| created | 2025-03-05T14:23:26Z |
|---|---|
| begin | 2025-03-04T00:00:00Z |
| end | 2025-03-05T00:00:00Z |
| path | src/sys |
| commits | 6 |
| date | 2025-03-04T01:01:25Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/bpf.c | log | diff | annotate |
| src/sys/net/bpf.h | log | diff | annotate | |
| message |
add bpfxattach for addding extra bpf interfaces to net interfaces bpf interfaces are identified by name and data link type. bpfattach takes an ifnet pointer and uses the interface name from if_xname when setting up a bpf interface for a network interface. this makes it hard to provide a way to look at a subset of packets on an interface with the same dlt as the whole interface. bpfxattach lets me attach a bpf interface with a different name to network interfaces. im using this to attach bpf interfaces rings on some multiq interfaces, which lets me fan out packet processing via bpf in userland. ok claudio@ |
|||
| date | 2025-03-04T01:13:37Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/ifq.c | log | diff | annotate |
| src/sys/net/ifq.h | log | diff | annotate | |
| message |
let drivers provide an ifiq specific bpf interface if they want. this is handled like the interface bpf processing so it inherits the filter drop semantics and fdrop counts on the ifiq. ok claudio@ |
|||
| date | 2025-03-04T11:52:44Z | |||
|---|---|---|---|---|
| author | sashan | |||
| files | src/sys/net/pf.c | log | diff | annotate |
| message |
Fix incorrect ICMP error translation in af-to NAT. In typical situation pf uses destination address found in state for IPv6 source address in af-to translated packet. However for ICMPv4 errors we need to replace the least 32bits in IPv6 source address with source address from ICMPv4 reply packet we are forwarding. This way IPv6 host which is going to receive the error can see the reply is coming from router on the path and not from destination. This change enables traceroute6 behind af-to to provide meaningful information. The issue was kindly reported by Kristof Provost (kp _vond_ freebsd _dot_ org) Testing and feedback comes from bluhm@ OK bluhm@ |
|||
| date | 2025-03-04T15:11:30Z | |||
|---|---|---|---|---|
| author | bluhm | |||
| files | src/sys/net/if_sec.c | log | diff | annotate |
| src/sys/net/if_sec.h | log | diff | annotate | |
| src/sys/netinet/ipsec_input.c | log | diff | annotate | |
| message |
Pass struct netstack to sec_input(). Kernel crashed in route6_cache() due to bogous netstack. ipsec_common_input_cb() was called with netstack pointer NULL, but in ipv6_input() the pointer was 1. In between lies sec_input() that was called without netstack pointer, but passed an arbitrary value to if_vinput(). There was a parameter missing in its prototype. The buggy code did compile due to a missing include file. crash reported by Mikolaj Kucharski; OK claudio@ |
|||
| date | 2025-03-04T19:31:28Z | |||
|---|---|---|---|---|
| author | kettenis | |||
| files | src/sys/dev/pci/if_iwx.c | log | diff | annotate |
| message |
Properly set A-MPDU density for MLD firmwares. Clamp A-MPDU sizes to 4M since this the maximum the firmware supports according to the Linux driver. Fix a missing htole32() while I'm there. ok stsp@ |
|||
| date | 2025-03-04T22:59:01Z | |||
|---|---|---|---|---|
| author | kirill | |||
| files | src/sys/dev/usb/uvideo.c | log | diff | annotate |
| message |
sys/uvideo: avoid null-pointer after queued v4l2 frame OK: mglocker@ |
|||