago) by thorpej
Branch: MAIN
CVS Tags: gehenna-devsw-base
Changes since 1.152: +21 -2
lines
Diff to previous 1.152 (colored)
Fix a problem introduced in rev 1.103, where we recycle a TIME_WAIT TCPCB .. the fields need to be converted back to net-order, because the packet is checksummed after the TCPCB lookup happens. From YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>.
Revision 1.152 / (download) - annotate - [select for diffs], Mon Aug 19 02:17:54 2002 UTC (10 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.151: +46 -43
lines
Diff to previous 1.151 (colored)
better sync w/kame on deprecated address handling. check af == AF_INET6.
Revision 1.151 / (download) - annotate - [select for diffs], Mon Aug 19 02:13:46 2002 UTC (10 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.150: +46 -2
lines
Diff to previous 1.150 (colored)
pull in deprecated address handling from KAME sys/netinet6/tcp6_input.c.
Revision 1.150 / (download) - annotate - [select for diffs], Wed Aug 14 00:23:33 2002 UTC (10 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.149: +4 -4
lines
Diff to previous 1.149 (colored)
avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE optimization made last year. should solve PR 17867 and 10195. IP_HDRINCL behavior of raw ip socket is kept unchanged. we may want to provide IP_HDRINCL variant that does not swap endian.
Revision 1.149 / (download) - annotate - [select for diffs], Thu Jul 18 03:23:01 2002 UTC (10 years, 10 months ago) by wrstuden
Branch: MAIN
Changes since 1.148: +3 -2
lines
Diff to previous 1.148 (colored)
When a new connection arrives on a listening port, copy over the value of the TCP_NODELAY socket option from the listener to the newly connected connection. Agrees with how Linux & FreeBSD behave, and goes more with the spirit of accept(2) creating a socket with the same properties as the listener. Analysis by Kevin Lahey. Closes PR 17616 by myself.
Revision 1.148 / (download) - annotate - [select for diffs], Wed Jul 3 21:36:58 2002 UTC (10 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.147: +5 -5
lines
Diff to previous 1.147 (colored)
Rename sbappend_stream() to sbappendstream(), per suggestion from Jonathan Stone.
Revision 1.147 / (download) - annotate - [select for diffs], Wed Jul 3 19:06:50 2002 UTC (10 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.146: +5 -5
lines
Diff to previous 1.146 (colored)
Make insertion of data into socket buffers O(C): * Keep pointers to the first and last mbufs of the last record in the socket buffer. * Use the sb_lastrecord pointer in the sbappend*() family of functions to avoid traversing the packet chain to find the last record. * Add a new sbappend_stream() function for stream protocols which guarantee that there will never be more than one record in the socket buffer. This function uses the sb_mbtail pointer to perform the data insertion. Make TCP use sbappend_stream(). On a profiling run, this makes sbappend of a TCP transmission using a 1M socket buffer go from 50% of the time to .02% of the time. Thanks to Bill Sommerfeld and YAMAMOTO Takashi for their debugging assistance!
Revision 1.146 / (download) - annotate - [select for diffs], Sun Jun 30 22:40:35 2002 UTC (10 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.145: +5 -2
lines
Diff to previous 1.145 (colored)
Changes to allow the IPv4 and IPv6 layers to align headers themseves, as necessary: * Implement a new mbuf utility routine, m_copyup(), is is like m_pullup(), except that it always prepends and copies, rather than only doing so if the desired length is larger than m->m_len. m_copyup() also allows an offset into the destination mbuf, which allows space for packet headers, in the forwarding case. * Add *_HDR_ALIGNED_P() macros for IP, IPv6, ICMP, and IGMP. These macros expand to 1 if __NO_STRICT_ALIGNMENT is defined, so that architectures which do not have strict alignment constraints don't pay for the test or visit the new align-if-needed path. * Use the new macros to check if a header needs to be aligned, or to assert that it already is, as appropriate. Note: This code is still somewhat experimental. However, the new code path won't be visited if individual device drivers continue to guarantee that packets are delivered to layer 3 already properly aligned (which are rules that are already in use).
Revision 1.145 / (download) - annotate - [select for diffs], Sat Jun 29 04:13:21 2002 UTC (10 years, 10 months ago) by yamt
Branch: MAIN
Changes since 1.144: +60 -32
lines
Diff to previous 1.144 (colored)
split logging code in order to reduce maximum stack usage.
Revision 1.144 / (download) - annotate - [select for diffs], Tue Jun 11 19:39:59 2002 UTC (10 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.143: +5 -4
lines
Diff to previous 1.143 (colored)
share policy-on-pcb for listening socket. sync w/kame todo: share even more, avoid frequent updates of spidx
Revision 1.143 / (download) - annotate - [select for diffs], Sun Jun 9 16:33:43 2002 UTC (10 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.142: +33 -33
lines
Diff to previous 1.142 (colored)
whitespace
Revision 1.142 / (download) - annotate - [select for diffs], Tue May 28 10:11:51 2002 UTC (10 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.141: +4 -4
lines
Diff to previous 1.141 (colored)
use arc4random() where possible. XXX is it necessary to do microtime() on tcp syn cache?
Revision 1.141 / (download) - annotate - [select for diffs], Tue May 7 02:59:38 2002 UTC (11 years ago) by matt
Branch: MAIN
CVS Tags: netbsd-1-6-base
Branch point for: netbsd-1-6,
gehenna-devsw
Changes since 1.140: +118 -17
lines
Diff to previous 1.140 (colored)
Change struct ipqe to use TAILQ's instead of LIST's (primarily for TCP's benefit currently). Rework tcp_reass code to optimize the 4 most likely causes of out-of-order packets: first OoO pkt, next OoO pkt in seq, OoO pkt is part of new chuck of OoO packets, and the OoO pkt fills the first hole. Add evcnts to instrument tcp_reass (enabled by the options TCP_REASS_COUNTERS). This is part 1/2 of tcp_reass changes.
Revision 1.140 / (download) - annotate - [select for diffs], Sun Mar 24 17:09:01 2002 UTC (11 years, 2 months ago) by christos
Branch: MAIN
Changes since 1.139: +36 -14
lines
Diff to previous 1.139 (colored)
Change the multicast/broadcast test to happen later, and when we are in listen mode. Fixes panic with telnet ::1 port, where the port is an ipv4 open port.
Revision 1.139 / (download) - annotate - [select for diffs], Fri Mar 22 04:31:01 2002 UTC (11 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.138: +2 -7
lines
Diff to previous 1.138 (colored)
no need to check in_broadaddr/IN_MULTICAST in dropwithreset label. suggested by enami
Revision 1.138 / (download) - annotate - [select for diffs], Fri Mar 22 03:21:13 2002 UTC (11 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.137: +5 -4
lines
Diff to previous 1.137 (colored)
make sure we don't touch "ip" in IPv6 path
Revision 1.137 / (download) - annotate - [select for diffs], Tue Mar 19 14:35:20 2002 UTC (11 years, 2 months ago) by christos
Branch: MAIN
CVS Tags: eeh-devprop-base,
eeh-devprop
Changes since 1.136: +10 -3
lines
Diff to previous 1.136 (colored)
Drop connections to the broadcast address. From BUGTRAQ. This is a security issue because it can by-pass ipf rules unintentionally.
Revision 1.136 / (download) - annotate - [select for diffs], Tue Mar 12 04:36:47 2002 UTC (11 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.135: +20 -13
lines
Diff to previous 1.135 (colored)
support tcp_log_refused for IPv6. From: Andrew Brown <atatat@atatdot.net>
Revision 1.135 / (download) - annotate - [select for diffs], Fri Mar 8 20:48:44 2002 UTC (11 years, 2 months ago) by thorpej
Branch: MAIN
CVS Tags: newlock-base,
newlock
Changes since 1.134: +3 -3
lines
Diff to previous 1.134 (colored)
Pool deals fairly well with physical memory shortage, but it doesn't deal with shortages of the VM maps where the backing pages are mapped (usually kmem_map). Try to deal with this: * Group all information about the backend allocator for a pool in a separate structure. The pool references this structure, rather than the individual fields. * Change the pool_init() API accordingly, and adjust all callers. * Link all pools using the same backend allocator on a list. * The backend allocator is responsible for waiting for physical memory to become available, but will still fail if it cannot callocate KVA space for the pages. If this happens, carefully drain all pools using the same backend allocator, so that some KVA space can be freed. * Change pool_reclaim() to indicate if it actually succeeded in freeing some pages, and use that information to make draining easier and more efficient. * Get rid of PR_URGENT. There was only one use of it, and it could be dealt with by the caller. From art@openbsd.org.
Revision 1.134 / (download) - annotate - [select for diffs], Thu Jan 24 02:12:29 2002 UTC (11 years, 4 months ago) by itojun
Branch: MAIN
CVS Tags: ifpoll-base,
ifpoll
Changes since 1.133: +42 -15
lines
Diff to previous 1.133 (colored)
place NRL copyright notice itself, not a reference to it.
Revision 1.133 / (download) - annotate - [select for diffs], Tue Nov 13 00:32:40 2001 UTC (11 years, 6 months ago) by lukem
Branch: MAIN
Changes since 1.132: +4 -1
lines
Diff to previous 1.132 (colored)
add RCSIDs
Revision 1.132 / (download) - annotate - [select for diffs], Sun Nov 4 20:55:28 2001 UTC (11 years, 6 months ago) by matt
Branch: MAIN
CVS Tags: thorpej-mips-cache-base
Changes since 1.131: +6 -6
lines
Diff to previous 1.131 (colored)
Convert netinet to not use the internal <sys/queue.h> field names but instead the access macros. Use the FOREACH macros where appropriate.
Revision 1.131 / (download) - annotate - [select for diffs], Mon Sep 17 17:27:00 2001 UTC (11 years, 8 months ago) by thorpej
Branch: MAIN
CVS Tags: thorpej-devvp-base3,
thorpej-devvp-base2
Branch point for: thorpej-mips-cache
Changes since 1.130: +2 -2
lines
Diff to previous 1.130 (colored)
Split the pre-computed ifnet checksum flags into Tx and Rx directions. Add capabilities bits that indicate an interface can only perform in-bound TCPv4 or UDPv4 checksums. There is at least one Gig-E chip for which this is true (Level One LXT-1001), and this is also the case for the Intel i82559 10/100 Ethernet chips.
Revision 1.130 / (download) - annotate - [select for diffs], Tue Sep 11 21:03:20 2001 UTC (11 years, 8 months ago) by thorpej
Branch: MAIN
CVS Tags: pre-chs-ubcperf,
post-chs-ubcperf
Changes since 1.129: +77 -105
lines
Diff to previous 1.129 (colored)
Use callouts for SYN cache timers, rather than traversing time queues in tcp_slowtimo().
Revision 1.129 / (download) - annotate - [select for diffs], Mon Sep 10 22:14:26 2001 UTC (11 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.128: +2 -1
lines
Diff to previous 1.128 (colored)
Use callouts for TCP timers, rather than traversing the list of all open TCP connections in tcp_slowtimo() (which is called 2x per second). It's fairly rare for TCP timers to actually fire, so saving this list traversal is good, especially if you want to scale to thousands of open connections.
Revision 1.128 / (download) - annotate - [select for diffs], Mon Sep 10 15:23:09 2001 UTC (11 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.127: +16 -20
lines
Diff to previous 1.127 (colored)
Change the way receive idle time and round trip time are measured. Instead of incrementing t_idle and t_rtt in tcp_slowtimo(), we now take a timstamp (via tcp_now) and use subtraction to compute the delta when we actually need it (using unsigned arithmetic so that tcp_now wrapping is handled correctly). Based on similar changes in FreeBSD.
Revision 1.127 / (download) - annotate - [select for diffs], Sun Jul 8 16:18:57 2001 UTC (11 years, 10 months ago) by abs
Branch: MAIN
CVS Tags: thorpej-devvp-base
Branch point for: thorpej-devvp,
kqueue
Changes since 1.126: +7 -3
lines
Diff to previous 1.126 (colored)
Rename TCPDEBUG to TCP_DEBUG, defopt TCP_DEBUG and TCP_NDEBUG, and make all usage of tcp_trace dependent on TCP_DEBUG - resulting in a 31K saving on an INET enabled i386 kernel.
Revision 1.126 / (download) - annotate - [select for diffs], Tue Jun 19 13:42:19 2001 UTC (11 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.125: +2 -2
lines
Diff to previous 1.125 (colored)
`existent', not `existant'
Revision 1.125 / (download) - annotate - [select for diffs], Sat Jun 2 16:17:10 2001 UTC (11 years, 11 months ago) by thorpej
Branch: MAIN
Changes since 1.124: +58 -22
lines
Diff to previous 1.124 (colored)
Implement support for IP/TCP/UDP checksum offloading provided by network interfaces. This works by pre-computing the pseudo-header checksum and caching it, delaying the actual checksum to ip_output() if the hardware cannot perform the sum for us. In-bound checksums can either be fully-checked by hardware, or summed up for final verification by software. This method was modeled after how this is done in FreeBSD, although the code is significantly different in most places. We don't delay checksums for IPv6/TCP, but we do take advantage of the cached pseudo-header checksum. Note: hardware-assisted checksumming defaults to "off". It is enabled with ifconfig(8). See the manual page for details. Implement hardware-assisted checksumming on the DP83820 Gigabit Ethernet, 3c90xB/3c90xC 10/100 Ethernet, and Alteon Tigon/Tigon2 Gigabit Ethernet.
Revision 1.124 / (download) - annotate - [select for diffs], Tue May 8 10:15:13 2001 UTC (12 years ago) by itojun
Branch: MAIN
Changes since 1.123: +7 -9
lines
Diff to previous 1.123 (colored)
correct faith prefix determination. use sys/netinet/if_faith.c:faithprefix() to determine. sync with kame. (without this change, non-faith socket may mistakenly accept for-faith traffic)
Revision 1.123 / (download) - annotate - [select for diffs], Tue Mar 20 20:07:51 2001 UTC (12 years, 2 months ago) by thorpej
Branch: MAIN
CVS Tags: thorpej_scsipi_nbase,
thorpej_scsipi_beforemerge,
thorpej_scsipi_base
Changes since 1.122: +41 -12
lines
Diff to previous 1.122 (colored)
Two changes, designed to make us even more resilient against TCP ISS attacks (which we already fend off quite well). 1. First-cut implementation of RFC1948, Steve Bellovin's cryptographic hash method of generating TCP ISS values. Note, this code is experimental and disabled by default (experimental enough that I don't export the variable via sysctl yet, either). There are a couple of issues I'd like to discuss with Steve, so this code should only be used by people who really know what they're doing. 2. Per a recent thread on Bugtraq, it's possible to determine a system's uptime by snooping the RFC1323 TCP timestamp options sent by a host; in 4.4BSD, timestamps are created by incrementing the tcp_now variable at 2 Hz; there's even a company out there that uses this to determine web server uptime. According to Newsham's paper "The Problem With Random Increments", while NetBSD's TCP ISS generation method is much better than the "random increment" method used by FreeBSD and OpenBSD, it is still theoretically possible to mount an attack against NetBSD's method if the attacker knows how many times the tcp_iss_seq variable has been incremented. By not leaking uptime information, we can make that much harder to determine. So, we avoid the leak by giving each TCP connection a timebase of 0.
Revision 1.122 / (download) - annotate - [select for diffs], Wed Jan 24 09:04:15 2001 UTC (12 years, 4 months ago) by itojun
Branch: MAIN
Branch point for: nathanw_sa
Changes since 1.121: +5 -2
lines
Diff to previous 1.121 (colored)
- record IPsec packet history into m_aux structure. - let ipfilter look at wire-format packet only (not the decapsulated ones), so that VPN setting can work with NAT/ipfilter settings. sync with kame. TODO: use header history for stricter inbound validation
Revision 1.121 / (download) - annotate - [select for diffs], Sun Dec 10 23:39:36 2000 UTC (12 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.120: +1 -10
lines
Diff to previous 1.120 (colored)
remove NRL code leftover. sync with kame
Revision 1.120 / (download) - annotate - [select for diffs], Thu Oct 19 20:22:59 2000 UTC (12 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.119: +4 -4
lines
Diff to previous 1.119 (colored)
remove #ifdef TCP6. it is not likely for us to bring in sys/netinet6/tcp6*.c (separate TCP/IPv6 stack) into netbsd-current.
Revision 1.119 / (download) - annotate - [select for diffs], Tue Oct 17 03:06:42 2000 UTC (12 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.118: +34 -3
lines
Diff to previous 1.118 (colored)
be more friendly with INET-less build. XXX we need to do more to do a working INET-less build
Revision 1.118 / (download) - annotate - [select for diffs], Tue Oct 17 02:57:02 2000 UTC (12 years, 7 months ago) by thorpej
Branch: MAIN
Changes since 1.117: +4 -36
lines
Diff to previous 1.117 (colored)
Add an IP_MTUDISC flag to the flags that can be passed to ip_output(). This flag, if set, causes ip_output() to set DF in the IP header if the MTU in the route is not locked. This allows a bunch of redundant code, which I was never really all that happy about adding in the first place, to be eliminated. Inspired by a similar change made by provos@openbsd.org when he integrated NetBSD's Path MTU Discovery code into OpenBSD.
Revision 1.117 / (download) - annotate - [select for diffs], Fri Jul 28 04:06:53 2000 UTC (12 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.116: +1 -6
lines
Diff to previous 1.116 (colored)
nuke the following sysctl variables. "ppsratelimit" should work better. need to recompile sbin/sysctl after updating /usr/include. net.inet.tcp.rstratelimit net.inet.icmp.errratelimit net.inet6.icmp6.errratelimit
Revision 1.116 / (download) - annotate - [select for diffs], Thu Jul 27 11:34:06 2000 UTC (12 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.115: +8 -1
lines
Diff to previous 1.115 (colored)
implement net.inet.tcp.rstppslimit to limit TCP RSTs by packet-per-second basis. default: 100pps set default value for net.inet.tcp.rstratelimit to 0 (disabled), NOTE: it does not work right for smaller-than-1/hz interval. maybe we should nuke it, or make it impossible to set smaller-than-1/hz value.
Revision 1.115 / (download) - annotate - [select for diffs], Thu Jul 27 06:18:13 2000 UTC (12 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.114: +14 -1
lines
Diff to previous 1.114 (colored)
be proactive about unspecified IPv6 source address. pcb layer uses unspecified address (::) to mean "unbounded" or "unconnected", and can be confused by packets from outside. use of :: as source is not documented well in IPv6 specification. not sure if it presents a real threat. the worst case scenario is a DoS against TCP listening socket: - outsider transmit TCP SYN with :: as IPv6 source - receiving side creates TCP control block with: local address = my addres remote address = :: (meaning "unconnected") state = SYN_RCVD note that SYN ACK will not be sent due to ip6_output() filter. this stays until it timeouts. - the TCP control block prevents listening TCP control block from being contacted (DoS). udp6/raw6 socket may have similar problem, but as they are connectionless, it may too much to filter it out.
Revision 1.114 / (download) - annotate - [select for diffs], Sun Jul 23 05:00:01 2000 UTC (12 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.113: +5 -1
lines
Diff to previous 1.113 (colored)
add an DIAGNOSTIC case for MCLBYTES assumption
Revision 1.113 / (download) - annotate - [select for diffs], Sun Jul 9 12:49:08 2000 UTC (12 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.112: +4 -2
lines
Diff to previous 1.112 (colored)
be more cautious about tcp option length field. drop bogus ones earlier. not sure if there is a real threat or not, but it seems that there's possibility for overrun/underrun (like non-NOP option with optlen > cnt).
Revision 1.112 / (download) - annotate - [select for diffs], Thu Jul 6 12:36:19 2000 UTC (12 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.111: +3 -3
lines
Diff to previous 1.111 (colored)
- do not use bitfield for router renumbering header. - add protection mechanism against ND cache corruption due to bad NUD hints. - more stats - icmp6 pps limitation. TOOD: should implement ppsratecheck(9).
Revision 1.111 / (download) - annotate - [select for diffs], Wed Jul 5 21:45:14 2000 UTC (12 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.110: +2 -2
lines
Diff to previous 1.110 (colored)
Fix some zero-vs-NULL confusion.
Revision 1.110 / (download) - annotate - [select for diffs], Sun Jul 2 08:04:10 2000 UTC (12 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.109: +1 -11
lines
Diff to previous 1.109 (colored)
repair kernel faithd(8) support. there were two mistakes: (1) tcp6_input dropped packets for translation (2) in6_pcblookup_connect was too strict
Revision 1.109 / (download) - annotate - [select for diffs], Fri Jun 30 16:44:33 2000 UTC (12 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.108: +34 -13
lines
Diff to previous 1.108 (colored)
remove old mbuf assumption (ip header and tcp header are on the same mbuf). this is for m_pulldown use. (sync with kame)
Revision 1.108 / (download) - annotate - [select for diffs], Fri May 5 15:05:29 2000 UTC (13 years ago) by matt
Branch: MAIN
CVS Tags: netbsd-1-5-base,
minoura-xpg4dl-base,
minoura-xpg4dl
Branch point for: netbsd-1-5
Changes since 1.107: +2 -2
lines
Diff to previous 1.107 (colored)
remove superfluous test (snd_una is always > iss since th_ack must > iss (first test at start of case) and th_ack is assigned to snd_una).
Revision 1.107 / (download) - annotate - [select for diffs], Fri May 5 14:51:46 2000 UTC (13 years ago) by matt
Branch: MAIN
Changes since 1.106: +2 -2
lines
Diff to previous 1.106 (colored)
From PR #3733: Only disarm timer if SYN contained the ACK bit since if it didn't it would be a crossing/simultaneous SYN and doesn't mean the remote TCP received our SYN.
Revision 1.106 / (download) - annotate - [select for diffs], Thu Mar 30 13:25:05 2000 UTC (13 years, 1 month ago) by augustss
Branch: MAIN
Changes since 1.105: +18 -18
lines
Diff to previous 1.105 (colored)
Remove register declarations.
Revision 1.105 / (download) - annotate - [select for diffs], Wed Mar 1 12:49:37 2000 UTC (13 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.104: +2 -4
lines
Diff to previous 1.104 (colored)
introduce m->m_pkthdr.aux to hold random data which needs to be passed between protocol handlers. ipsec socket pointers, ipsec decryption/auth information, tunnel decapsulation information are in my mind - there can be several other usage. at this moment, we use this for ipsec socket pointer passing. this will avoid reuse of m->m_pkthdr.rcvif in ipsec code. due to the change, MHLEN will be decreased by sizeof(void *) - for example, for i386, MHLEN was 100 bytes, but is now 96 bytes. we may want to increase MSIZE from 128 to 256 for some of our architectures. take caution if you use it for keeping some data item for long period of time - use extra caution on M_PREPEND() or m_adj(), as they may result in loss of m->m_pkthdr.aux pointer (and mbuf leak). this will bump kernel version. (as discussed in tech-net, tested in kame tree)
Revision 1.104 / (download) - annotate - [select for diffs], Tue Feb 15 19:54:12 2000 UTC (13 years, 3 months ago) by thorpej
Branch: MAIN
Changes since 1.103: +19 -5
lines
Diff to previous 1.103 (colored)
Add support for rate-limiting RSTs sent in response to no socket for an incoming packet. Default minimum interval is 10ms. The interval is changeable via the "net.inet.tcp.rstratelimit" sysctl variable.
Revision 1.103 / (download) - annotate - [select for diffs], Sat Feb 12 17:19:34 2000 UTC (13 years, 3 months ago) by thorpej
Branch: MAIN
CVS Tags: chs-ubc2-newbase
Changes since 1.102: +92 -67
lines
Diff to previous 1.102 (colored)
In the tcp_input() path: - Filter out multicast destinations explicitly for every incoming packet, not just SYNs. Previously, non-SYN multicast destination would be filtered out as a side effect of PCB lookup. Remove now redundant similar checks in the dropwithreset case and in syn_cache_add(). - Defer the TCP checksum until we know that we want to process the packet (i.e. have a non-CLOSED connection or a listen socket).
Revision 1.102 / (download) - annotate - [select for diffs], Mon Jan 31 14:18:56 2000 UTC (13 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.101: +9 -14
lines
Diff to previous 1.101 (colored)
bring in latest KAME ipsec tree. - interop issues in ipcomp is fixed - padding type (after ESP) is configurable - key database memory management (need more fixes) - policy specification is revisited XXX m->m_pkthdr.rcvif is still overloaded - hope to fix it soon
Revision 1.101 / (download) - annotate - [select for diffs], Wed Dec 22 04:03:02 1999 UTC (13 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.100: +8 -1
lines
Diff to previous 1.100 (colored)
drop IPv6 packets with v4 mapped address on src/dst. they are illegal and may be used to fool IPv6 implementations (by using ::ffff:127.0.0.1 as source you may be able to pretend the packet is from local node)
Revision 1.100 / (download) - annotate - [select for diffs], Wed Dec 15 06:28:43 1999 UTC (13 years, 5 months ago) by itojun
Branch: MAIN
CVS Tags: wrstuden-devbsize-base,
wrstuden-devbsize-19991221
Changes since 1.99: +3 -2
lines
Diff to previous 1.99 (colored)
do not overwrite traffic class field when we write IPv6 version field.
Revision 1.99 / (download) - annotate - [select for diffs], Mon Dec 13 15:17:20 1999 UTC (13 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.98: +53 -4
lines
Diff to previous 1.98 (colored)
sync IPv6 part with latest KAME tree. IPsec part is left unmodified due to massive changes in KAME side. - IPv6 output goes through nd6_output - faith can capture IPv4 packets as well - you can run IPv4-to-IPv6 translator using heavily modified DNS servers - per-interface statistics (required for IPv6 MIB) - interface autoconfig is revisited - udp input handling has a big change for mapped address support. - introduce in4_cksum() for non-overwriting checksumming - introduce m_pulldown() - neighbor discovery cleanups/improvements - netinet/in.h strictly conforms to RFC2553 (no extra defs visible to userland) - IFA_STATS is fixed a bit (not tested) - and more more more. TODO: - cleanup os-independency #ifdef - avoid rcvif dual use (for IPsec) to help ifdetach (sorry for jumbo commit, I can't separate this any more...)
Revision 1.98 / (download) - annotate - [select for diffs], Sat Dec 11 09:55:14 1999 UTC (13 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.97: +33 -8
lines
Diff to previous 1.97 (colored)
implement upper-layer reachability confirmation for IPv6 ND (RFC2461 7.3.1). fix code to reject "tcp to IPv6 anycast". sync with recent KAME.
Revision 1.97 / (download) - annotate - [select for diffs], Wed Dec 8 16:22:20 1999 UTC (13 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.96: +16 -26
lines
Diff to previous 1.96 (colored)
do not drop from IP header to tcp option until sbappend(), to reduce requirement to mbuf chain. part of KAME sync, committed separately for its (possible) impact.
Revision 1.96 / (download) - annotate - [select for diffs], Thu Sep 23 02:21:30 1999 UTC (13 years, 8 months ago) by itojun
Branch: MAIN
CVS Tags: fvdl-softdep-base,
fvdl-softdep,
comdex-fall-1999-base,
comdex-fall-1999
Branch point for: wrstuden-devbsize,
thorpej_scsipi
Changes since 1.95: +5 -15
lines
Diff to previous 1.95 (colored)
cleanup and correct TCP MSS consideration with IPsec headers. MSS advertisement must always be: max(if mtu) - ip hdr siz - tcp hdr siz We violated this in the previous code so it was fixed. tcp_mss_to_advertise() now takes af (af on wire) as its argument, to compute right ip hdr siz. tcp_segsize() will take care of IPsec header size. One thing I'm not really sure is how to handle IPsec header size in *rxsegsizep (inbound segment size estimation). The current code subtracts possible *outbound* IPsec size from *rxsegsizep, hoping that the peer is using the same IPsec policy as me. It may not be applicable, could TCP gulu please comment...
Revision 1.95 / (download) - annotate - [select for diffs], Fri Sep 10 03:24:14 1999 UTC (13 years, 8 months ago) by simonb
Branch: MAIN
Changes since 1.94: +2 -2
lines
Diff to previous 1.94 (colored)
s/acknowledgment/acknowledgement/
Revision 1.94 / (download) - annotate - [select for diffs], Thu Aug 26 00:04:30 1999 UTC (13 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.93: +9 -8
lines
Diff to previous 1.93 (colored)
Fix a problem discovered by the snd_recover update fix. A bit of the New Reno fast recovery code was being executed even when New Reno was disabled, resulting in an unfortunate interaction with the traditional fast recovery code, the end resulting being that the very condition that would trigger the traditional fast recovery mechanism caused fast recovery to be disabled! Problem reported by Ted Lemon, and some analytical help from Charles Hannum.
Revision 1.93 / (download) - annotate - [select for diffs], Wed Aug 25 15:23:12 1999 UTC (13 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.92: +56 -6
lines
Diff to previous 1.92 (colored)
When listening socket goes away, remove assockated syn cache entires. Stale syn cache entries are useless because none of them will be used if there is no listening socket, as tcp_input looks up listening socket by in_pcblookup*() before looking into syn cache. This fixes race condition due to dangling socket pointer from syn cache entries to listening socket (this was introduced when ipsec is merged in). This should preserve currently implemented behavior (but not 4.4BSD behavior prior to syn cache). Tested in KAME repository before commit, but we'd better run some regression tests.
Revision 1.92 / (download) - annotate - [select for diffs], Mon Aug 23 14:14:30 1999 UTC (13 years, 9 months ago) by christos
Branch: MAIN
Changes since 1.91: +6 -6
lines
Diff to previous 1.91 (colored)
PR/8254: Wolfgang Rupprecht: Incorrect logging of tcp connections; Fix src/dst confusion.
Revision 1.91 / (download) - annotate - [select for diffs], Wed Aug 11 17:37:59 1999 UTC (13 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.90: +31 -12
lines
Diff to previous 1.90 (colored)
Fix a few bugs in the TCP New Reno code: - Make sure that snd_recover is always at least snd_una. If we don't do this, there can be confusion when sequence numbers wrap around on a large loss-free data transfer. - When doing a New Reno retransmit, snd_una hasn't been updated yet, and the socket's send buffer has not yet dropped off ACK'd data, so don't muddle with snd_una, so that tcp_output() gets the correct data offset. - When doing a New Reno retransmit, make sure the congestion window is open one segment beyond the ACK'd data, so that we can actually perform the retransmit. Partially derived from, although more complete than, similar changes in OpenBSD, which in turn originated from Tom Henderson <tomh@cs.berkeley.edu>.
Revision 1.90 / (download) - annotate - [select for diffs], Wed Aug 11 03:02:18 1999 UTC (13 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.89: +4 -4
lines
Diff to previous 1.89 (colored)
Make sure the echoed RFC 1323 timestamp is valid before using it to compute the round trip time. From Mark Allman <mallman@lerc.nasa.gov>.
Revision 1.89 / (download) - annotate - [select for diffs], Thu Jul 22 12:56:56 1999 UTC (13 years, 10 months ago) by itojun
Branch: MAIN
CVS Tags: chs-ubc2-base
Changes since 1.88: +14 -5
lines
Diff to previous 1.88 (colored)
- implement IPv6 pmtud, which is necessary for TCP6. - fix memory leak on SO_DEBUG over TCP.
Revision 1.88 / (download) - annotate - [select for diffs], Sat Jul 17 12:53:05 1999 UTC (13 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.87: +3 -2
lines
Diff to previous 1.87 (colored)
no need to include faith.h on non-IPv6 build, so wrap by #ifdef. (dunno if it's better to always include it or not)
Revision 1.87 / (download) - annotate - [select for diffs], Sat Jul 17 07:07:08 1999 UTC (13 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.86: +23 -5
lines
Diff to previous 1.86 (colored)
fix faith interface support. need testing. (i understand this is a dirty hack, of course)
Revision 1.86 / (download) - annotate - [select for diffs], Wed Jul 14 22:37:13 1999 UTC (13 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.85: +4 -4
lines
Diff to previous 1.85 (colored)
Use proper ip protocol # field and tcp hdr on sending RST against SYN, when ip header and tcp header are not adjacent to each other (i.e. when ip6 options are attached). To test this, try telnet @::1@::1 port toward a port without responding server. Prior to the fix, the kernel will generate broken RST packet.
Revision 1.85 / (download) - annotate - [select for diffs], Fri Jul 9 22:57:20 1999 UTC (13 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.84: +2 -1
lines
Diff to previous 1.84 (colored)
defopt IPSEC and IPSEC_ESP (both into opt_ipsec.h).
Revision 1.84 / (download) - annotate - [select for diffs], Fri Jul 2 12:45:32 1999 UTC (13 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.83: +6 -1
lines
Diff to previous 1.83 (colored)
avoid "variable not initialized" warnings on some of the platforms.
Revision 1.83 / (download) - annotate - [select for diffs], Thu Jul 1 08:12:51 1999 UTC (13 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.82: +1055 -334
lines
Diff to previous 1.82 (colored)
IPv6 kernel code, based on KAME/NetBSD 1.4, SNAP kit 19990628.
(Sorry for a big commit, I can't separate this into several pieces...)
Pls check sys/netinet6/TODO and sys/netinet6/IMPLEMENTATION for details.
- sys/kern: do not assume single mbuf, accept chained mbuf on passing
data from userland to kernel (or other way round).
- "midway" ATM card: ATM PVC pseudo device support, like those done in ALTQ
package (ftp://ftp.csl.sony.co.jp/pub/kjc/).
- sys/netinet/tcp*: IPv4/v6 dual stack tcp support.
- sys/netinet/{ip6,icmp6}.h, sys/net/pfkeyv2.h: IETF document assumes those
file to be there so we patch it up.
- sys/netinet: IPsec additions are here and there.
- sys/netinet6/*: most of IPv6 code sits here.
- sys/netkey: IPsec key management code
- dev/pci/pcidevs: regen
In my understanding no code here is subject to export control so it
should be safe.
Revision 1.82 / (download) - annotate - [select for diffs], Sun May 23 20:33:50 1999 UTC (14 years ago) by ad
Branch: MAIN
Changes since 1.81: +10 -1
lines
Diff to previous 1.81 (colored)
Add new sysctl (net.inet.tcp.log_refused) that when set, causes refused TCP connections to be logged.
Revision 1.81 / (download) - annotate - [select for diffs], Mon May 3 23:30:27 1999 UTC (14 years ago) by thorpej
Branch: MAIN
Changes since 1.80: +2 -1
lines
Diff to previous 1.80 (colored)
Fix an ininitialized variable that the MIPS compiler caught (but the SPARC, Alpha, Arm, and i386 compilers missed).
Revision 1.80 / (download) - annotate - [select for diffs], Thu Apr 29 03:54:22 1999 UTC (14 years ago) by thorpej
Branch: MAIN
Changes since 1.79: +154 -96
lines
Diff to previous 1.79 (colored)
Implement retransmit logic for the SYN cache engine. Fixes a rare condition where one side can think a connection exists, where the other side thinks the connection was never established. The original problem was first reported by Ty Sarna in PR #5909. The original fix I made to the code didn't cover all cases. The problem this fix addresses was reported by Christoph Badura via private e-mail. Many thanks to Bill Sommerfeld for helping me to test this code, and for finding a subtle bug.
Revision 1.79 / (download) - annotate - [select for diffs], Thu Apr 22 01:32:30 1999 UTC (14 years, 1 month ago) by simonb
Branch: MAIN
Changes since 1.78: +1 -3
lines
Diff to previous 1.78 (colored)
Don't extern sb_max, <sys/socketvar.h> provides a definition.
Revision 1.78 / (download) - annotate - [select for diffs], Fri Apr 9 22:01:07 1999 UTC (14 years, 1 month ago) by kml
Branch: MAIN
Changes since 1.77: +7 -3
lines
Diff to previous 1.77 (colored)
Ensure that out of window SYNs receive an ACK in responce, rather than being dropped. This fixes a bug reported by Jason Thorpe.
Revision 1.77 / (download) - annotate - [select for diffs], Fri Feb 5 22:37:24 1999 UTC (14 years, 3 months ago) by matt
Branch: MAIN
CVS Tags: netbsd-1-4-base
Branch point for: netbsd-1-4
Changes since 1.76: +2 -2
lines
Diff to previous 1.76 (colored)
According to Dave Borman, the iss should be using snd_nxt and not rcv_nxt (from tcp_impl mailing-list).
Revision 1.76 / (download) - annotate - [select for diffs], Thu Feb 4 22:58:37 1999 UTC (14 years, 3 months ago) by explorer
Branch: MAIN
Changes since 1.75: +3 -3
lines
Diff to previous 1.75 (colored)
REALLY only update the window when we get an ACK. (the old code seemed broken)
Revision 1.75 / (download) - annotate - [select for diffs], Sun Jan 24 01:19:28 1999 UTC (14 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.74: +123 -77
lines
Diff to previous 1.74 (colored)
* Completely rewrite syn_cache_respond(). - Don't use tcp_respond(), instead create the tcp/ip header from scratch, and send it ourself. - Reuse the mbuf that carried the SYN, or allocate one if that is not available. - Cache the route we look up to do the Path MTU Discovery check, and transfer the reference to that route to the inpcb when the connection completes. * Macro'ize a small, but often repeated code fragment.
Revision 1.74 / (download) - annotate - [select for diffs], Tue Jan 19 23:03:21 1999 UTC (14 years, 4 months ago) by mycroft
Branch: MAIN
Changes since 1.73: +3 -3
lines
Diff to previous 1.73 (colored)
Don't screw with ip_len; just subtract from it where we actually use the value.
Revision 1.73 / (download) - annotate - [select for diffs], Tue Jan 19 21:58:41 1999 UTC (14 years, 4 months ago) by mycroft
Branch: MAIN
Changes since 1.72: +2 -2
lines
Diff to previous 1.72 (colored)
Don't overwrite the checksum fields when checking them. There's no reason to do this, and it screws up ICMP replies. XXX The returned IP checksum and length are still wrong.
Revision 1.72 / (download) - annotate - [select for diffs], Fri Dec 18 21:38:02 1998 UTC (14 years, 5 months ago) by thorpej
Branch: MAIN
Changes since 1.71: +9 -1
lines
Diff to previous 1.71 (colored)
Add a lock around the TCPCB's sequence queue, to prevent tcp_drain() from corrupting the queue if called from a device's interrupt context. Similar in nature to the problem reported in PR #5684.
Revision 1.71 / (download) - annotate - [select for diffs], Thu Oct 8 01:19:26 1998 UTC (14 years, 7 months ago) by thorpej
Branch: MAIN
CVS Tags: kenh-if-detach-base,
kenh-if-detach,
chs-ubc-base,
chs-ubc
Changes since 1.70: +6 -6
lines
Diff to previous 1.70 (colored)
Use the pool allocator for ipqent structures.
Revision 1.70 / (download) - annotate - [select for diffs], Tue Oct 6 00:41:13 1998 UTC (14 years, 7 months ago) by matt
Branch: MAIN
Changes since 1.69: +2 -2
lines
Diff to previous 1.69 (colored)
Fix boolean dyslexic test. Duh!
Revision 1.69 / (download) - annotate - [select for diffs], Tue Oct 6 00:20:44 1998 UTC (14 years, 7 months ago) by matt
Branch: MAIN
Changes since 1.68: +9 -3
lines
Diff to previous 1.68 (colored)
Add a sysctl for newreno (default to off).
Revision 1.68 / (download) - annotate - [select for diffs], Sun Oct 4 21:33:53 1998 UTC (14 years, 7 months ago) by matt
Branch: MAIN
Changes since 1.67: +62 -5
lines
Diff to previous 1.67 (colored)
Adapt the NEWRENO changes from the UCSB diffs of BSDI 3.0's TCP to NetBSD. Ignore the SACK & FACK stuff for now.
Revision 1.67 / (download) - annotate - [select for diffs], Sat Sep 19 04:34:34 1998 UTC (14 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.66: +2 -2
lines
Diff to previous 1.66 (colored)
Fix a typo (not mine) in a comment.
Revision 1.66 / (download) - annotate - [select for diffs], Sat Sep 19 04:32:51 1998 UTC (14 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.65: +9 -2
lines
Diff to previous 1.65 (colored)
If we're in LISTEN state and all of RST, SYN and ACK are clear, send a RST.
Revision 1.65 / (download) - annotate - [select for diffs], Thu Sep 10 10:46:59 1998 UTC (14 years, 8 months ago) by mouse
Branch: MAIN
Changes since 1.64: +4 -3
lines
Diff to previous 1.64 (colored)
Create tcp.keepidle, tcp.keepintvl, tcp.keepcnt, tcp.slowhz sysctls.
Revision 1.64 / (download) - annotate - [select for diffs], Wed Sep 9 01:32:27 1998 UTC (14 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.63: +27 -3
lines
Diff to previous 1.63 (colored)
Use an algorithm similar to that in tcp_notify() to determine if syn_cache_unreach() should remove the entry, or just continue on. Algorithm is to only remove the entry if we've had more than one unreach error and have retransmitted 3 or more times. This prevents the following scenario, as noted in PR #5909 (PR from Ty Sarna, scenario from Charles Hannum): * Host A sends a SYN. * Host A retransmits the SYN. * Host B gets the first SYN and sends a SYN-ACK. * Host B gets the second SYN and sends a SYN-ACK. * One of the SYN-ACK bounces with an ICMP unreachable, causing the `SYN cache' entry to be removed with no notification. * Host A receives the other SYN-ACK, sends an ACK, and goes to ESTABLISHED state. Should fix PR #5909.
Revision 1.63 / (download) - annotate - [select for diffs], Sun Aug 2 00:35:51 1998 UTC (14 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.62: +18 -11
lines
Diff to previous 1.62 (colored)
Use the pool allocator for syn_cache entries.
Revision 1.62 / (download) - annotate - [select for diffs], Fri Jul 17 22:58:56 1998 UTC (14 years, 10 months ago) by thorpej
Branch: MAIN
CVS Tags: eeh-paddr_t-base,
eeh-paddr_t
Changes since 1.61: +12 -9
lines
Diff to previous 1.61 (colored)
Clarify that we are using the Loss Window if a retransmission occurred during the three-way handshake.
Revision 1.61 / (download) - annotate - [select for diffs], Tue Jun 2 18:33:02 1998 UTC (14 years, 11 months ago) by thorpej
Branch: MAIN
Changes since 1.60: +7 -2
lines
Diff to previous 1.60 (colored)
Add a comment explaining why we do _not_ ACK data that might accompany a SYN (avoidance of a DoS attack).
Revision 1.60 / (download) - annotate - [select for diffs], Mon May 11 19:57:23 1998 UTC (15 years ago) by thorpej
Branch: MAIN
Changes since 1.59: +1 -7
lines
Diff to previous 1.59 (colored)
Nuke TUBA per my note to tech-net; there's no reason to keep it around.
Revision 1.59 / (download) - annotate - [select for diffs], Thu May 7 01:37:27 1998 UTC (15 years ago) by thorpej
Branch: MAIN
Changes since 1.58: +84 -142
lines
Diff to previous 1.58 (colored)
Rework the syn cache code somewhat: - Don't use home-grown queue manipulation. Use <sys/queue.h> instead. The data structures are a little larger, but we are otherwise wasting the memory chunk anyway (we're already a 64-byte malloc bucket). - Fix a bug in the cache-is-full case: if the oldest element removed from the first non-empty bucket was the only element in the bucket, the bucket wouldn't be removed from the bucket cache, causing queue corruption later. - Optimize the syn cache timers by using PRT timers rather than home-grown decrement-and-propagate timers. This code is now a fair bit smaller, and significantly easier to read and understand.
Revision 1.58 / (download) - annotate - [select for diffs], Wed May 6 01:21:20 1998 UTC (15 years ago) by thorpej
Branch: MAIN
Changes since 1.57: +21 -18
lines
Diff to previous 1.57 (colored)
Use macros from tcp_timer.h to manipulate TCP timers, so that their implementation can be changed easily.
Revision 1.57 / (download) - annotate - [select for diffs], Sun May 3 19:54:56 1998 UTC (15 years ago) by thorpej
Branch: MAIN
Changes since 1.56: +1 -3
lines
Diff to previous 1.56 (colored)
Once again, move a declaration for the benefit of TUBA (grumble).
Revision 1.56 / (download) - annotate - [select for diffs], Sat May 2 04:23:05 1998 UTC (15 years ago) by thorpej
Branch: MAIN
Changes since 1.55: +3 -3
lines
Diff to previous 1.55 (colored)
Oops, move a variable declaration so TUBA won't lose.
Revision 1.55 / (download) - annotate - [select for diffs], Sat May 2 04:21:58 1998 UTC (15 years ago) by thorpej
Branch: MAIN
Changes since 1.54: +7 -2
lines
Diff to previous 1.54 (colored)
Reintroduce the immediate ACK-on-PUSH behavior removed in revision 1.47, but make the decision to do this dependent on the sysctl variable net.inet.tcp.ack_on_push, which is disabled by default.
Revision 1.54 / (download) - annotate - [select for diffs], Wed Apr 29 20:43:29 1998 UTC (15 years ago) by matt
Branch: MAIN
Changes since 1.53: +233 -76
lines
Diff to previous 1.53 (colored)
New TCP reassembly code. The new code reduces the memory needed by out-of-order packets and builds the infrastructure needed for sending SACK blocks (to be added shortly).
Revision 1.53 / (download) - annotate - [select for diffs], Wed Apr 29 00:43:46 1998 UTC (15 years ago) by thorpej
Branch: MAIN
Changes since 1.52: +5 -4
lines
Diff to previous 1.52 (colored)
Change RFC1323 timestamp update rule per Section 3.4 of RFC1323.bis. Old rule was to update the timestamp if the sequence numbers are in range. New rule adds a check that the timestamp is advancing, thus preventing our notion of the most recent timestamp from incorrectly moving backwards.
Revision 1.52 / (download) - annotate - [select for diffs], Tue Apr 28 21:52:16 1998 UTC (15 years ago) by thorpej
Branch: MAIN
Changes since 1.51: +11 -2
lines
Diff to previous 1.51 (colored)
Log the peer's IP address on received window scale factors larger than TCP_MAX_WINSHIFT (14), as recommended in Section 2.3 of RFC1323.
Revision 1.51 / (download) - annotate - [select for diffs], Mon Apr 13 21:18:19 1998 UTC (15 years, 1 month ago) by kml
Branch: MAIN
Changes since 1.50: +3 -2
lines
Diff to previous 1.50 (colored)
Fix to ensure that the correct MSS is advertised for loopback TCP connections by using the MTU of the interface. Also added a knob, mss_ifmtu, to force all connections to use the MTU of the interface to calculate the advertised MSS.
Revision 1.50 / (download) - annotate - [select for diffs], Tue Apr 7 05:09:19 1998 UTC (15 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.49: +47 -5
lines
Diff to previous 1.49 (colored)
Remember any source routes that may have accompanied a SYN.
Revision 1.49 / (download) - annotate - [select for diffs], Fri Apr 3 08:02:45 1998 UTC (15 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.48: +7 -7
lines
Diff to previous 1.48 (colored)
Now that we have a flags word in the syn cache entry, use a flag to indicate "peer will do timestamps" rather than a bitfield, and give the now-unsed bit to the hash, making it now 32 bits.
Revision 1.48 / (download) - annotate - [select for diffs], Fri Apr 3 07:54:01 1998 UTC (15 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.47: +6 -31
lines
Diff to previous 1.47 (colored)
Clean up some comments wrt. the syn cache code.
Revision 1.47 / (download) - annotate - [select for diffs], Tue Mar 31 23:44:09 1998 UTC (15 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.46: +3 -5
lines
Diff to previous 1.46 (colored)
Back out a change made some time ago, that would cause the NetBSD TCP to ACK immediately any packet that arrived with PSH set. This breaks delayed ACKs in a few specific common cases that delayed ACKs were supposed to help, and ends up not making much (if any) difference in the case where where this ACK-on-PSH change was supposed to help. Per discussion with several members of the TCPIMPL and TCPSAT IETF working groups.
Revision 1.46 / (download) - annotate - [select for diffs], Tue Mar 31 22:49:09 1998 UTC (15 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.45: +26 -1
lines
Diff to previous 1.45 (colored)
Fix a potential-congestion case in the larger initial congestion window code, as clarified in the TCPIMPL WG meeting at IETF #41: If the SYN (active open) or SYN,ACK (passive open) was retransmitted, the initial congestion window for the first slow start of that connection must be one segment.
Revision 1.45 / (download) - annotate - [select for diffs], Thu Mar 19 22:29:33 1998 UTC (15 years, 2 months ago) by kml
Branch: MAIN
Changes since 1.44: +7 -3
lines
Diff to previous 1.44 (colored)
Fix a retransmission bug introduced by the Brakmo and Peterson RTO estimation changes. Under some circumstances it would return a value of 0, while the old Van Jacobson RTO code would return a minimum of 3. This would result in 12 retransmissions, each 1 second apart. This takes care of those instances, and ensures that t_rttmin is used everywhere as a lower bound.
Revision 1.44 / (download) - annotate - [select for diffs], Thu Feb 19 02:36:42 1998 UTC (15 years, 3 months ago) by thorpej
Branch: MAIN
Changes since 1.43: +38 -1
lines
Diff to previous 1.43 (colored)
Update copyright (sigh, should have done this long ago).
Revision 1.43 / (download) - annotate - [select for diffs], Sat Jan 24 12:27:31 1998 UTC (15 years, 4 months ago) by mellon
Branch: MAIN
Changes since 1.42: +10 -5
lines
Diff to previous 1.42 (colored)
Always set sc->sc_timeout (it was missed in one case). This fixes a problem where SYN cache entries are sometimes timed out almost immediately.
Revision 1.42 / (download) - annotate - [select for diffs], Sat Jan 24 05:04:27 1998 UTC (15 years, 4 months ago) by mycroft
Branch: MAIN
Changes since 1.41: +10 -8
lines
Diff to previous 1.41 (colored)
Fix an old editing error from merging a bug fix into Lite, that might cause us to erroneously drop a FIN. Also, minor changes so the code looks more like Stevens vol 2 figure 28.30.
Revision 1.41 / (download) - annotate - [select for diffs], Wed Jan 21 01:21:22 1998 UTC (15 years, 4 months ago) by mellon
Branch: MAIN
Changes since 1.40: +1 -2
lines
Diff to previous 1.40 (colored)
Never free the mbuf that we give to tcp_respond(). The previous change corrected an inconsistency but in exactly the wrong way.
Revision 1.40 / (download) - annotate - [select for diffs], Sun Jan 18 05:56:15 1998 UTC (15 years, 4 months ago) by mellon
Branch: MAIN
Changes since 1.39: +3 -5
lines
Diff to previous 1.39 (colored)
In syn_cache_get(), don't free incoming packet before jumping to resetandabort, but do free it after sending the reset.
Revision 1.39 / (download) - annotate - [select for diffs], Mon Jan 5 10:32:03 1998 UTC (15 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.38: +3 -3
lines
Diff to previous 1.38 (colored)
Finishing merging 4.4BSD-Lite2 netinet. At this point, the only changes left were SCCS IDs and Copyright dates.
Revision 1.38 / (download) - annotate - [select for diffs], Wed Dec 31 03:31:23 1997 UTC (15 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.37: +2 -2
lines
Diff to previous 1.37 (colored)
Implement a queue for delayed ACK processing. This queue is used in tcp_fasttimo() in lieu of scanning all open TCP connections.
Revision 1.37 / (download) - annotate - [select for diffs], Thu Dec 11 06:33:29 1997 UTC (15 years, 5 months ago) by thorpej
Branch: MAIN
Changes since 1.36: +19 -9
lines
Diff to previous 1.36 (colored)
Fix the "stretch ACK violation" bug documented in internet draft draft-ietf-tcpimpl-prob-02.txt. Also, fix another bug in the header prediction case where an ACK would not be sent when it should be.
Revision 1.36 / (download) - annotate - [select for diffs], Fri Nov 21 06:41:54 1997 UTC (15 years, 6 months ago) by thorpej
Branch: MAIN
Changes since 1.35: +4 -3
lines
Diff to previous 1.35 (colored)
Slight change to the previous: just drop the packet in the self-connect case. Sending an RST to ourselves is a little silly, considering that we'll just attempt to remove a non-existent compressed state entry and then drop the packet anyway.
Revision 1.35 / (download) - annotate - [select for diffs], Fri Nov 21 06:18:30 1997 UTC (15 years, 6 months ago) by thorpej
Branch: MAIN
Changes since 1.34: +34 -8
lines
Diff to previous 1.34 (colored)
In tcp_input(), if the PCB we lookup for an incoming packet is a listen socket: - If we received a SYN,ACK, send an RST. - If we received a SYN, and the connection attempt appears to come from itself, send an RST, since it cannot possibly be valid.
Revision 1.34 / (download) - annotate - [select for diffs], Sat Nov 8 02:35:22 1997 UTC (15 years, 6 months ago) by kml
Branch: MAIN
Changes since 1.33: +12 -12
lines
Diff to previous 1.33 (colored)
TCP MSS fixes to provide cleaner slow-start and recovery.
Revision 1.33 / (download) - annotate - [select for diffs], Fri Oct 10 01:51:07 1997 UTC (15 years, 7 months ago) by explorer
Branch: MAIN
CVS Tags: netbsd-1-3-base,
marc-pcmcia-base
Branch point for: netbsd-1-3
Changes since 1.32: +4 -4
lines
Diff to previous 1.32 (colored)
Add hooks to use the kernel random system to generate TCP sequence numbers.
Revision 1.32 / (download) - annotate - [select for diffs], Mon Sep 22 21:49:55 1997 UTC (15 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.31: +17 -166
lines
Diff to previous 1.31 (colored)
Fix several annoyances related to MSS handling in BSD TCP: - Don't overload t_maxseg. Previous behavior was to set it to the min of the peer's advertised MSS, our advertised MSS, and tcp_mssdflt (for non-local networks). This breaks PMTU discovery running on either host. Instead, remember the MSS we advertise, and use it as appropriate (in silly window avoidance). - Per last bullet, split tcp_mss() into several functions for handling MSS (ours and peer's), and performing various tasks when a connection becomes ESTABLISHED. - Introduce a new function, tcp_segsize(), which computes the max size for every segment transmitted in tcp_output(). This will eventually be used to hook in PMTU discovery.
Revision 1.31 / (download) - annotate - [select for diffs], Mon Jul 28 22:07:38 1997 UTC (15 years, 9 months ago) by thorpej
Branch: MAIN
CVS Tags: thorpej-signal-base,
thorpej-signal,
marc-pcmcia-bp
Branch point for: marc-pcmcia
Changes since 1.30: +1 -6
lines
Diff to previous 1.30 (colored)
Garbage-collect some "extern"s.
Revision 1.30 / (download) - annotate - [select for diffs], Mon Jul 28 01:07:48 1997 UTC (15 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.29: +13 -4
lines
Diff to previous 1.29 (colored)
Fix a rather severe bug in handling of incoming SYNs for peer/port values which happen to have a TCB in TIME_WAIT, where an mbuf which had been advanced past the IP+TCP headers and TCP options would be reused as if it had not been advanced. Problem found by Juergen Hannken-Illjes, who also suggested a work-around on which this fix is based.
Revision 1.29 / (download) - annotate - [select for diffs], Wed Jul 23 21:26:49 1997 UTC (15 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.28: +772 -153
lines
Diff to previous 1.28 (colored)
Pull SYN_cache_branch down into the main line.
Revision 1.28 / (download) - annotate - [select for diffs], Sun Jul 6 07:04:34 1997 UTC (15 years, 10 months ago) by thorpej
Branch: MAIN
CVS Tags: SYN_cache_cur_base
Changes since 1.27: +2 -2
lines
Diff to previous 1.27 (colored)
Fix an old and obscure TCP bug, brought to my attention by Bill Fenner, fixed in FreeBSD by John Polstra: Fix a bug (apparently very old) that can cause a TCP connection to be dropped when it has an unusual traffic pattern. For full details as well as a test case that demonstrates the failure, see the referenced PR (FreeBSD's kern/3998). Under certain circumstances involving the persist state, it is possible for the receive side's tp->rcv_nxt to advance beyond its tp->rcv_adv. This causes (tp->rcv_adv - tp->rcv_nxt) to become negative. However, in the code affected by this fix, that difference was interpreted as an unsigned number by max(). Since it was negative, it was taken as a huge unsigned number. The effect was to cause the receiver to believe that its receive window had negative size, thereby rejecting all received segments including ACKs. As the test case shows, this led to fruitless retransmissions and eventually to a dropped connection. Even connections using the loopback interface could be dropped. The fix substitutes the signed imax() for the unsigned max() function. Bill informs me that his research indicates this bug appeared in Reno.
Revision 1.27 / (download) - annotate - [select for diffs], Tue Dec 10 18:20:19 1996 UTC (16 years, 5 months ago) by mycroft
Branch: MAIN
CVS Tags: thorpej-setroot,
mrg-vm-swap,
is-newarp-before-merge,
is-newarp-base,
is-newarp,
bouyer-scsipi
Branch point for: SYN_cache_branch
Changes since 1.26: +9 -8
lines
Diff to previous 1.26 (colored)
Fix RTT scaling problems introduced with Brakmo and Peterson changes.
Revision 1.26 / (download) - annotate - [select for diffs], Sun Sep 15 18:11:09 1996 UTC (16 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.25: +4 -5
lines
Diff to previous 1.25 (colored)
Hash unconnected PCBs.
Revision 1.25 / (download) - annotate - [select for diffs], Tue Sep 10 23:26:05 1996 UTC (16 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.24: +5 -2
lines
Diff to previous 1.24 (colored)
If we're in SYN-SENT or SYN-RECEIVED state, don't reset the keepalive timer until we transition to ESTABLISHED state. Suggested by TCP/IP vol 3.
Revision 1.24 / (download) - annotate - [select for diffs], Mon Sep 9 14:51:20 1996 UTC (16 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.23: +12 -10
lines
Diff to previous 1.23 (colored)
Add in_nullhost() and in_hosteq() macros, to hide some protocol details. Also, fix a bug in TCP wrt SYN+URG packets.
Revision 1.23 / (download) - annotate - [select for diffs], Tue Feb 13 23:43:44 1996 UTC (17 years, 3 months ago) by christos
Branch: MAIN
CVS Tags: netbsd-1-2-base,
netbsd-1-2-RELEASE,
netbsd-1-2-BETA
Branch point for: netbsd-1-2
Changes since 1.22: +23 -13
lines
Diff to previous 1.22 (colored)
netinet prototypes
Revision 1.22 / (download) - annotate - [select for diffs], Wed Jan 31 05:56:56 1996 UTC (17 years, 3 months ago) by mycroft
Branch: MAIN
Changes since 1.21: +6 -7
lines
Diff to previous 1.21 (colored)
Ignore FIN if not yet connected.
Revision 1.21 / (download) - annotate - [select for diffs], Wed Jan 31 03:49:33 1996 UTC (17 years, 3 months ago) by mycroft
Branch: MAIN
Changes since 1.20: +9 -11
lines
Diff to previous 1.20 (colored)
Build a hash table of PCBs. Hash function needs tweaking.
Revision 1.20 / (download) - annotate - [select for diffs], Tue Nov 21 01:07:39 1995 UTC (17 years, 6 months ago) by cgd
Branch: MAIN
Changes since 1.19: +57 -39
lines
Diff to previous 1.19 (colored)
make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
Revision 1.19 / (download) - annotate - [select for diffs], Fri Aug 4 01:12:23 1995 UTC (17 years, 9 months ago) by mycroft
Branch: MAIN
CVS Tags: netbsd-1-1-base,
netbsd-1-1-RELEASE,
netbsd-1-1-PATCH001
Branch point for: netbsd-1-1
Changes since 1.18: +3 -3
lines
Diff to previous 1.18 (colored)
Encapsulate the test for sending a notification in a macro, sb_notify().
Revision 1.18 / (download) - annotate - [select for diffs], Mon Jun 12 00:47:52 1995 UTC (17 years, 11 months ago) by mycroft
Branch: MAIN
Changes since 1.17: +15 -15
lines
Diff to previous 1.17 (colored)
Various cleanup, including: * Convert several data structures to use queue.h. * Split in_pcbnotify() into two parts; one for notifying a specific PCB, and one for notifying all PCBs for a particular foreign address.
Revision 1.17 / (download) - annotate - [select for diffs], Sun Jun 11 21:36:04 1995 UTC (17 years, 11 months ago) by mycroft
Branch: MAIN
Changes since 1.16: +2 -2
lines
Diff to previous 1.16 (colored)
Oops. Decrement rtt earlier.
Revision 1.16 / (download) - annotate - [select for diffs], Sun Jun 11 20:39:22 1995 UTC (17 years, 11 months ago) by mycroft
Branch: MAIN
Changes since 1.15: +8 -7
lines
Diff to previous 1.15 (colored)
As suggested by Brakmo and Peterson: * Don't add the extra 1/8 of the mss when ramping up the congestion window. * Scale the RTT values slightly to adjust for rounding errors. * Set the lower bound of the RTO to RTT+2.
Revision 1.15 / (download) - annotate - [select for diffs], Sun Jun 11 09:36:28 1995 UTC (17 years, 11 months ago) by mycroft
Branch: MAIN
Changes since 1.14: +3 -2
lines
Diff to previous 1.14 (colored)
Check for inflated congestion window during header prediction, per Bramko and Peterson.
Revision 1.14 / (download) - annotate - [select for diffs], Sun Jun 4 05:07:14 1995 UTC (17 years, 11 months ago) by mycroft
Branch: MAIN
Changes since 1.13: +2 -3
lines
Diff to previous 1.13 (colored)
Clean up many more casts.
Revision 1.13 / (download) - annotate - [select for diffs], Thu Jun 1 21:36:45 1995 UTC (17 years, 11 months ago) by mycroft
Branch: MAIN
Changes since 1.12: +3 -3
lines
Diff to previous 1.12 (colored)
Avoid byte-swapping IP addresses at run time.
Revision 1.12 / (download) - annotate - [select for diffs], Thu Apr 13 06:36:37 1995 UTC (18 years, 1 month ago) by cgd
Branch: MAIN
Changes since 1.11: +9 -8
lines
Diff to previous 1.11 (colored)
be a bit more careful and explicit with types. (basically a large no-op.)
Revision 1.11 / (download) - annotate - [select for diffs], Fri Oct 14 16:01:49 1994 UTC (18 years, 7 months ago) by mycroft
Branch: MAIN
Changes since 1.10: +2 -2
lines
Diff to previous 1.10 (colored)
Don't return received data to the user until the initial handshake is complete. Also use TCPS_HAVEESTABLISHED() in a few other places.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jun 29 06:38:40 1994 UTC (18 years, 11 months ago) by cgd
Branch: MAIN
CVS Tags: netbsd-1-0-base,
netbsd-1-0-RELEASE,
netbsd-1-0-PATCH1,
netbsd-1-0-PATCH06,
netbsd-1-0-PATCH05,
netbsd-1-0-PATCH04,
netbsd-1-0-PATCH03,
netbsd-1-0-PATCH02,
netbsd-1-0-PATCH0,
netbsd-1-0
Changes since 1.9: +3 -2
lines
Diff to previous 1.9 (colored)
New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD'
Revision 1.9 / (download) - annotate - [select for diffs], Fri May 13 06:06:39 1994 UTC (19 years ago) by mycroft
Branch: MAIN
Changes since 1.8: +236 -93
lines
Diff to previous 1.8 (colored)
Update to 4.4-Lite networking code, with a few local changes.
Revision 1.8 / (download) - annotate - [select for diffs], Mon Apr 25 19:16:53 1994 UTC (19 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.7: +9 -3
lines
Diff to previous 1.7 (colored)
As I described this on comp.protocols.tcp-ip: I've found a problem with the TCP delayed ack algorithm. If the writer's buffer becomes full before sending an entire window, the writer will stop and the ack will be delayed and the transmission will be stalled pending a timeout on (and transmission of) the delayed ack. As an experiment, I've applied the following patch to my (NetBSD) kernel, and it alleviates the problem. The worst case for this change is that the writer sets the PSH bit on every outgoing packet, in which case delayed ack is effectively disabled. This is not an issue of correctness, however, and since most vendors use the PSH bit a bit more intelligently, it doesn't seem like a serious problem.
Revision 1.7 / (download) - annotate - [select for diffs], Tue Apr 12 18:07:46 1994 UTC (19 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.6: +11 -27
lines
Diff to previous 1.6 (colored)
Patch from James Carlson to fix TCP stalls.
Revision 1.6 / (download) - annotate - [select for diffs], Sat Jan 8 23:26:40 1994 UTC (19 years, 4 months ago) by mycroft
Branch: MAIN
Changes since 1.5: +1 -3
lines
Diff to previous 1.5 (colored)
Remove some extra prototypes.
Revision 1.5 / (download) - annotate - [select for diffs], Sat Jan 8 23:07:18 1994 UTC (19 years, 4 months ago) by mycroft
Branch: MAIN
Changes since 1.4: +16 -4
lines
Diff to previous 1.4 (colored)
Prototypes.
Revision 1.4 / (download) - annotate - [select for diffs], Sat Jan 8 21:21:58 1994 UTC (19 years, 4 months ago) by mycroft
Branch: MAIN
Changes since 1.3: +12 -12
lines
Diff to previous 1.3 (colored)
Fix some inconsistent spacing; spaces at the end of lines, etc.
Revision 1.3 / (download) - annotate - [select for diffs], Sat Dec 18 00:42:03 1993 UTC (19 years, 5 months ago) by mycroft
Branch: MAIN
Changes since 1.2: +24 -24
lines
Diff to previous 1.2 (colored)
Canonicalize all #includes.
Revision 1.2 / (download) - annotate - [select for diffs], Tue May 18 18:20:15 1993 UTC (20 years ago) by cgd
Branch: MAIN
CVS Tags: netbsd-0-9-patch-001,
netbsd-0-9-base,
netbsd-0-9-RELEASE,
netbsd-0-9-BETA,
netbsd-0-9-ALPHA2,
netbsd-0-9-ALPHA,
netbsd-0-9,
magnum-base,
magnum
Changes since 1.1: +3 -1
lines
Diff to previous 1.1 (colored)
make kernel select interface be one-stop shopping & clean it all up.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Mar 21 09:45:37 1993 UTC (20 years, 2 months ago) by cgd
Branch: MAIN
Initial revision