1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-23 11:18:54 +00:00
freebsd/sys/netinet
Alexander V. Chernikov f8bee51a69 - Add ipfw eXtended tables permitting radix to be used for any kind of keys.
- Add support for IPv6 and interface extended tables
- Make number of tables to be loader tunable in range 0..65534.
- Use IP_FW3 opcode for all new extended table cmds

No ABI changes are introduced. Old userland will see valid tables for
IPv4 tables and no entries otherwise. Flush works for any table.

IP_FW3 socket option is used to encapsulate all new opcodes:
 /* IP_FW3 header/opcodes */
 typedef struct _ip_fw3_opheader {
        uint16_t opcode;        /* Operation opcode */
        uint16_t reserved[3];   /* Align to 64-bit boundary */
 } ip_fw3_opheader;

New opcodes added:
 IP_FW_TABLE_XADD, IP_FW_TABLE_XDEL, IP_FW_TABLE_XGETSIZE, IP_FW_TABLE_XLIST

ipfw(8) table argument parsing behavior is changed:
 'ipfw table 999 add host' now assumes 'host' to be interface name instead of
 hostname.

New tunable:
 net.inet.ip.fw.tables_max controls number of table supported by ipfw in given
 VNET instance. 128 is still the default value.

New syntax:
ipfw add skipto tablearg ip from any to any via table(42) in
ipfw add skipto tablearg ip from any to any via table(4242) out

This is a bit hackish, special interface name '\1' is used to signal interface
table number is passed in p.glob field.

Sponsored by Yandex LLC

Reviewed by:    ae
Approved by:    ae (mentor)

MFC after:      4 weeks
2012-03-12 14:07:57 +00:00
..
cc
ipfw - Add ipfw eXtended tables permitting radix to be used for any kind of keys. 2012-03-12 14:07:57 +00:00
khelp
libalias Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs. 2011-11-07 15:43:11 +00:00
accf_data.c
accf_dns.c
accf_http.c Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs. 2011-11-07 15:43:11 +00:00
cc.h
icmp6.h Correct typo in the RFC number for the constants based on IANA assignments 2012-03-04 18:47:20 +00:00
icmp_var.h
if_atm.c
if_atm.h
if_ether.c Clean up some #endif comments removing from short sections. Add #endif 2012-01-22 02:13:19 +00:00
if_ether.h Move arprequest() declaration to if_ether.h. 2012-01-08 13:34:00 +00:00
igmp_var.h
igmp.c Convert all users of IF_ADDR_LOCK to use new locking macros that specify 2012-01-05 19:00:36 +00:00
igmp.h
in_cksum.c
in_debug.c
in_gif.c
in_gif.h
in_mcast.c Remove unused variable. 2012-01-24 14:27:14 +00:00
in_pcb.c Clean up some #endif comments removing from short sections. Add #endif 2012-01-22 02:13:19 +00:00
in_pcb.h Cache SO_REUSEPORT socket option in inpcb-layer in order to avoid 2011-11-06 10:47:20 +00:00
in_pcbgroup.c
in_proto.c Bunch of fixes to pfsync(4) module load/unload: 2012-01-09 08:50:22 +00:00
in_rmx.c
in_systm.h
in_var.h Provide IA_MASKSIN() macro similar to IA_SIN() and IA_DSTSIN(). 2012-01-08 17:20:29 +00:00
in.c When using flowtable llentrys can outlive the interface with which they're associated 2012-02-23 18:21:37 +00:00
in.h
ip6.h
ip_carp.c Set vnet context in callouts and taskqueues. 2012-02-08 13:39:38 +00:00
ip_carp.h Restore a feature that was present in 5.x and 6.x, and was cleared in 2011-12-20 13:53:31 +00:00
ip_divert.c Make #error messages string-literals and remove punctuation. 2012-01-22 10:41:58 +00:00
ip_divert.h
ip_dummynet.h
ip_ecn.c
ip_ecn.h
ip_encap.c
ip_encap.h
ip_fastfwd.c
ip_fw.h - Add ipfw eXtended tables permitting radix to be used for any kind of keys. 2012-03-12 14:07:57 +00:00
ip_gre.c Make #error messages string-literals and remove punctuation. 2012-01-22 10:41:58 +00:00
ip_gre.h
ip_icmp.c - Fix sysctl description 2012-01-07 00:11:36 +00:00
ip_icmp.h
ip_id.c
ip_input.c Convert all users of IF_ADDR_LOCK to use new locking macros that specify 2012-01-05 19:00:36 +00:00
ip_ipsec.c Clean up some #endif comments removing from short sections. Add #endif 2012-01-22 02:13:19 +00:00
ip_ipsec.h
ip_mroute.c Change SYSINIT priorities so that ip_mroute_modevent() is executed 2012-03-04 18:59:38 +00:00
ip_mroute.h
ip_options.c
ip_options.h
ip_output.c Cache SO_REUSEPORT socket option in inpcb-layer in order to avoid 2011-11-06 10:47:20 +00:00
ip_var.h Defer the work of freeing IPv4 multicast options from a socket to an 2011-12-29 20:41:16 +00:00
ip.h
pim_var.h
pim.h
raw_ip.c As I came by and noticed add a comment that inp locking is a bit optistic 2012-01-02 09:18:58 +00:00
sctp_asconf.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_asconf.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_auth.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_auth.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_bsd_addr.c Add support for stf interfaces. 2012-03-09 13:15:40 +00:00
sctp_bsd_addr.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_cc_functions.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_constants.h Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_crc32.c
sctp_crc32.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_dtrace_declare.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_dtrace_define.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_header.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_indata.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_indata.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_input.c Fix a problem when using the CBAPI. 2012-01-20 13:26:11 +00:00
sctp_input.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_lock_bsd.h
sctp_os_bsd.h Document the fact that multi-FIB support for SCTP had been backed out 2012-02-03 15:39:13 +00:00
sctp_os.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_output.c Fix a bug where the wrong protocol overhead was used. This can lead 2012-02-14 12:00:34 +00:00
sctp_output.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_pcb.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_pcb.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_peeloff.c Fix a warning reported by bz@ 2012-03-09 15:42:47 +00:00
sctp_peeloff.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_ss_functions.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_structs.h Fix a typo which was already fixed by eadler in r227489. We missed 2012-02-06 10:47:12 +00:00
sctp_sysctl.c Add an SCTP sysctl "blackhole", similar to the one for TCP. 2012-01-08 09:56:24 +00:00
sctp_sysctl.h Add an SCTP sysctl "blackhole", similar to the one for TCP. 2012-01-08 09:56:24 +00:00
sctp_timer.c Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp_timer.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_uio.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctp_usrreq.c Remove two clang warnings. 2012-02-18 16:06:15 +00:00
sctp_var.h Address issues found by clang. While there, fix also some style 2011-12-27 10:16:24 +00:00
sctp.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
sctputil.c Two cleanups. No functional change. 2012-01-15 13:35:55 +00:00
sctputil.h Fix unused parameter warnings. 2011-12-17 19:21:40 +00:00
siftr.c
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs. 2011-11-07 15:43:11 +00:00
tcp_hostcache.h
tcp_input.c Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_lro.c
tcp_lro.h
tcp_offload.c
tcp_offload.h
tcp_output.c Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_reass.c Plug a TCP reassembly UMA zone leak introduced in r226113 by only using the 2011-11-27 02:32:08 +00:00
tcp_sack.c
tcp_seq.h Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_subr.c Add multi-FIB IPv6 support to the core network stack supplementing 2012-02-03 13:08:44 +00:00
tcp_syncache.c Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_syncache.h
tcp_timer.c Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcp_timer.h Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcp_timewait.c Fix PAWS (Protect Against Wrapped Sequence numbers) in cases when 2012-02-15 16:09:56 +00:00
tcp_usrreq.c Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcp_var.h Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcp.h Add new socket options: TCP_KEEPINIT, TCP_KEEPIDLE, TCP_KEEPINTVL and 2012-02-05 16:53:02 +00:00
tcpip.h
toedev.h
udp_usrreq.c
udp_var.h
udp.h