Franco Fichtner
ed39d84826
pf/ipfw/netinet[6]: IP forwarding rework, fixes IPv4 in pf(4)
...
Based on feedback by countless users, this removes the if_output
calls in the pf code that escape pfil processing in IPv4 by going
the long way.
In our 11.1 iteration ip_tryforward() is easy to port and while
we are at it we shall also tackle IPv6. :)
11.2 update adds all recent fixes into this single commit.
Many thanks to Andrey V. Elsukov (ae@) for giving this direction
and review.
Also see: https://reviews.freebsd.org/D8877
2018-10-07 19:24:22 +02:00
Franco Fichtner
7514cc6706
dummynet: pfil skip for IPv4 and IPv6
...
Based on a patch originally found in m0n0wall, expanded
to IPv6 and aligned with FreeBSD's IP input path.
2018-10-07 17:41:46 +02:00
Franco Fichtner
0c0e584f24
HBSD: cleanups, smaller reverts and review
...
* Remove default HT disable hardening for now
* Remove default tempaddr IPv6 for now
* Whitespace changes vs. FreeBSD
2018-10-07 17:29:46 +02:00
Franco Fichtner
12706d45cb
HBSD: sync up with hardened/11.2-releng/master branch
...
Commit: b8dead303184bcbd695cdb20407f5677f2424092
2018-10-07 14:26:34 +02:00
Franco Fichtner
0dc4b34cbd
src: switch to release/11.2.0
...
Taken from: FreeBSD commit 62a489e1688b21b7cbdab9ffdb449a67bacc770c
2018-10-07 14:26:34 +02:00
Franco Fichtner
678f0874c2
Revert "netinet: err, fix checksumming for IPsec"
...
This reverts commit aa24757a1a
2018-03-31 11:09:25 +02:00
Franco Fichtner
aa24757a1a
netinet: err, fix checksumming for IPsec
2018-03-28 11:19:18 +02:00
Franco Fichtner
b349ba1521
pf/ipfw/netinet[6]: IP forwarding rework, fixes IPv4 in pf(4)
...
Based on feedback by countless users, this removes the if_output
calls in the pf code that escape pfil processing in IPv4 by going
the long way.
In our 11.1 iteration ip_tryforward() is easy to port and while
we are at it we shall also tackle IPv6. :)
Many thanks to Andrey V. Elsukov (ae@) for giving this direction
and review.
Also see: https://reviews.freebsd.org/D8877
pf: add ipv6 shared forwarding
2017-09-14 21:32:31 +02:00
Franco Fichtner
c76d7505b7
dummynet: pfil skip for IPv4 and IPv6
...
Based on a patch originally found in m0n0wall, expanded
to IPv6 and aligned with FreeBSD's IP input path.
2017-08-20 14:05:09 +02:00
Franco Fichtner
3c09b4c3de
src: clean-cut move to release/11.1.0
...
Taken from: FreeBSD
Commit ref: 2f4b735c66d
2017-08-20 13:44:58 +02:00
Franco Fichtner
e92bed1aa6
pf/ipfw/netinet[6]: IP forwarding rework, fixes IPv4 in pf(4)
...
Based on feedback by countless users, this removes the if_output
calls in the pf code that escape pfil processing in IPv4 by going
the long way. This is only partially applicable to FreeBSD and
we are working on fixing this in a full fashion in 12-CURRENT.
It also disables ip_tryforward() as that does not seem trivial
to convert as it is missing 12-CURRENT's nhop4/nhop6. Maybe we
will see that in 11.1.
Many thanks to Andrey V. Elsukov (ae@) for giving this direction
and review.
Also see: https://reviews.freebsd.org/D8877
2017-01-10 16:16:39 +01:00
Franco Fichtner
4036f87375
dummynet: pfil skip for IPv4 and IPv6
...
Based on a patch originally found in m0n0wall, expanded
to IPv6 and aligned with FreeBSD's IP input path.
2016-10-03 12:46:39 +02:00
Franco Fichtner
eb99233983
src: clean-cut move to release/11.0.0
...
Taken from: FreeBSD
Commit ref: d508cb8c8f
2016-10-03 12:28:21 +02:00
Franco Fichtner
9d99bdc8c6
dummynet: pfil skip for IPv4 and IPv6
...
Based on a patch originally found in m0n0wall, expanded
to IPv6 and aligned with FreeBSD's IP input path.
2016-09-27 11:06:05 +02:00
Franco Fichtner
8398b893e9
Revert "dummynet: ipnat patch solves traffic shaper issues with wan interfaces"
...
This reverts commit aa4404c681
2016-09-27 11:06:02 +02:00
Ad Schellevis
aa4404c681
dummynet: ipnat patch solves traffic shaper issues with wan interfaces
...
Taken from: m0n0wall
Modified by: franco@opnsense.org
2016-05-21 08:45:39 +02:00
Franco Fichtner
51aeb3f459
src: clean-cut move to release/10.3.0
...
Taken from: FreeBSD
Commit ref: b62280e683e2
2016-05-21 08:25:57 +02:00
Franco Fichtner
e40080fe17
net: M_IPIN_SKIPPFIL is the same as M_PROTO12
...
Make the patch more portable by using it directly.
2015-11-21 01:58:55 +01:00
Ad Schellevis
b09422434f
dummynet: ipnat patch solves traffic shaper issues with wan interfaces
...
Taken from: m0n0wall
2015-08-14 14:49:28 +02:00
Franco Fichtner
cd6ee62847
src: clean-cut move to 10.2-RELEASE
...
Start fresh on master, only apply needed patches on top now.
Upstream commit: 56279fdef34eb28a4655b489b992c651bd8379fc
Taken from: FreeBSD
2015-08-14 14:15:00 +02:00
Ad Schellevis
e5e5cdfeec
add brackets and fix indent on last commit
2015-06-22 18:37:12 +02:00
Ad Schellevis
564bc49700
dummynet with ipnat patch (original src m0n0wall), solves traffic shaper issues with wan interfaces
2015-06-22 16:04:29 +02:00
Ad Schellevis
71871c4b5c
Merge branch 'master' of github.com:opnsense/src
2015-04-24 01:18:40 +02:00
Ad Schellevis
18b9d9d936
Revert "tools: apply IPSEC_sysctl.RELENG_10.diff"
...
This reverts commit cb20e20ca8
2015-04-24 00:28:23 +02:00
Franco Fichtner
5c14f52aa8
Revert "tools: apply ip_dstchng_fix.diff"
...
This reverts commit b770fc65ce
2015-04-15 10:49:15 +02:00
Franco Fichtner
b770fc65ce
tools: apply ip_dstchng_fix.diff
2015-02-11 18:00:43 +01:00
Franco Fichtner
cb20e20ca8
tools: apply IPSEC_sysctl.RELENG_10.diff
2015-02-11 09:39:33 +01:00
Franco Fichtner
87f480af48
*: upgrade to 10.1 as a bulk commit
...
Taken from: freebsd.git@29f4af53a2c8248b634f48923da8eb35f5ed0515
2015-02-10 19:21:02 +01:00
Franco Fichtner
7d12b93ba3
tools: apply ip_dstchng_fix.diff
2014-11-09 15:58:44 +01:00
Franco Fichtner
6965f14eb6
tools: apply IPSEC_sysctl.RELENG_10.diff
2014-11-09 15:49:49 +01:00
Franco Fichtner
f841e07039
tools: apply pfil.RELENG_10.diff
2014-11-09 15:37:11 +01:00
Franco Fichtner
402e7dde73
src: initial commit based on FreeBSD-10.0
...
Taken from: https://github.com/freebsd/freebsd.git
Commit id: d44ce30d3054a38723f89a161c5e003e64d1aaae
2014-11-09 09:30:14 +01:00
