- User Since
- Sep 28 2014, 7:22 PM (398 w, 2 d)
Sat, May 14
Fri, May 13
Thu, May 12
Mostly LGTM too.
Wed, May 11
- add NET_EPOCH_ASSERT
- return 'int' for errors rather than 'bool'
Change return type to int, to clarify that this is an error return.
Tue, May 10
- Separate counters for allocation failures
- Use array for counters for simplified init and cleanup
Sat, May 7
I strongly suspect the sorting is slow because the sorting algorithm is incorrectly implemented, and it's doing a *lot* more work than it needs to do. I recommend investigating that first, because making the sorting faster is a lot less controversial than not sorting in certain circumstances.
Isn't there room for improving sortifaddrs() so it works well on machines with many addresses? It's not ideal to only sort some of the time, and it really shouldn't take all that long to sort 4000 elements.
Fri, May 6
Thu, May 5
Wed, May 4
Fri, Apr 29
Thu, Apr 28
Work started in 2021, so 2021-2022 is more appropriate.
Clear checksum flags from the mbuf. We don't do any checksum verification, and
the checksum flags for the outer layer IP(v6)/tcp|udp packets are no longer
Wed, Apr 27
- Don't reset the timeout callout for every packet
- Ensure softc and peer don't get deleted while crypto operations are running.
Tue, Apr 26
I've posted a first simple test case in D35067.
(In progress, I owe you a few more fixes.)
Mon, Apr 25
- review remarks
Sat, Apr 23
Fri, Apr 22
- review remarks
- fix crash (The default rule V_pf_default_rule is initialised separately, and did not have timestamp allocated)
- Only print the date, not the timestamp for users
- If the rule was never hit show 'N/A'
I'm going to propose a tweaked version.
Thu, Apr 21
For those following along at home, this is getting pretty close to done, so if you want to review it now is a good time. It's probably going to land soon.
- fix send_ping, where we can't do a route lookup, because it's not an IP packet. Send directly to the correct peer.
- Don't bring the link down when the last peer disconnects
- fully remove peers when they time out, don't only notify userspace about it
- cope with not having keys, which can happen if userspace decides to delete them