Revision tags: release/4.9.0_cvs, release/4.9.0, release/5.1.0_cvs, release/5.1.0, release/4.8.0_cvs, release/4.8.0 |
|
#
2c56e246 |
| 02-Apr-2003 |
Matthew N. Dodd <mdodd@FreeBSD.org> |
Back out support for RFC3514.
RFC3514 poses an unacceptale risk to compliant systems.
|
#
8faf6df9 |
| 02-Apr-2003 |
Matthew N. Dodd <mdodd@FreeBSD.org> |
Sync constant define with NetBSD.
Requested by: Tom Spindler <dogcow@babymeat.com>
|
#
09139a45 |
| 01-Apr-2003 |
Matthew N. Dodd <mdodd@FreeBSD.org> |
Implement support for RFC 3514 (The Security Flag in the IPv4 Header). (See: ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt)
This fulfills the host requirements for userland support by way of the set
Implement support for RFC 3514 (The Security Flag in the IPv4 Header). (See: ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt)
This fulfills the host requirements for userland support by way of the setsockopt() IP_EVIL_INTENT message.
There are three sysctl tunables provided to govern system behavior.
net.inet.ip.rfc3514:
Enables support for rfc3514. As this is an Informational RFC and support is not yet widespread this option is disabled by default.
net.inet.ip.hear_no_evil
If set the host will discard all received evil packets.
net.inet.ip.speak_no_evil
If set the host will discard all transmitted evil packets.
The IP statistics counter 'ips_evil' (available via 'netstat') provides information on the number of 'evil' packets recieved.
For reference, the '-E' option to 'ping' has been provided to demonstrate and test the implementation.
show more ...
|
#
aecfcdb8 |
| 22-Mar-2003 |
Maxime Henrion <mux@FreeBSD.org> |
Use __packed instead of __attribute__((__packed__)).
|
Revision tags: release/5.0.0_cvs, release/5.0.0 |
|
#
53be11f6 |
| 21-Oct-2002 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Fix two instances of variant struct definitions in sys/netinet:
Remove the never completed _IP_VHL version, it has not caught on anywhere and it would make us incompatible with other BSD netstacks t
Fix two instances of variant struct definitions in sys/netinet:
Remove the never completed _IP_VHL version, it has not caught on anywhere and it would make us incompatible with other BSD netstacks to retain this version.
Add a CTASSERT protecting sizeof(struct ip) == 20.
Don't let the size of struct ipq depend on the IPDIVERT option.
This is a functional no-op commit.
Approved by: re
show more ...
|
Revision tags: release/4.7.0_cvs, release/4.6.2_cvs, release/4.6.2, release/4.6.1, release/4.6.0_cvs, release/4.5.0_cvs, release/4.4.0_cvs |
|
#
365979cd |
| 14-Dec-2001 |
Robert Watson <rwatson@FreeBSD.org> |
o Add IPOPT_ESO for the 'Extended Security' IP option (RFC1108)
Obtained from: TrustedBSD Project
|
#
18e2b6a9 |
| 14-Dec-2001 |
Robert Watson <rwatson@FreeBSD.org> |
o Add definition for IPOPT_CIPSO, the commercial security IP option number.
Submitted by: Ilmar S. Habibulin <ilmar@watson.org> Obtained from: TrustedBSD Project
|
Revision tags: release/4.3.0_cvs, release/4.3.0, release/4.2.0, release/4.1.1_cvs, release/4.1.0, release/3.5.0_cvs, release/4.0.0_cvs |
|
#
6a800098 |
| 22-Dec-1999 |
Yoshinobu Inoue <shin@FreeBSD.org> |
IPSEC support in the kernel. pr_input() routines prototype is also changed to support IPSEC and IPV6 chained protocol headers.
Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
|
Revision tags: release/3.4.0_cvs, release/3.3.0_cvs |
|
#
c3aac50f |
| 28-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
Revision tags: release/3.2.0, release/3.1.0, release/3.0.0, release/2.2.8, release/2.2.7 |
|
#
57d05a62 |
| 07-Jun-1998 |
Bruce Evans <bde@FreeBSD.org> |
Fixed pedantic semantics errors (bitfields not of type int, signed int or unsigned int).
|
Revision tags: release/2.2.6 |
|
#
c383a33f |
| 26-Feb-1998 |
Dima Ruban <dima@FreeBSD.org> |
NetBSD PR# 2772
Reviewed by: David Greenman
|
#
d342b533 |
| 20-Dec-1997 |
Bruce Evans <bde@FreeBSD.org> |
Removed a stale comment. (We don't declare ip_len and ip_offset as short. I guess we depend on bogus ANSI value-preserving extension of u_short to int to avoid unsigned comparison bugs.)
|
Revision tags: release/2.2.5_cvs, release/2.2.2_cvs, release/2.2.1_cvs, release/2.2.0, release/2.1.7_cvs |
|
#
6875d254 |
| 22-Feb-1997 |
Peter Wemm <peter@FreeBSD.org> |
Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not ready for it yet.
|
Revision tags: release/2.1.6_cvs, release/2.1.6.1 |
|
#
1130b656 |
| 14-Jan-1997 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
show more ...
|
#
64682bc2 |
| 23-Oct-1996 |
Garrett Wollman <wollman@FreeBSD.org> |
Give ip_len and ip_off more natural, unsigned types.
|
Revision tags: release/2.1.5_cvs |
|
#
61e5033f |
| 18-Apr-1996 |
Garrett Wollman <wollman@FreeBSD.org> |
Define a few macros useful in the _IP_VHL case.
|
#
49fa849b |
| 14-Mar-1996 |
Bill Fenner <fenner@FreeBSD.org> |
IGMPv2 routines rewritten, to be more compact and to fully comply with the IGMPv2 Internet Draft (including Router Alert IP option)
|
Revision tags: release/2.1.0_cvs |
|
#
1814a725 |
| 21-Dec-1995 |
Garrett Wollman <wollman@FreeBSD.org> |
If _IP_VHL is defined, declare a single ip_vhl member in struct ip rather than separate ip_v and ip_hl members. Should have no effect on current code, but I'd eventually like to get rid of those obn
If _IP_VHL is defined, declare a single ip_vhl member in struct ip rather than separate ip_v and ip_hl members. Should have no effect on current code, but I'd eventually like to get rid of those obnoxious bitfields completely.
show more ...
|
#
3271ad14 |
| 21-Sep-1995 |
Garrett Wollman <wollman@FreeBSD.org> |
Merge 4.4-Lite-2 by updating the version number.
Obtained from: 4.4BSD-Lite-2
|
#
efe4b0eb |
| 21-Sep-1995 |
Garrett Wollman <wollman@FreeBSD.org> |
Second try: get 4.4-Lite-2 into the source tree. The conflicts don't matter because none of our working source files are on the CSRG branch any more.
Obtained from: 4.4BSD-Lite-2
|
Revision tags: release/2.0.5_cvs |
|
#
9b2e5354 |
| 30-May-1995 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
Remove trailing whitespace.
|
#
2ee32961 |
| 05-May-1995 |
Andrey A. Chernov <ache@FreeBSD.org> |
Add IPTOS_MINCOST according to RFC 1349 Change IPTOS_PREC_ROUTINE to 0 (was conflict with IPTOS_LOWDELAY) according to RFC 791 (unchanged since it) and BSDI 2.0 style Submitted by: Igor Sviridov <sia
Add IPTOS_MINCOST according to RFC 1349 Change IPTOS_PREC_ROUTINE to 0 (was conflict with IPTOS_LOWDELAY) according to RFC 791 (unchanged since it) and BSDI 2.0 style Submitted by: Igor Sviridov <siac@ua.net>
show more ...
|
Revision tags: release/2.0 |
|
#
707f139e |
| 21-Aug-1994 |
Paul Richards <paul@FreeBSD.org> |
Made idempotent.
Submitted by: Paul
|
#
3c4dd356 |
| 02-Aug-1994 |
David Greenman <dg@FreeBSD.org> |
Added $Id$
|
Revision tags: release/1.1.5.1_cvs |
|
#
df8bae1d |
| 24-May-1994 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
BSD 4.4 Lite Kernel Sources
|