Date: Fri, 5 Dec 2008 07:42:54 +0000 (UTC) From: Kip Macy <kmacy@FreeBSD.org> To: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: svn commit: r185629 - in user/kmacy/HEAD_fast_multi_xmit/sys: netinet netipsec sparc64/conf sparc64/include sparc64/pci sparc64/sparc64 Message-ID: <200812050742.mB57gsnh046998@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kmacy Date: Fri Dec 5 07:42:54 2008 New Revision: 185629 URL: http://svn.freebsd.org/changeset/base/185629 Log: IFC 184756:185625 part 4 Added: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_hostcache.h Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/if_ether.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/igmp.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_gif.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_mcast.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_pcb.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_pcb.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_proto.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_rmx.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_var.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip6.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_carp.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_divert.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fastfwd.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fw2.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fw_pfil.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_icmp.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_icmp.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_input.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_ipsec.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_mroute.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_options.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_output.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_var.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/raw_ip.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/sctp_constants.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/sctp_indata.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/sctp_input.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/sctp_os_bsd.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/sctp_pcb.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/sctp_pcb.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/sctp_usrreq.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/sctputil.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_hostcache.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_input.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_offload.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_output.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_reass.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_sack.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_subr.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_syncache.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_timer.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_timewait.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_usrreq.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/tcp_var.h user/kmacy/HEAD_fast_multi_xmit/sys/netinet/udp_usrreq.c user/kmacy/HEAD_fast_multi_xmit/sys/netinet/vinet.h user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/ipsec.c user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/ipsec.h user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/ipsec6.h user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/ipsec_input.c user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/ipsec_output.c user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/key.c user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/keysock.c user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/keysock.h user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/vipsec.h user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/xform_ah.c user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/xform_esp.c user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/xform_ipcomp.c user/kmacy/HEAD_fast_multi_xmit/sys/netipsec/xform_ipip.c user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/conf/GENERIC user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/include/atomic.h user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/include/intr_machdep.h user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/include/iommureg.h user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/include/iommuvar.h user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/pci/schizo.c user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/pci/schizoreg.h user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/pci/schizovar.h user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/sparc64/elf_machdep.c user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/sparc64/intr_machdep.c user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/sparc64/iommu.c user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/sparc64/machdep.c user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/sparc64/nexus.c user/kmacy/HEAD_fast_multi_xmit/sys/sparc64/sparc64/support.S Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/if_ether.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/if_ether.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/if_ether.c Fri Dec 5 07:42:54 2008 (r185629) @@ -61,10 +61,12 @@ __FBSDID("$FreeBSD$"); #include <net/netisr.h> #include <net/if_llc.h> #include <net/ethernet.h> +#include <net/vnet.h> #include <netinet/in.h> #include <netinet/in_var.h> #include <netinet/if_ether.h> +#include <netinet/vinet.h> #include <net/if_arc.h> #include <net/iso88025.h> @@ -82,10 +84,15 @@ SYSCTL_DECL(_net_link_ether); SYSCTL_NODE(_net_link_ether, PF_INET, inet, CTLFLAG_RW, 0, ""); /* timer values */ -static int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ +#ifdef VIMAGE_GLOBALS +static int arpt_keep; /* once resolved, good for 20 more minutes */ +static int arp_maxtries; +static int useloopback; /* use loopback interface for local traffic */ +static int arp_proxyall; +#endif -SYSCTL_INT(_net_link_ether_inet, OID_AUTO, max_age, CTLFLAG_RW, - &arpt_keep, 0, "ARP entry lifetime in seconds"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, max_age, + CTLFLAG_RW, arpt_keep, 0, "ARP entry lifetime in seconds"); #define rt_expire rt_rmx.rmx_expire @@ -99,10 +106,6 @@ struct llinfo_arp { static struct ifqueue arpintrq; -static int arp_maxtries = 5; -static int useloopback = 1; /* use loopback interface for local traffic */ -static int arp_proxyall = 0; - SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_RW, arp_maxtries, 0, "ARP resolution attempts before returning error"); @@ -1082,6 +1085,12 @@ arp_ifinit2(struct ifnet *ifp, struct if static void arp_init(void) { + INIT_VNET_INET(curvnet); + + V_arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ + V_arp_maxtries = 5; + V_useloopback = 1; /* use loopback interface for local traffic */ + V_arp_proxyall = 0; arpintrq.ifq_maxlen = 50; mtx_init(&arpintrq.ifq_mtx, "arp_inq", NULL, MTX_DEF); Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/igmp.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/igmp.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/igmp.c Fri Dec 5 07:42:54 2008 (r185629) @@ -61,6 +61,7 @@ __FBSDID("$FreeBSD$"); #include <net/if.h> #include <net/route.h> +#include <net/vnet.h> #include <netinet/in.h> #include <netinet/in_var.h> @@ -70,6 +71,7 @@ __FBSDID("$FreeBSD$"); #include <netinet/ip_options.h> #include <netinet/igmp.h> #include <netinet/igmp_var.h> +#include <netinet/vinet.h> #include <machine/in_cksum.h> @@ -80,7 +82,9 @@ static MALLOC_DEFINE(M_IGMP, "igmp", "ig static struct router_info *find_rti(struct ifnet *ifp); static void igmp_sendpkt(struct in_multi *, int, unsigned long); +#ifdef VIMAGE_GLOBALS static struct igmpstat igmpstat; +#endif SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_igmp, IGMPCTL_STATS, stats, CTLFLAG_RW, igmpstat, igmpstat, ""); @@ -92,8 +96,10 @@ SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_i * reference counting is used. We allow unlocked reads of router_info data * when accessed via an in_multi read-only. */ -static struct mtx igmp_mtx; +#ifdef VIMAGE_GLOBALS static SLIST_HEAD(, router_info) router_info_head; +#endif +static struct mtx igmp_mtx; static int igmp_timers_are_running; /* Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in.c Fri Dec 5 07:42:54 2008 (r185629) @@ -53,6 +53,7 @@ __FBSDID("$FreeBSD$"); #include <netinet/in_var.h> #include <netinet/in_pcb.h> #include <netinet/ip_var.h> +#include <netinet/vinet.h> static int in_mask2len(struct in_addr *); static void in_len2mask(struct in_addr *, int); @@ -66,18 +67,19 @@ static int in_ifinit(struct ifnet *, struct in_ifaddr *, struct sockaddr_in *, int); static void in_purgemaddrs(struct ifnet *); -static int subnetsarelocal = 0; +#ifdef VIMAGE_GLOBALS +static int subnetsarelocal; +static int sameprefixcarponly; +extern struct inpcbinfo ripcbinfo; +#endif + SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, subnets_are_local, CTLFLAG_RW, subnetsarelocal, 0, "Treat all subnets as directly connected"); -static int sameprefixcarponly = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, same_prefix_carp_only, CTLFLAG_RW, sameprefixcarponly, 0, "Refuse to create same prefixes on different interfaces"); -extern struct inpcbinfo ripcbinfo; -extern struct inpcbinfo udbinfo; - /* * Return 1 if an internet address is for a ``local'' host * (one to which we have a connection). If subnetsarelocal Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in.h ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in.h Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in.h Fri Dec 5 07:42:54 2008 (r185629) @@ -743,8 +743,4 @@ void in_ifdetach(struct ifnet *); #undef __KAME_NETINET_IN_H_INCLUDED_ #endif -#ifdef _KERNEL -#include <netinet/vinet.h> -#endif - #endif /* !_NETINET_IN_H_*/ Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_gif.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_gif.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_gif.c Fri Dec 5 07:42:54 2008 (r185629) @@ -59,6 +59,7 @@ __FBSDID("$FreeBSD$"); #include <netinet/in_var.h> #include <netinet/ip_encap.h> #include <netinet/ip_ecn.h> +#include <netinet/vinet.h> #ifdef INET6 #include <netinet/ip6.h> @@ -85,7 +86,9 @@ struct protosw in_gif_protosw = { .pr_usrreqs = &rip_usrreqs }; -static int ip_gif_ttl = GIF_TTL; +#ifdef VIMAGE_GLOBALS +extern int ip_gif_ttl; +#endif SYSCTL_V_INT(V_NET, vnet_gif, _net_inet_ip, IPCTL_GIF_TTL, gifttl, CTLFLAG_RW, ip_gif_ttl, 0, ""); Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_mcast.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_mcast.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_mcast.c Fri Dec 5 07:42:54 2008 (r185629) @@ -53,6 +53,7 @@ __FBSDID("$FreeBSD$"); #include <net/if.h> #include <net/if_dl.h> #include <net/route.h> +#include <net/vnet.h> #include <netinet/in.h> #include <netinet/in_systm.h> @@ -60,6 +61,7 @@ __FBSDID("$FreeBSD$"); #include <netinet/in_var.h> #include <netinet/ip_var.h> #include <netinet/igmp_var.h> +#include <netinet/vinet.h> #ifndef __SOCKUNION_DECLARED union sockunion { @@ -86,7 +88,9 @@ static MALLOC_DEFINE(M_IPMSOURCE, "in_ms * ip_output() to send IGMP packets while holding the lock; this probably is * not quite desirable. */ +#ifdef VIMAGE_GLOBALS struct in_multihead in_multihead; /* XXX BSS initialization */ +#endif struct mtx in_multi_mtx; MTX_SYSINIT(in_multi_mtx, &in_multi_mtx, "in_multi_mtx", MTX_DEF | MTX_RECURSE); Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_pcb.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_pcb.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_pcb.c Fri Dec 5 07:42:54 2008 (r185629) @@ -71,9 +71,11 @@ __FBSDID("$FreeBSD$"); #include <netinet/tcp_var.h> #include <netinet/udp.h> #include <netinet/udp_var.h> +#include <netinet/vinet.h> #ifdef INET6 #include <netinet/ip6.h> #include <netinet6/ip6_var.h> +#include <netinet6/vinet6.h> #endif /* INET6 */ @@ -84,32 +86,34 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> +#ifdef VIMAGE_GLOBALS /* * These configure the range of local port addresses assigned to * "unspecified" outgoing connections/packets/whatever. */ -int ipport_lowfirstauto = IPPORT_RESERVED - 1; /* 1023 */ -int ipport_lowlastauto = IPPORT_RESERVEDSTART; /* 600 */ -int ipport_firstauto = IPPORT_EPHEMERALFIRST; /* 10000 */ -int ipport_lastauto = IPPORT_EPHEMERALLAST; /* 65535 */ -int ipport_hifirstauto = IPPORT_HIFIRSTAUTO; /* 49152 */ -int ipport_hilastauto = IPPORT_HILASTAUTO; /* 65535 */ +int ipport_lowfirstauto; +int ipport_lowlastauto; +int ipport_firstauto; +int ipport_lastauto; +int ipport_hifirstauto; +int ipport_hilastauto; /* * Reserved ports accessible only to root. There are significant * security considerations that must be accounted for when changing these, * but the security benefits can be great. Please be careful. */ -int ipport_reservedhigh = IPPORT_RESERVED - 1; /* 1023 */ -int ipport_reservedlow = 0; +int ipport_reservedhigh; +int ipport_reservedlow; /* Variables dealing with random ephemeral port allocation. */ -int ipport_randomized = 1; /* user controlled via sysctl */ -int ipport_randomcps = 10; /* user controlled via sysctl */ -int ipport_randomtime = 45; /* user controlled via sysctl */ -int ipport_stoprandom = 0; /* toggled by ipport_tick */ +int ipport_randomized; +int ipport_randomcps; +int ipport_randomtime; +int ipport_stoprandom; int ipport_tcpallocs; int ipport_tcplastcount; +#endif #define RANGECHK(var, min, max) \ if ((var) < (min)) { (var) = (min); } \ @@ -118,6 +122,7 @@ int ipport_tcplastcount; static int sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int error; error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); @@ -291,7 +296,7 @@ in_pcbbind_setup(struct inpcb *inp, stru struct in_addr laddr; u_short lport = 0; int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); - int error, prison = 0; + int error; int dorandom; /* @@ -320,9 +325,8 @@ in_pcbbind_setup(struct inpcb *inp, stru if (sin->sin_family != AF_INET) return (EAFNOSUPPORT); #endif - if (sin->sin_addr.s_addr != INADDR_ANY) - if (prison_ip(cred, 0, &sin->sin_addr.s_addr)) - return(EINVAL); + if (prison_local_ip4(cred, &sin->sin_addr)) + return (EINVAL); if (sin->sin_port != *lportp) { /* Don't allow the port to change. */ if (*lportp != 0) @@ -357,14 +361,11 @@ in_pcbbind_setup(struct inpcb *inp, stru priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT, 0)) return (EACCES); - if (jailed(cred)) - prison = 1; if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) && priv_check_cred(inp->inp_cred, PRIV_NETINET_REUSEPORT, 0) != 0) { t = in_pcblookup_local(pcbinfo, sin->sin_addr, - lport, prison ? 0 : INPLOOKUP_WILDCARD, - cred); + lport, INPLOOKUP_WILDCARD, cred); /* * XXX * This entire block sorely needs a rewrite. @@ -381,10 +382,10 @@ in_pcbbind_setup(struct inpcb *inp, stru t->inp_cred->cr_uid)) return (EADDRINUSE); } - if (prison && prison_ip(cred, 0, &sin->sin_addr.s_addr)) + if (prison_local_ip4(cred, &sin->sin_addr)) return (EADDRNOTAVAIL); t = in_pcblookup_local(pcbinfo, sin->sin_addr, - lport, prison ? 0 : wild, cred); + lport, wild, cred); if (t && (t->inp_vflag & INP_TIMEWAIT)) { /* * XXXRW: If an incpb has had its timewait @@ -416,9 +417,8 @@ in_pcbbind_setup(struct inpcb *inp, stru u_short first, last, aux; int count; - if (laddr.s_addr != INADDR_ANY) - if (prison_ip(cred, 0, &laddr.s_addr)) - return (EINVAL); + if (prison_local_ip4(cred, &laddr)) + return (EINVAL); if (inp->inp_flags & INP_HIGHPORT) { first = V_ipport_hifirstauto; /* sysctl */ @@ -484,7 +484,7 @@ in_pcbbind_setup(struct inpcb *inp, stru } while (in_pcblookup_local(pcbinfo, laddr, lport, wild, cred)); } - if (prison_ip(cred, 0, &laddr.s_addr)) + if (prison_local_ip4(cred, &laddr)) return (EINVAL); *laddrp = laddr.s_addr; *lportp = lport; @@ -553,7 +553,7 @@ in_pcbladdr(struct inpcb *inp, struct in struct route sro; int error; - KASSERT(laddr != NULL, ("%s: null laddr", __func__)); + KASSERT(laddr != NULL, ("%s: laddr NULL", __func__)); error = 0; ia = NULL; @@ -605,7 +605,7 @@ in_pcbladdr(struct inpcb *inp, struct in if (sa->sa_family != AF_INET) continue; sin = (struct sockaddr_in *)sa; - if (htonl(prison_getip(cred)) == sin->sin_addr.s_addr) { + if (prison_check_ip4(cred, &sin->sin_addr)) { ia = (struct in_ifaddr *)ifa; break; } @@ -616,7 +616,8 @@ in_pcbladdr(struct inpcb *inp, struct in } /* 3. As a last resort return the 'default' jail address. */ - laddr->s_addr = htonl(prison_getip(cred)); + if (prison_getip4(cred, laddr) != 0) + error = EADDRNOTAVAIL; goto done; } @@ -641,7 +642,7 @@ in_pcbladdr(struct inpcb *inp, struct in /* Jailed. */ /* 1. Check if the iface address belongs to the jail. */ sin = (struct sockaddr_in *)sro.ro_rt->rt_ifa->ifa_addr; - if (htonl(prison_getip(cred)) == sin->sin_addr.s_addr) { + if (prison_check_ip4(cred, &sin->sin_addr)) { ia = (struct in_ifaddr *)sro.ro_rt->rt_ifa; laddr->s_addr = ia->ia_addr.sin_addr.s_addr; goto done; @@ -657,7 +658,7 @@ in_pcbladdr(struct inpcb *inp, struct in if (sa->sa_family != AF_INET) continue; sin = (struct sockaddr_in *)sa; - if (htonl(prison_getip(cred)) == sin->sin_addr.s_addr) { + if (prison_check_ip4(cred, &sin->sin_addr)) { ia = (struct in_ifaddr *)ifa; break; } @@ -668,7 +669,8 @@ in_pcbladdr(struct inpcb *inp, struct in } /* 3. As a last resort return the 'default' jail address. */ - laddr->s_addr = htonl(prison_getip(cred)); + if (prison_getip4(cred, laddr) != 0) + error = EADDRNOTAVAIL; goto done; } @@ -714,8 +716,7 @@ in_pcbladdr(struct inpcb *inp, struct in if (sa->sa_family != AF_INET) continue; sin = (struct sockaddr_in *)sa; - if (htonl(prison_getip(cred)) == - sin->sin_addr.s_addr) { + if (prison_check_ip4(cred, &sin->sin_addr)) { ia = (struct in_ifaddr *)ifa; break; } @@ -727,7 +728,8 @@ in_pcbladdr(struct inpcb *inp, struct in } /* 3. As a last resort return the 'default' jail address. */ - laddr->s_addr = htonl(prison_getip(cred)); + if (prison_getip4(cred, laddr) != 0) + error = EADDRNOTAVAIL; goto done; } @@ -761,7 +763,7 @@ in_pcbconnect_setup(struct inpcb *inp, s struct sockaddr_in *sin = (struct sockaddr_in *)nam; struct in_ifaddr *ia; struct inpcb *oinp; - struct in_addr laddr, faddr; + struct in_addr laddr, faddr, jailia; u_short lport, fport; int error; @@ -793,9 +795,17 @@ in_pcbconnect_setup(struct inpcb *inp, s * and the primary interface supports broadcast, * choose the broadcast address for that interface. */ - if (faddr.s_addr == INADDR_ANY) - faddr = IA_SIN(TAILQ_FIRST(&V_in_ifaddrhead))->sin_addr; - else if (faddr.s_addr == (u_long)INADDR_BROADCAST && + if (faddr.s_addr == INADDR_ANY) { + if (cred != NULL && jailed(cred)) { + if (prison_getip4(cred, &jailia) != 0) + return (EADDRNOTAVAIL); + faddr.s_addr = jailia.s_addr; + } else { + faddr = + IA_SIN(TAILQ_FIRST(&V_in_ifaddrhead))-> + sin_addr; + } + } else if (faddr.s_addr == (u_long)INADDR_BROADCAST && (TAILQ_FIRST(&V_in_ifaddrhead)->ia_ifp->if_flags & IFF_BROADCAST)) faddr = satosin(&TAILQ_FIRST( @@ -875,7 +885,7 @@ void in_pcbdetach(struct inpcb *inp) { - KASSERT(inp->inp_socket != NULL, ("in_pcbdetach: inp_socket == NULL")); + KASSERT(inp->inp_socket != NULL, ("%s: inp_socket == NULL", __func__)); inp->inp_socket->so_pcb = NULL; inp->inp_socket = NULL; @@ -890,16 +900,23 @@ in_pcbfree(struct inpcb *inp) { struct inpcbinfo *ipi = inp->inp_pcbinfo; - KASSERT(inp->inp_socket == NULL, ("in_pcbfree: inp_socket != NULL")); + KASSERT(inp->inp_socket == NULL, ("%s: inp_socket != NULL", __func__)); INP_INFO_WLOCK_ASSERT(ipi); INP_WLOCK_ASSERT(inp); #ifdef IPSEC - ipsec4_delete_pcbpolicy(inp); -#endif /*IPSEC*/ + if (inp->inp_sp != NULL) + ipsec_delete_pcbpolicy(inp); +#endif /* IPSEC */ inp->inp_gencnt = ++ipi->ipi_gencnt; in_pcbremlists(inp); +#ifdef INET6 + if (inp->inp_vflag & INP_IPV6PROTO) { + ip6_freepcbopts(inp->in6p_outputopts); + ip6_freemoptions(inp->in6p_moptions); + } +#endif if (inp->inp_options) (void)m_free(inp->inp_options); if (inp->inp_moptions != NULL) @@ -1105,6 +1122,7 @@ in_pcblookup_local(struct inpcbinfo *pcb 0, pcbinfo->ipi_hashmask)]; LIST_FOREACH(inp, head, inp_hash) { #ifdef INET6 + /* XXX inp locking */ if ((inp->inp_vflag & INP_IPV4) == 0) continue; #endif @@ -1112,9 +1130,11 @@ in_pcblookup_local(struct inpcbinfo *pcb inp->inp_laddr.s_addr == laddr.s_addr && inp->inp_lport == lport) { /* - * Found. + * Found? */ - return (inp); + if (cred == NULL || + inp->inp_cred->cr_prison == cred->cr_prison) + return (inp); } } /* @@ -1144,7 +1164,11 @@ in_pcblookup_local(struct inpcbinfo *pcb */ LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { wildcard = 0; + if (cred != NULL && + inp->inp_cred->cr_prison != cred->cr_prison) + continue; #ifdef INET6 + /* XXX inp locking */ if ((inp->inp_vflag & INP_IPV4) == 0) continue; /* @@ -1177,9 +1201,8 @@ in_pcblookup_local(struct inpcbinfo *pcb if (wildcard < matchwild) { match = inp; matchwild = wildcard; - if (matchwild == 0) { + if (matchwild == 0) break; - } } } } @@ -1197,7 +1220,7 @@ in_pcblookup_hash(struct inpcbinfo *pcbi struct ifnet *ifp) { struct inpcbhead *head; - struct inpcb *inp; + struct inpcb *inp, *tmpinp; u_short fport = fport_arg, lport = lport_arg; INP_INFO_LOCK_ASSERT(pcbinfo); @@ -1205,60 +1228,108 @@ in_pcblookup_hash(struct inpcbinfo *pcbi /* * First look for an exact match. */ + tmpinp = NULL; head = &pcbinfo->ipi_hashbase[INP_PCBHASH(faddr.s_addr, lport, fport, pcbinfo->ipi_hashmask)]; LIST_FOREACH(inp, head, inp_hash) { #ifdef INET6 + /* XXX inp locking */ if ((inp->inp_vflag & INP_IPV4) == 0) continue; #endif if (inp->inp_faddr.s_addr == faddr.s_addr && inp->inp_laddr.s_addr == laddr.s_addr && inp->inp_fport == fport && - inp->inp_lport == lport) - return (inp); + inp->inp_lport == lport) { + /* + * XXX We should be able to directly return + * the inp here, without any checks. + * Well unless both bound with SO_REUSEPORT? + */ + if (jailed(inp->inp_cred)) + return (inp); + if (tmpinp == NULL) + tmpinp = inp; + } } + if (tmpinp != NULL) + return (tmpinp); /* * Then look for a wildcard match, if requested. */ - if (wildcard) { - struct inpcb *local_wild = NULL; + if (wildcard == INPLOOKUP_WILDCARD) { + struct inpcb *local_wild = NULL, *local_exact = NULL; #ifdef INET6 struct inpcb *local_wild_mapped = NULL; #endif + struct inpcb *jail_wild = NULL; + int injail; + + /* + * Order of socket selection - we always prefer jails. + * 1. jailed, non-wild. + * 2. jailed, wild. + * 3. non-jailed, non-wild. + * 4. non-jailed, wild. + */ head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport, 0, pcbinfo->ipi_hashmask)]; LIST_FOREACH(inp, head, inp_hash) { #ifdef INET6 + /* XXX inp locking */ if ((inp->inp_vflag & INP_IPV4) == 0) continue; #endif - if (inp->inp_faddr.s_addr == INADDR_ANY && - inp->inp_lport == lport) { - if (ifp && ifp->if_type == IFT_FAITH && - (inp->inp_flags & INP_FAITH) == 0) + if (inp->inp_faddr.s_addr != INADDR_ANY || + inp->inp_lport != lport) + continue; + + /* XXX inp locking */ + if (ifp && ifp->if_type == IFT_FAITH && + (inp->inp_flags & INP_FAITH) == 0) + continue; + + injail = jailed(inp->inp_cred); + if (injail) { + if (!prison_check_ip4(inp->inp_cred, &laddr)) continue; - if (inp->inp_laddr.s_addr == laddr.s_addr) + } else { + if (local_exact != NULL) + continue; + } + + if (inp->inp_laddr.s_addr == laddr.s_addr) { + if (injail) return (inp); - else if (inp->inp_laddr.s_addr == INADDR_ANY) { + else + local_exact = inp; + } else if (inp->inp_laddr.s_addr == INADDR_ANY) { #ifdef INET6 - if (INP_CHECK_SOCKAF(inp->inp_socket, - AF_INET6)) - local_wild_mapped = inp; + /* XXX inp locking, NULL check */ + if (inp->inp_vflag & INP_IPV6PROTO) + local_wild_mapped = inp; + else +#endif /* INET6 */ + if (injail) + jail_wild = inp; else -#endif local_wild = inp; - } } - } + } /* LIST_FOREACH */ + if (jail_wild != NULL) + return (jail_wild); + if (local_exact != NULL) + return (local_exact); + if (local_wild != NULL) + return (local_wild); #ifdef INET6 - if (local_wild == NULL) + if (local_wild_mapped != NULL) return (local_wild_mapped); -#endif - return (local_wild); - } +#endif /* defined(INET6) */ + } /* if (wildcard == INPLOOKUP_WILDCARD) */ + return (NULL); } @@ -1472,7 +1543,7 @@ inp_apply_all(void (*func)(struct inpcb struct inpcb *inp; INP_INFO_RLOCK(&V_tcbinfo); - LIST_FOREACH(inp, tcbinfo.ipi_listhead, inp_list) { + LIST_FOREACH(inp, V_tcbinfo.ipi_listhead, inp_list) { INP_WLOCK(inp); func(inp, arg); INP_WUNLOCK(inp); Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_pcb.h ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_pcb.h Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_pcb.h Fri Dec 5 07:42:54 2008 (r185629) @@ -450,6 +450,8 @@ extern int ipport_lastauto; extern int ipport_hifirstauto; extern int ipport_hilastauto; extern int ipport_randomized; +extern int ipport_randomcps; +extern int ipport_randomtime; extern int ipport_stoprandom; extern int ipport_tcpallocs; extern struct callout ipport_tick_callout; Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_proto.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_proto.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_proto.c Fri Dec 5 07:42:54 2008 (r185629) @@ -193,6 +193,7 @@ struct protosw inetsw[] = { .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = icmp_input, .pr_ctloutput = rip_ctloutput, + .pr_init = icmp_init, .pr_usrreqs = &rip_usrreqs }, { Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_rmx.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_rmx.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_rmx.c Fri Dec 5 07:42:54 2008 (r185629) @@ -55,9 +55,12 @@ __FBSDID("$FreeBSD$"); #include <net/if.h> #include <net/route.h> +#include <net/vnet.h> + #include <netinet/in.h> #include <netinet/in_var.h> #include <netinet/ip_var.h> +#include <netinet/vinet.h> extern int in_inithead(void **head, int off); @@ -151,17 +154,20 @@ in_matroute(void *v_arg, struct radix_no return rn; } -static int rtq_reallyold = 60*60; /* one hour is "really old" */ +#ifdef VIMAGE_GLOBALS +static int rtq_reallyold; +static int rtq_minreallyold; +static int rtq_toomany; +#endif + SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTEXPIRE, rtexpire, CTLFLAG_RW, rtq_reallyold, 0, "Default expiration time on dynamically learned routes"); -static int rtq_minreallyold = 10; /* never automatically crank down to less */ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMINEXPIRE, rtminexpire, CTLFLAG_RW, rtq_minreallyold, 0, "Minimum time to attempt to hold onto dynamically learned routes"); -static int rtq_toomany = 128; /* 128 cached routes is "too many" */ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW, rtq_toomany, 0, "Upper limit on dynamically learned routes"); @@ -256,8 +262,10 @@ in_rtqkill(struct radix_node *rn, void * } #define RTQ_TIMEOUT 60*10 /* run no less than once every ten minutes */ -static int rtq_timeout = RTQ_TIMEOUT; +#ifdef VIMAGE_GLOBALS +static int rtq_timeout; static struct callout rtq_timer; +#endif static void in_rtqtimo_one(void *rock); @@ -282,6 +290,7 @@ in_rtqtimo(void *rock) static void in_rtqtimo_one(void *rock) { + INIT_VNET_INET(curvnet); struct radix_node_head *rnh = rock; struct rtqk_arg arg; static time_t last_adjusted_timeout = 0; @@ -336,6 +345,7 @@ in_rtqdrain(void) VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); INIT_VNET_NET(vnet_iter); + for ( fibnum = 0; fibnum < rt_numfibs; fibnum++) { rnh = V_rt_tables[fibnum][AF_INET]; arg.found = arg.killed = 0; @@ -376,6 +386,11 @@ in_inithead(void **head, int off) if (off == 0) /* XXX MRT see above */ return 1; /* only do the rest for a real routing table */ + V_rtq_reallyold = 60*60; /* one hour is "really old" */ + V_rtq_minreallyold = 10; /* never automatically crank down to less */ + V_rtq_toomany = 128; /* 128 cached routes is "too many" */ + V_rtq_timeout = RTQ_TIMEOUT; + rnh = *head; rnh->rnh_addaddr = in_addroute; rnh->rnh_matchaddr = in_matroute; Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_var.h ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_var.h Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/in_var.h Fri Dec 5 07:42:54 2008 (r185629) @@ -138,6 +138,15 @@ do { \ #endif /* + * IP datagram reassembly. + */ +#define IPREASS_NHASH_LOG2 6 +#define IPREASS_NHASH (1 << IPREASS_NHASH_LOG2) +#define IPREASS_HMASK (IPREASS_NHASH - 1) +#define IPREASS_HASH(x,y) \ + (((((x) & 0xF) | ((((x) >> 8) & 0xF) << 4)) ^ (y)) & IPREASS_HMASK) + +/* * This information should be part of the ifnet structure but we don't wish * to change that - as it might break a number of things */ Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip6.h ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip6.h Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip6.h Fri Dec 5 07:42:54 2008 (r185629) @@ -347,8 +347,6 @@ do { \ } \ } while (/*CONSTCOND*/ 0) -#include <netinet6/vinet6.h> - #endif /*_KERNEL*/ #endif /* not _NETINET_IP6_H_ */ Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_carp.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_carp.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_carp.c Fri Dec 5 07:42:54 2008 (r185629) @@ -74,6 +74,7 @@ __FBSDID("$FreeBSD$"); #include <netinet/ip_var.h> #include <netinet/if_ether.h> #include <machine/in_cksum.h> +#include <netinet/vinet.h> #endif #ifdef INET6 @@ -82,6 +83,7 @@ __FBSDID("$FreeBSD$"); #include <netinet6/ip6_var.h> #include <netinet6/scope6_var.h> #include <netinet6/nd6.h> +#include <netinet6/vinet6.h> #endif #include <crypto/sha1.h> Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_divert.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_divert.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_divert.c Fri Dec 5 07:42:54 2008 (r185629) @@ -74,6 +74,7 @@ __FBSDID("$FreeBSD$"); #include <netinet/ip_divert.h> #include <netinet/ip_var.h> #include <netinet/ip_fw.h> +#include <netinet/vinet.h> #include <security/mac/mac_framework.h> @@ -112,8 +113,10 @@ __FBSDID("$FreeBSD$"); */ /* Internal variables. */ +#ifdef VIMAGE_GLOBALS static struct inpcbhead divcb; static struct inpcbinfo divcbinfo; +#endif static u_long div_sendspace = DIVSNDQ; /* XXX sysctl ? */ static u_long div_recvspace = DIVRCVQ; /* XXX sysctl ? */ @@ -320,6 +323,7 @@ div_output(struct socket *so, struct mbu */ m->m_pkthdr.rcvif = NULL; m->m_nextpkt = NULL; + M_SETFIB(m, so->so_fibnum); if (control) m_freem(control); /* XXX */ @@ -578,6 +582,7 @@ div_ctlinput(int cmd, struct sockaddr *s static int div_pcblist(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int error, i, n; struct inpcb *inp, **inp_list; inp_gen_t gencnt; Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fastfwd.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fastfwd.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fastfwd.c Fri Dec 5 07:42:54 2008 (r185629) @@ -103,10 +103,13 @@ __FBSDID("$FreeBSD$"); #include <netinet/ip_var.h> #include <netinet/ip_icmp.h> #include <netinet/ip_options.h> +#include <netinet/vinet.h> #include <machine/in_cksum.h> -static int ipfastforward_active = 0; +#ifdef VIMAGE_GLOBALS +static int ipfastforward_active; +#endif SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, fastforwarding, CTLFLAG_RW, ipfastforward_active, 0, "Enable fast IP forwarding"); Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fw2.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fw2.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fw2.c Fri Dec 5 07:42:54 2008 (r185629) @@ -69,6 +69,7 @@ __FBSDID("$FreeBSD$"); #include <net/radix.h> #include <net/route.h> #include <net/pf_mtag.h> +#include <net/vnet.h> #define IPFW_INTERNAL /* Access to protected data structures in ip_fw.h. */ @@ -91,6 +92,8 @@ __FBSDID("$FreeBSD$"); #include <netinet/udp.h> #include <netinet/udp_var.h> #include <netinet/sctp.h> +#include <netinet/vinet.h> + #include <netgraph/ng_ipfw.h> #include <altq/if_altq.h> @@ -1803,14 +1806,14 @@ add_table_entry(struct ip_fw_chain *ch, ent->addr.sin_len = ent->mask.sin_len = 8; ent->mask.sin_addr.s_addr = htonl(mlen ? ~((1 << (32 - mlen)) - 1) : 0); ent->addr.sin_addr.s_addr = addr & ent->mask.sin_addr.s_addr; - IPFW_WLOCK(&V_layer3_chain); + IPFW_WLOCK(ch); if (rnh->rnh_addaddr(&ent->addr, &ent->mask, rnh, (void *)ent) == NULL) { - IPFW_WUNLOCK(&V_layer3_chain); + IPFW_WUNLOCK(ch); free(ent, M_IPFW_TBL); return (EEXIST); } - IPFW_WUNLOCK(&V_layer3_chain); + IPFW_WUNLOCK(ch); return (0); } Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fw_pfil.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fw_pfil.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_fw_pfil.c Fri Dec 5 07:42:54 2008 (r185629) @@ -487,6 +487,7 @@ ipfw6_unhook(void) int ipfw_chg_hook(SYSCTL_HANDLER_ARGS) { + INIT_VNET_IPFW(curvnet); int enable = *(int *)arg1; int error; Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_icmp.c ============================================================================== --- user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_icmp.c Fri Dec 5 07:41:53 2008 (r185628) +++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet/ip_icmp.c Fri Dec 5 07:42:54 2008 (r185629) @@ -61,6 +61,7 @@ __FBSDID("$FreeBSD$"); #include <netinet/tcp_var.h> #include <netinet/tcpip.h> #include <netinet/icmp_var.h> +#include <netinet/vinet.h> #ifdef IPSEC #include <netipsec/ipsec.h> @@ -77,47 +78,51 @@ __FBSDID("$FreeBSD$"); * host table maintenance routines. */ -struct icmpstat icmpstat; +#ifdef VIMAGE_GLOBALS +struct icmpstat icmpstat; +static int icmpmaskrepl; +static u_int icmpmaskfake; +static int drop_redirect; +static int log_redirect; +static int icmplim; +static int icmplim_output; +static char reply_src[IFNAMSIZ]; +static int icmp_rfi; +static int icmp_quotelen; +static int icmpbmcastecho; +#endif + SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_STATS, stats, CTLFLAG_RW, icmpstat, icmpstat, ""); -static int icmpmaskrepl = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, CTLFLAG_RW, icmpmaskrepl, 0, "Reply to ICMP Address Mask Request packets."); -static u_int icmpmaskfake = 0; SYSCTL_V_UINT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW, icmpmaskfake, 0, "Fake reply to ICMP Address Mask Request packets."); -static int drop_redirect = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, drop_redirect, CTLFLAG_RW, drop_redirect, 0, "Ignore ICMP redirects"); -static int log_redirect = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, log_redirect, CTLFLAG_RW, log_redirect, 0, "Log ICMP redirects to the console"); -static int icmplim = 200; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW, icmplim, 0, "Maximum number of ICMP responses per second"); -static int icmplim_output = 1; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW, icmplim_output, 0, "Enable rate limiting of ICMP responses"); -static char reply_src[IFNAMSIZ]; SYSCTL_V_STRING(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW, reply_src, IFNAMSIZ, "icmp reply source for non-local packets."); -static int icmp_rfi = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_from_interface, CTLFLAG_RW, icmp_rfi, 0, "ICMP reply from incoming interface for " "non-local packets"); -static int icmp_quotelen = 8; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW, icmp_quotelen, 0, "Number of bytes from original packet to " "quote in ICMP reply"); @@ -126,7 +131,6 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet * ICMP broadcast echo sysctl */ -static int icmpbmcastecho = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, bmcastecho, CTLFLAG_RW, icmpbmcastecho, 0, ""); @@ -140,6 +144,22 @@ static void icmp_send(struct mbuf *, str extern struct protosw inetsw[]; +void *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812050742.mB57gsnh046998>