netinet

Clone Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Introduce a patch from pfsense to increase the dummynet limit.

Obtained from: pfsense, https://github.com/pfsense/FreeBSD-src/commit/2085b4c32205d4b41c4cdc810db1b9531881c824.diff

  1. … 3 more files in changeset.
Improve the TCP SACK generation by reporting DSACKs

Don't send an uninitialised traffic class in the IPv6 header, when sending a TCP segment from the TCP SYN cache (like a SYN-ACK). This fix initialises it to zero. This is correct for the ECN bits, but is does not honor the DSCP what an application might have set via the IPPROTO_IPV6 level socket options IPV6_TCLASS. That will be fixed separately.

Fix kernel panic while trying to read multicast stream.

When VIMAGE is enabled make sure the "m_pkthdr.rcvif" pointer is set

for all mbufs being input by the IGMP/MLD6 code. Else there will be a

NULL-pointer dereference in the netisr code when trying to set the

VNET based on the incoming mbuf. Add an assert to catch this when

queueing mbufs on a netisr to make debugging of similar cases easier.

  1. … 2 more files in changeset.
dhclient: When parsing option 119 data, dhclient(8) computes the uncompressed domain list length so that it can allocate an appropriately sized buffer to store the uncompressed list. The code to compute the length failed to handle certain malformed input, resulting in a heap overflow when the uncompressed list is copied into in inadequately sized buffer.

sctp:

Due to improper handling in the kernel, a use-after-free bug can be triggered

by sending large user messages from multiple threads on the same socket.

  1. … 1 more file in changeset.
libalias(3) packet handlers do not properly validate the packet length before accessing the protocol headers. As a result, if a libalias(3) module does not properly validate the packet length before accessing the protocol header, it is possible for an out of bound read or write condition to occur.

Obtained from: FreeBSD

add carrier grade nat.

libalias(3) packet handlers do not properly validate the packet length before accessing the protocol headers. As a result, if a libalias(3) module does not properly validate the packet length before accessing the protocol header, it is possible for an out of bound read or write condition to occur.

Obtained from: FreeBSD

Sync with FreeBSD 11-stable.

  1. … 3173 more files in changeset.
ICMP buffer underwrite

The icmp_error routine allocates either an mbuf or a cluster depending on the

size of the data to be quoted in the ICMP reply, but the calculation failed

to account for additional padding on 64-bit platforms when using a

non-default sysctl value for net.inet.icmp.quotelen.

increase reassembly queue size. This seems to low for higher speed connections.

use version

One of the data structures that holds TCP segments uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in the reassembly queue.

As a temporary solution to this problem, these patches limit the size

of each TCP connection's reassembly queue. The value is controlled by

a sysctl (net.inet.tcp.reass.maxqueuelen), which sets the maximum

number of TCP segments that can be outstanding on a session's

reassembly queue. This value defaults to 100.

Note that setting this value too low could impact the throughput of

TCP connections which experience significant loss or

reordering. However, the higher this number is set, the more resources

can be consumed on TCP reassembly processing.

Obtained from: FreeBSD

  1. … 1 more file in changeset.
fixup verion checks

  1. … 127 more files in changeset.
sync with freebsd

  1. … 200 more files in changeset.
tag freebsd 6.1

    • -0
    • +2122
    ./ip_dummynet.c
    • -0
    • +215
    ./libalias/alias_old.c
  1. … 14082 more files in changeset.
- recover missing arp_ifinit() call. - plug static llentry leak (ipv4 & ipv6 were affected).

  1. … 2 more files in changeset.
add ipfw support for setting/matching diffserv codepoints (DSCP).

Setting DSCP support is done via O_SETDSCP which works for both IPv4 and IPv6 packets.

  1. … 6 more files in changeset.
Permit tcpdrop in VNET jails.

Move IPPROTO_IPV6 from #ifdef __BSD_VISIBLE to #if __POSIX_VISIBLE >= 201112 since POSIX 2001 states that it shall be defined.

Simplify and fix a bug in cc_ack_received()'s "are we congestion window limited" logic (refer to [1] for associated discussion). snd_cwnd and snd_wnd are unsigned long and on 64 bit hosts, min() will truncate them to 32 bits and could therefore potentially corrupt the result (although under normal operation, neither variable should legitmately exceed 32 bits).

[1] http://lists.freebsd.org/pipermail/freebsd-net/2013-January/034297.html

Obtained from: FreeBSD 250140

MFC r249294: Use IP6STAT_INC/IP6STAT_DEC macros to update ip6 stats.

MFC r249528,249546:

Add accounting to the source address selection algorithm for cases, when

it fails to select an address, also add several another counters to

the statistics.

MFC r249543,249552:

Replace hardcoded numbers.

MFC r249544:

Use IP6S_M2MMAX macro.

MFC r249545:

Replace hardcoded numbers. Also use interface-local scope name instead

of node-local.

Obtained from: FreeBSD

  1. … 16 more files in changeset.
fix mbuf leaks in incoming arp processing.

This fixes the issue with the "randomly changing" default route. What it was is there are two places in ip_output.c where we do a goto again. One place was fine, it copies out the new address and then resets dst = ro->rt_dst; But the other place does *not* do that, which means earlier when we found the gateway, we have dst pointing there aka dst = ro->rt_gateway is done.. then we do a goto again.. bam now we clobber the default route.

The fix is just to move the again so we are always

doing dst = &ro->rt_dst; in the again loop.

hard revert on network stack code

  1. … 289 more files in changeset.
tag files again

rollback to pre toecore

remove toecore patch for now.

  1. … 1 more file in changeset.
mark malloc defines static that have no malloc declares.

  1. … 107 more files in changeset.
The LLE_LINKED flag should be tested prior to entering llentry_free

  1. … 2 more files in changeset.