From owner-svn-src-stable@freebsd.org Fri Feb 15 00:29:46 2019 Return-Path: Delivered-To: svn-src-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DD6B114E830B; Fri, 15 Feb 2019 00:29:45 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 80FA16D4B1; Fri, 15 Feb 2019 00:29:45 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 58A8BED63; Fri, 15 Feb 2019 00:29:45 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x1F0TjDA009098; Fri, 15 Feb 2019 00:29:45 GMT (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x1F0TiPL009096; Fri, 15 Feb 2019 00:29:44 GMT (envelope-from glebius@FreeBSD.org) Message-Id: <201902150029.x1F0TiPL009096@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: glebius set sender to glebius@FreeBSD.org using -f From: Gleb Smirnoff Date: Fri, 15 Feb 2019 00:29:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r344139 - in stable/12: share/man/man4 sys/netgraph X-SVN-Group: stable-12 X-SVN-Commit-Author: glebius X-SVN-Commit-Paths: in stable/12: share/man/man4 sys/netgraph X-SVN-Commit-Revision: 344139 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 80FA16D4B1 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.996,0]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.96)[-0.963,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Feb 2019 00:29:46 -0000 Author: glebius Date: Fri Feb 15 00:29:44 2019 New Revision: 344139 URL: https://svnweb.freebsd.org/changeset/base/344139 Log: Merge r343895: Allow some nesting of ng_iface(4) interfaces and add a configuration knob. PR: 235500 Modified: stable/12/share/man/man4/ng_iface.4 stable/12/sys/netgraph/ng_iface.c Directory Properties: stable/12/ (props changed) Modified: stable/12/share/man/man4/ng_iface.4 ============================================================================== --- stable/12/share/man/man4/ng_iface.4 Thu Feb 14 20:33:35 2019 (r344138) +++ stable/12/share/man/man4/ng_iface.4 Fri Feb 15 00:29:44 2019 (r344139) @@ -35,7 +35,7 @@ .\" $FreeBSD$ .\" $Whistle: ng_iface.8,v 1.5 1999/01/25 23:46:26 archie Exp $ .\" -.Dd January 12, 2015 +.Dd February 6, 2019 .Dt NG_IFACE 4 .Os .Sh NAME @@ -144,6 +144,17 @@ In case when your graph ends up with some kind of seri synchronous or modem, the .Nm is the right place to turn ALTQ on. +.Sh Nesting +.Nm +supports nesting, a configuration when traffic of one +.Nm +interface flows through the other. +The default maximum allowed nesting level is 2. +It can be changed at runtime setting +.Xr sysctl 8 +variable +.Va net.graph.iface.max_nesting +to the desired level of nesting. .Sh SEE ALSO .Xr altq 4 , .Xr bpf 4 , @@ -151,6 +162,7 @@ is the right place to turn ALTQ on. .Xr ng_cisco 4 , .Xr ifconfig 8 , .Xr ngctl 8 +.Xr sysctl .Sh HISTORY The .Nm iface Modified: stable/12/sys/netgraph/ng_iface.c ============================================================================== --- stable/12/sys/netgraph/ng_iface.c Thu Feb 14 20:33:35 2019 (r344138) +++ stable/12/sys/netgraph/ng_iface.c Fri Feb 15 00:29:44 2019 (r344139) @@ -68,6 +68,7 @@ #include #include #include +#include #include #include @@ -92,6 +93,13 @@ static MALLOC_DEFINE(M_NETGRAPH_IFACE, "netgraph_iface #define M_NETGRAPH_IFACE M_NETGRAPH #endif +static SYSCTL_NODE(_net_graph, OID_AUTO, iface, CTLFLAG_RW, 0, + "Point to point netgraph interface"); +VNET_DEFINE_STATIC(int, ng_iface_max_nest) = 2; +#define V_ng_iface_max_nest VNET(ng_iface_max_nest) +SYSCTL_INT(_net_graph_iface, OID_AUTO, max_nesting, CTLFLAG_VNET | CTLFLAG_RW, + &VNET_NAME(ng_iface_max_nest), 0, "Max nested tunnels"); + /* This struct describes one address family */ struct iffam { sa_family_t family; /* Address family */ @@ -355,7 +363,8 @@ ng_iface_output(struct ifnet *ifp, struct mbuf *m, } /* Protect from deadly infinite recursion. */ - error = if_tunnel_check_nesting(ifp, m, NGM_IFACE_COOKIE, 1); + error = if_tunnel_check_nesting(ifp, m, NGM_IFACE_COOKIE, + V_ng_iface_max_nest); if (error) { m_freem(m); return (error);