Page MenuHomeFreeBSD
Feed Advanced Search

Yesterday

ae committed rS339556: Include <sys/eventhandler.h> to fix the build..
Include <sys/eventhandler.h> to fix the build.
Sun, Oct 21, 6:39 PM
ae accepted D17625: tcpdump: Log uid on pflog interfaces.

LGTM

Sun, Oct 21, 6:33 PM
ae committed rS339555: Follow the fix in r339532 (by glebius):.
Follow the fix in r339532 (by glebius):
Sun, Oct 21, 6:30 PM
ae committed rS339554: Rework if_ipsec(4) to use epoch(9) instead of rmlock..
Rework if_ipsec(4) to use epoch(9) instead of rmlock.
Sun, Oct 21, 6:24 PM
ae closed D17190: Rework if_ipsec(4) to use epoch(9)-based locking model..
Sun, Oct 21, 6:24 PM
ae committed rS339553: Add handling for appearing/disappearing of ingress addresses to if_me(4)..
Add handling for appearing/disappearing of ingress addresses to if_me(4).
Sun, Oct 21, 6:18 PM
ae committed rS339552: Add handling for appearing/disappearing of ingress addresses to if_gre(4)..
Add handling for appearing/disappearing of ingress addresses to if_gre(4).
Sun, Oct 21, 6:14 PM
ae closed D17214: Add handling for appearing/disappearing of ingress address for if_gre(4).
Sun, Oct 21, 6:13 PM
ae committed rS339551: Add handling for appearing/disappearing of ingress addresses to if_gif(4)..
Add handling for appearing/disappearing of ingress addresses to if_gif(4).
Sun, Oct 21, 6:06 PM
ae committed rS339550: Add KPI that can be used by tunneling interfaces to handle IP addresses.
Add KPI that can be used by tunneling interfaces to handle IP addresses
Sun, Oct 21, 5:55 PM
ae closed D17134: Implement handling for appearing/disappearing of ingress address for tunneling interfaces.
Sun, Oct 21, 5:55 PM
ae committed rS339545: Do not decrement RST life time if keep_alive is not turned on..
Do not decrement RST life time if keep_alive is not turned on.
Sun, Oct 21, 4:45 PM
ae committed rS339544: Call inet_ntop() only when its result is needed..
Call inet_ntop() only when its result is needed.
Sun, Oct 21, 4:38 PM
ae committed rS339542: Retire IPFIREWALL_NAT64_DIRECT_OUTPUT kernel option. And add ability.
Retire IPFIREWALL_NAT64_DIRECT_OUTPUT kernel option. And add ability
Sun, Oct 21, 4:29 PM
ae closed D16647: Add ability to switch the output method for NAT64 in run-time .
Sun, Oct 21, 4:29 PM
ae committed rS339539: Add IPFW_RULE_JUSTOPTS flag, that is used by ipfw(8) to mark rule,.
Add IPFW_RULE_JUSTOPTS flag, that is used by ipfw(8) to mark rule,
Sun, Oct 21, 3:11 PM
ae closed D17373: Add ability to show ipfw rules, that were added using new rule format (without generic rule body, just rule options).
Sun, Oct 21, 3:11 PM
ae committed rS339537: Add ifaddr_event_ext event. It is similar to ifaddr_event, but the.
Add ifaddr_event_ext event. It is similar to ifaddr_event, but the
Sun, Oct 21, 3:02 PM
ae closed D17100: Extend ifaddr_event to pass ifaddr and event type to handler.
Sun, Oct 21, 3:02 PM
ae committed rS339536: Fix grammar..
Fix grammar.
Sun, Oct 21, 2:48 PM
ae closed D17171: Do not allow use `create` keyword as hostname when ifconfig(8) invoked for already existing interface.
Sun, Oct 21, 2:41 PM
ae committed rS339535: Do not allow use `create` keyword as hostname when ifconfig(8) is invoked.
Do not allow use `create` keyword as hostname when ifconfig(8) is invoked
Sun, Oct 21, 2:41 PM
ae abandoned D17079: Add sadb_x_sa2 extension header to SADB_ACQUIRE request.

Committed in r339533.

Sun, Oct 21, 2:33 PM
ae committed rS339533: Add sadb_x_sa2 extension to SADB_ACQUIRE requests..
Add sadb_x_sa2 extension to SADB_ACQUIRE requests.
Sun, Oct 21, 2:19 PM

Mon, Oct 15

ae committed rS339357: Add extra parentheses to fix "versrcreach" opcode, (oif != NULL) should.
Add extra parentheses to fix "versrcreach" opcode, (oif != NULL) should
Mon, Oct 15, 10:26 AM

Fri, Oct 12

ae updated the diff for D17532: Implement net.inet.ip.fw.dyn_keep_states for all rule actions, not just for default_to_accept case.

Correct the size of allocated buffer to keep bitmask

Fri, Oct 12, 12:20 PM
ae created D17532: Implement net.inet.ip.fw.dyn_keep_states for all rule actions, not just for default_to_accept case.
Fri, Oct 12, 12:13 PM

Mon, Oct 8

ae added reviewers for D17394: Fix lock order reversal when calling defrouter_remove() from nd6_na_input(). nd6_na_input() can take lle lock before nd6 lock in certain cases.: markj, network.
Mon, Oct 8, 8:58 AM

Sun, Oct 7

ae accepted D17450: Fix three epoch leaks.
Sun, Oct 7, 5:54 PM

Thu, Oct 4

ae accepted D17406: Fix ips_localout counter for SCTP.

Looking at the how IP_FORWARDING flag is used, I think gif/gre/me interfaces should not use this flag. What you think?

Thu, Oct 4, 2:00 PM

Wed, Oct 3

ae committed rS339123: MFC r338947:.
MFC r338947:
Wed, Oct 3, 12:48 PM

Mon, Oct 1

ae added a reviewer for D17373: Add ability to show ipfw rules, that were added using new rule format (without generic rule body, just rule options): melifaro.
Mon, Oct 1, 3:48 PM
ae created D17373: Add ability to show ipfw rules, that were added using new rule format (without generic rule body, just rule options).
Mon, Oct 1, 3:44 PM
ae accepted D17357: Convert UDP length to host byte order.
Mon, Oct 1, 12:24 PM
ae committed rS339039: Add INP_INFO_WUNLOCK_ASSERT() macro and use it instead of.
Add INP_INFO_WUNLOCK_ASSERT() macro and use it instead of
Mon, Oct 1, 10:46 AM
ae closed D17335: Relax INP_INFO_UNLOCK_ASSERT() assertion in tcp_input() .
Mon, Oct 1, 10:46 AM
ae committed rS339037: MFC r313168 (by pkelsey):.
MFC r313168 (by pkelsey):
Mon, Oct 1, 9:41 AM
ae committed rS339036: MFC r338890:.
MFC r338890:
Mon, Oct 1, 8:49 AM

Sun, Sep 30

ae added a comment to D17335: Relax INP_INFO_UNLOCK_ASSERT() assertion in tcp_input() .

any objections?

Sun, Sep 30, 12:11 PM

Sat, Sep 29

ae accepted D17180: Fix changing the MTU for tun/tap devices via TUNSIFINFO/TAPSIFINFO iotcl.
Sat, Sep 29, 12:55 PM

Fri, Sep 28

ae committed rS338992: MFC r338857:.
MFC r338857:
Fri, Sep 28, 10:03 AM

Thu, Sep 27

ae created D17335: Relax INP_INFO_UNLOCK_ASSERT() assertion in tcp_input() .
Thu, Sep 27, 11:12 AM

Wed, Sep 26

ae committed rS338947: Add "src-ip" or "dst-ip" keyword to the output, when we are printing the.
Add "src-ip" or "dst-ip" keyword to the output, when we are printing the
Wed, Sep 26, 3:38 PM
ae closed D17302: Fix witness warning: uma_zalloc->witness_warn, exclusive sleep mutex xforms_list (IPsec transforms list).
Wed, Sep 26, 2:48 PM
ae committed rS338945: Fix witness warning in xform_init()..
Fix witness warning in xform_init().
Wed, Sep 26, 2:48 PM

Mon, Sep 24

ae added a comment to D17302: Fix witness warning: uma_zalloc->witness_warn, exclusive sleep mutex xforms_list (IPsec transforms list).
In D17302#368848, @bz wrote:

Moving functions should be a separate commit and not be mixed with the functional changes.

Mon, Sep 24, 6:00 PM
ae created D17302: Fix witness warning: uma_zalloc->witness_warn, exclusive sleep mutex xforms_list (IPsec transforms list).
Mon, Sep 24, 12:46 PM

Sat, Sep 22

ae committed rS338890: Update ifr_name before invoking IPSECSREQID ioctl, this fixes the case,.
Update ifr_name before invoking IPSECSREQID ioctl, this fixes the case,
Sat, Sep 22, 4:31 PM

Sep 21 2018

ae committed rS338857: Fix possible NULL pointer dereference in ffec_alloc_mbufcl()..
Fix possible NULL pointer dereference in ffec_alloc_mbufcl().
Sep 21 2018, 1:44 PM

Sep 20 2018

ae committed rS338839: Add new field max_hdrsize to struct encap_config..
Add new field max_hdrsize to struct encap_config.
Sep 20 2018, 7:45 PM
ae added a comment to D16654: IPv6 transport for bsnmp.

Hi, Harti, we have used IPv6 transport several weeks now, and it seems all works good. Do you want to see the full final patch that we use?

Sep 20 2018, 12:41 PM

Sep 19 2018

ae added a comment to D17180: Fix changing the MTU for tun/tap devices via TUNSIFINFO/TAPSIFINFO iotcl.

So I can update the patch to cover also if_tap.c, but for the other tunnelling interfaces could you elaborate why they are also affected?

Sep 19 2018, 5:18 PM
ae added a comment to D17230: Update udp6_output() inp locking to avoid concurrency issues with route cache updates.

Maybe add the macro to deduplicate the code? It repeats 4 times...

#define INP_COND_UNLOCK(inp, locked)   \
    if ((locked) == UH_WLOCKED)
        INP_WUNLOCK(inp);
    else
        INP_RUNLOCK(inp);
Sep 19 2018, 3:54 PM
ae added a comment to D17180: Fix changing the MTU for tun/tap devices via TUNSIFINFO/TAPSIFINFO iotcl.

It seems the problem, when old MTU is used after changing MTU on interface, also affects all tunneling interfaces gif, gre, ipsec etc. Also, for me it would be better to hide AF-related things like nd6_setmtu() in the rt_updatemtu() implementation.

Sep 19 2018, 2:37 PM

Sep 18 2018

ae created D17214: Add handling for appearing/disappearing of ingress address for if_gre(4).
Sep 18 2018, 10:34 AM
ae added a child revision for D17134: Implement handling for appearing/disappearing of ingress address for tunneling interfaces: D17214: Add handling for appearing/disappearing of ingress address for if_gre(4).
Sep 18 2018, 10:34 AM

Sep 17 2018

ae updated the diff for D17190: Rework if_ipsec(4) to use epoch(9)-based locking model..

Upload the full diff.

Sep 17 2018, 3:41 PM
ae updated the diff for D17190: Rework if_ipsec(4) to use epoch(9)-based locking model..

Deduplicate the code that deletes softc from srchash.
And add another IPSEC_WAIT() to fix possible race in ipsec_if_input().

Sep 17 2018, 3:37 PM
ae created D17190: Rework if_ipsec(4) to use epoch(9)-based locking model..
Sep 17 2018, 10:38 AM
ae committed rS338708: Restore outbound packets capturing for if_gre(4). It was missed in r335048..
Restore outbound packets capturing for if_gre(4). It was missed in r335048.
Sep 17 2018, 10:10 AM
ae added a reviewer for D17180: Fix changing the MTU for tun/tap devices via TUNSIFINFO/TAPSIFINFO iotcl: melifaro.
Sep 17 2018, 10:02 AM

Sep 14 2018

ae updated the summary of D17171: Do not allow use `create` keyword as hostname when ifconfig(8) invoked for already existing interface.
Sep 14 2018, 10:43 AM
ae created D17171: Do not allow use `create` keyword as hostname when ifconfig(8) invoked for already existing interface.
Sep 14 2018, 10:41 AM

Sep 12 2018

ae created D17134: Implement handling for appearing/disappearing of ingress address for tunneling interfaces.
Sep 12 2018, 4:13 PM

Sep 11 2018

ae added a reviewer for D17100: Extend ifaddr_event to pass ifaddr and event type to handler: np.
Sep 11 2018, 12:09 PM

Sep 10 2018

ae added a reviewer for D17100: Extend ifaddr_event to pass ifaddr and event type to handler: network.
Sep 10 2018, 12:49 PM
ae created D17100: Extend ifaddr_event to pass ifaddr and event type to handler.
Sep 10 2018, 12:48 PM

Sep 8 2018

ae created D17079: Add sadb_x_sa2 extension header to SADB_ACQUIRE request.
Sep 8 2018, 1:04 PM

Sep 5 2018

ae accepted D17039: Implement "ipfw fwd" for incoming IPv4 packets on fast forwarding path.
Sep 5 2018, 10:46 AM

Sep 4 2018

ae added inline comments to D16654: IPv6 transport for bsnmp.
Sep 4 2018, 1:48 PM

Sep 3 2018

ae accepted D17007: Appl RO_INVALIDATE_CACHE() to more netinet6 code.
Sep 3 2018, 5:24 PM
ae accepted D17005: Adjust inp_route to inp_route6 in netinet6 code.
Sep 3 2018, 5:23 PM
ae accepted D17004: Remove code duplicating in route.h.
Sep 3 2018, 5:20 PM

Aug 31 2018

ae added a comment to D16654: IPv6 transport for bsnmp.

So, local TCP communications using IPv6 link-local addresses also affected by routing caching. Note, should be used addresses that are configured on non-loopback interfaces.
Simple test:

Aug 31 2018, 7:53 AM
ae updated subscribers of D16654: IPv6 transport for bsnmp.
Aug 31 2018, 7:39 AM

Aug 30 2018

ae added a comment to D16654: IPv6 transport for bsnmp.

So, I finally found the cause of strange behavior. It is due to the route caching. Reverting of this change makes it working https://svnweb.freebsd.org/base/head/sys/netinet6/udp6_usrreq.c?r1=304545&r2=304713

Aug 30 2018, 2:25 PM

Aug 28 2018

ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 28 2018, 11:01 AM
ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 28 2018, 10:01 AM
ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 28 2018, 8:13 AM
ae committed rS338343: MFC r337736:.
MFC r337736:
Aug 28 2018, 7:24 AM

Aug 27 2018

ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 27 2018, 8:38 PM
ae added a comment to D16654: IPv6 transport for bsnmp.

Hi, Harti, can you upload the full patch that contains Makefile changes? :)

Aug 27 2018, 10:58 AM

Aug 23 2018

ae committed rS338244: MFC r337536:.
MFC r337536:
Aug 23 2018, 1:07 PM
ae added inline comments to D16851: Add support for header chain validation on IPv6 Fragments (RFC7112).
Aug 23 2018, 11:18 AM
ae added a comment to D16851: Add support for header chain validation on IPv6 Fragments (RFC7112).
In D16851#359111, @thj wrote:

What you think, if we make non-static ip6_checkfirstfrag() function, that can also be used by ipfw/pf/ipfil etc.?

I understand from conversations during BSDCam that ipfw relies on frag6 for fragment input processing.
I have no problem exposing this function for other users.

Aug 23 2018, 11:05 AM
ae added a comment to D16851: Add support for header chain validation on IPv6 Fragments (RFC7112).
In D16851#359108, @ae wrote:

Also, I think ipfw/pf needs an additional look to correctly handle this too.

Aug 23 2018, 10:50 AM
ae added a comment to D16851: Add support for header chain validation on IPv6 Fragments (RFC7112).

Also, I think ipfw/pf needs an additional look to correctly handle this too.

Aug 23 2018, 10:47 AM

Aug 22 2018

ae added a comment to D16808: fix vlan locking to permit sx acquisition in ioctl calls.

@ae tested the original diff (D11370) and found that the lock overhead did have a measurable decrease in their forwarding performance. I'd be curious to see if there's a win here in taking the liveness-locking back out.

Aug 22 2018, 3:39 PM
ae added inline comments to D16808: fix vlan locking to permit sx acquisition in ioctl calls.
Aug 22 2018, 12:47 PM

Aug 16 2018

ae added a comment to D16654: IPv6 transport for bsnmp.

I'll try to use this patch in several days and will report.

Aug 16 2018, 1:22 PM
ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 16 2018, 1:20 PM
ae committed rS337902: MFC r337469:.
MFC r337469:
Aug 16 2018, 9:42 AM
ae committed rS337900: Properly initialize IP version in IPv6 header. This was missed in r334673..
Properly initialize IP version in IPv6 header. This was missed in r334673.
Aug 16 2018, 9:19 AM

Aug 14 2018

ae committed rS337736: Restore ability to send ICMP and ICMPv6 redirects..
Restore ability to send ICMP and ICMPv6 redirects.
Aug 14 2018, 7:54 AM

Aug 12 2018

ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 12 2018, 4:52 PM
ae added a comment to D16654: IPv6 transport for bsnmp.

Sure the interface index is not the best thing in a config file, but this is how all the interface-related stuff in SNMP works. The primary key is the interface index. As far as I understand it was once supposed to be constant even through reboots, but this is obviously not the case anymore. I see several options to make this more useable:

  • use the dns(16) address type. This allows using interface names for the scope of link local addresses.
  • add functions to the config parser. One function might resolve interface names or descriptions to interfaces indexes.
  • add functionality for GET/GETNEXT to the config parser. This is more tricky than it seems since this requires more control of the initialization order.
Aug 12 2018, 4:44 PM

Aug 10 2018

ae committed rS337574: Restore the behaviour changed in r337536, when bad `ipfw delete` command.
Restore the behaviour changed in r337536, when bad `ipfw delete` command
Aug 10 2018, 2:10 PM
ae added a comment to D16654: IPv6 transport for bsnmp.

Hi, Harti, while I was on the vacation, you made the patch :)
You can take a look to what I did before the vacation https://people.freebsd.org/~ae/bsnmpd_ipv6.diff
It is incomplete, but I started to make it differently. Maybe you will find something interesting.

Aug 10 2018, 10:37 AM
ae added inline comments to D16654: IPv6 transport for bsnmp.
Aug 10 2018, 10:28 AM
ae committed rS337568: Remove unneeded ipsec-related includes..
Remove unneeded ipsec-related includes.
Aug 10 2018, 7:24 AM