r339550 ae Oct. 21, 2018, 5:55 p.m.
appearing and disappearing on the host system.

Such handling is need, because tunneling interfaces must use addresses,
that are configured on the host as ingress addresses for tunnels.
Otherwise the system can send spoofed packets with source address, that
belongs to foreign host.

The KPI uses ifaddr_event_ext event to implement addresses tracking.
Tunneling interfaces register event handlers and then they are
notified by the kernel, when an address disappears or appears.

ifaddr_event_compat() handler from if.c replaced by srcaddr_change_event()
in the ip_encap.c

MFC after:	1 month
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D17134
ViewVC
r339548 vmaffione Oct. 21, 2018, 5:15 p.m.
The current documentation describing the syntax of a VALE port is wrong.
This patch fixes it to make it consistent.

Approved by:	bcr, gnn (mentor)
Differential Revision:	https://reviews.freebsd.org/D17411
ViewVC
r339547 kp Oct. 21, 2018, 4:51 p.m.
vlan_lladdr_fn() is called from taskqueue, which means there's no vnet context
set. We can end up trying to send ARP messages (through the iflladdr_event
event), which requires a vnet context.

PR:		227654
MFC after:	3 days
ViewVC
r339546 imp Oct. 21, 2018, 4:49 p.m.
Sebastian Bach's twenty children, it hasn't been seen in many years.
ViewVC
r339545 ae Oct. 21, 2018, 4:44 p.m.
This allows use differen values configured by user for sysctl variable
net.inet.ip.fw.dyn_rst_lifetime.

Obtained from:	Yandex LLC
MFC after:	3 weeks
Sponsored by:	Yandex LLC
ViewVC
r339544 ae Oct. 21, 2018, 4:37 p.m.
Obtained from:	Yandex LLC
MFC after:	3 weeks
Sponsored by:	Yandex LLC
ViewVC
r339543 imp Oct. 21, 2018, 4:29 p.m.
r339542 ae Oct. 21, 2018, 4:29 p.m.
to switch the output method in run-time. Also document some sysctl
variables that can by changed for NAT64 module.

NAT64 had compile time option IPFIREWALL_NAT64_DIRECT_OUTPUT to use
if_output directly from nat64 module. By default is used netisr based
output method. Now both methods can be used, but they require different
handling by rules.

Obtained from:	Yandex LLC
MFC after:	3 weeks
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D16647
ViewVC
r339541 gjb Oct. 21, 2018, 3:54 p.m.
from 12.0-ALPHA10 to 13.0-CURRENT.  This edit was a mistake,
and should have been applied to stable/12 upon branching, not
head.

Reported by:	jbeich, dim
Sponsored by:	The FreeBSD Foundation
ViewVC
r339540 andrew Oct. 21, 2018, 3:43 p.m.
This allows the memory mapped I/O virtio driver to attach when we boot
with ACPI tables, for example in some cases with QEMU emulating arm64.

MFC after:	1 month
ViewVC
r339539 ae Oct. 21, 2018, 3:10 p.m.
that was added using "new rule format". And then, when the kernel
returns rule with this flag, ipfw(8) can correctly show it.

Reported by:	lev
MFC after:	3 weeks
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D17373
ViewVC
r339538 imp Oct. 21, 2018, 3:09 p.m.
supported all the "old" chips it did, so we should have killed it in
4, but 12 will do. It's a bit outside of the normal deprecation
process, but given the extreme age, it's obsolete status for 8 major
releases and the fact that I couldn't find any users who posted dmesgs
with ncr0: in them after 2000 or 3.4. It may be too late for 12 (this
change will be merged, but maybe not the next one to remove it), but
it will be removed in 13 with the first round of other drivers tagged
to be gone in 12.

MFC after: 3 days
ViewVC
r339537 ae Oct. 21, 2018, 3:02 p.m.
handler receives the type of event IFADDR_EVENT_ADD/IFADDR_EVENT_DEL,
and the pointer to ifaddr. Also ifaddr_event now is implemented using
ifaddr_event_ext handler.

MFC after:	3 weeks
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D17100
ViewVC
r339536 ae Oct. 21, 2018, 2:48 p.m.
Reported by:	yuripv
MFC after:	3 weeks
ViewVC
r339535 ae Oct. 21, 2018, 2:40 p.m.
for already existing interface.

It appeared, that ifconfig(8) assumes `create` keyword as hostname and
tries to resolve it, when `ifconfig ifname create` invoked for already
existing interface. This can produce some unexpected results, when hostname
resolving has successfully happened. This patch adds check for such case.
When an interface is already exists, and create is only one argument,
return error message. But when there are some other arguments, just remove
create keyword from the arguments list.

Obtained from:	Yandex LLC
MFC after:	3 weeks
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D17171
ViewVC