From owner-svn-src-stable-8@FreeBSD.ORG Thu May 6 06:44:20 2010 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 07C8B1065672; Thu, 6 May 2010 06:44:20 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [69.147.83.44]) by mx1.freebsd.org (Postfix) with ESMTP id E8ACA8FC18; Thu, 6 May 2010 06:44:19 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o466iJEm092677; Thu, 6 May 2010 06:44:19 GMT (envelope-from bz@svn.freebsd.org) Received: (from bz@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o466iJxI092654; Thu, 6 May 2010 06:44:19 GMT (envelope-from bz@svn.freebsd.org) Message-Id: <201005060644.o466iJxI092654@svn.freebsd.org> From: "Bjoern A. Zeeb" Date: Thu, 6 May 2010 06:44:19 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r207695 - in stable/8/sys: contrib/ipfilter/netinet net netinet netinet6 netipsec X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 May 2010 06:44:20 -0000 Author: bz Date: Thu May 6 06:44:19 2010 New Revision: 207695 URL: http://svn.freebsd.org/changeset/base/207695 Log: MFC r207369: MFP4: @176978-176982, 176984, 176990-176994, 177441 "Whitspace" churn after the VIMAGE/VNET whirls. Remove the need for some "init" functions within the network stack, like pim6_init(), icmp_init() or significantly shorten others like ip6_init() and nd6_init(), using static initialization again where possible and formerly missed. Move (most) variables back to the place they used to be before the container structs and VIMAGE_GLOABLS (before r185088) and try to reduce the diff to stable/7 and earlier as good as possible, to help out-of-tree consumers to update from 6.x or 7.x to 8 or 9. This also removes some header file pollution for putatively static global variables. Revert VIMAGE specific changes in ipfilter::ip_auth.c, that are no longer needed. Reviewed by: jhb Discussed with: rwatson Sponsored by: The FreeBSD Foundation Sponsored by: CK Software GmbH Modified: stable/8/sys/contrib/ipfilter/netinet/ip_auth.c stable/8/sys/net/if.c stable/8/sys/net/if_gif.c stable/8/sys/net/if_gif.h stable/8/sys/net/route.c stable/8/sys/netinet/icmp6.h stable/8/sys/netinet/if_ether.c stable/8/sys/netinet/in.c stable/8/sys/netinet/in_gif.c stable/8/sys/netinet/in_proto.c stable/8/sys/netinet/in_rmx.c stable/8/sys/netinet/ip_icmp.c stable/8/sys/netinet/ip_icmp.h stable/8/sys/netinet/ip_input.c stable/8/sys/netinet/ip_var.h stable/8/sys/netinet/tcp_hostcache.c stable/8/sys/netinet/tcp_input.c stable/8/sys/netinet/tcp_output.c stable/8/sys/netinet/tcp_reass.c stable/8/sys/netinet/tcp_sack.c stable/8/sys/netinet/tcp_subr.c stable/8/sys/netinet/tcp_syncache.c stable/8/sys/netinet/tcp_timewait.c stable/8/sys/netinet/tcp_var.h stable/8/sys/netinet/udp_usrreq.c stable/8/sys/netinet/udp_var.h stable/8/sys/netinet6/frag6.c stable/8/sys/netinet6/icmp6.c stable/8/sys/netinet6/in6_gif.c stable/8/sys/netinet6/in6_ifattach.c stable/8/sys/netinet6/in6_proto.c stable/8/sys/netinet6/in6_rmx.c stable/8/sys/netinet6/in6_src.c stable/8/sys/netinet6/in6_var.h stable/8/sys/netinet6/ip6_input.c stable/8/sys/netinet6/ip6_mroute.c stable/8/sys/netinet6/ip6_var.h stable/8/sys/netinet6/nd6.c stable/8/sys/netinet6/nd6.h stable/8/sys/netinet6/nd6_nbr.c stable/8/sys/netinet6/nd6_rtr.c stable/8/sys/netinet6/raw_ip6.c stable/8/sys/netinet6/scope6.c stable/8/sys/netipsec/ah_var.h stable/8/sys/netipsec/esp_var.h stable/8/sys/netipsec/ipcomp_var.h stable/8/sys/netipsec/ipip_var.h stable/8/sys/netipsec/ipsec.c stable/8/sys/netipsec/ipsec.h stable/8/sys/netipsec/ipsec6.h stable/8/sys/netipsec/key.c stable/8/sys/netipsec/xform_esp.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/geom/sched/ (props changed) Modified: stable/8/sys/contrib/ipfilter/netinet/ip_auth.c ============================================================================== --- stable/8/sys/contrib/ipfilter/netinet/ip_auth.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/contrib/ipfilter/netinet/ip_auth.c Thu May 6 06:44:19 2010 (r207695) @@ -70,11 +70,6 @@ struct file; #include #include #include -#if !defined(_KERNEL) && defined(__FreeBSD_version) && \ - __FreeBSD_version >= 800049 -# define V_ip_do_randomid ip_do_randomid -# define V_ip_id ip_id -#endif #if !defined(_KERNEL) && !defined(__osf__) && !defined(__sgi) # define KERNEL # define _KERNEL Modified: stable/8/sys/net/if.c ============================================================================== --- stable/8/sys/net/if.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/net/if.c Thu May 6 06:44:19 2010 (r207695) @@ -167,9 +167,11 @@ static void if_detach_internal(struct if extern void nd6_setmtu(struct ifnet *); #endif +VNET_DEFINE(int, if_index); +int ifqmaxlen = IFQ_MAXLEN; VNET_DEFINE(struct ifnethead, ifnet); /* depend on static init XXX */ VNET_DEFINE(struct ifgrouphead, ifg_head); -VNET_DEFINE(int, if_index); + static VNET_DEFINE(int, if_indexlim) = 8; /* Table of ifnet by index. */ @@ -178,8 +180,6 @@ static VNET_DEFINE(struct ifindex_entry #define V_if_indexlim VNET(if_indexlim) #define V_ifindex_table VNET(ifindex_table) -int ifqmaxlen = IFQ_MAXLEN; - /* * The global network interface list (V_ifnet) and related state (such as * if_index, if_indexlim, and ifindex_table) are protected by an sxlock and Modified: stable/8/sys/net/if_gif.c ============================================================================== --- stable/8/sys/net/if_gif.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/net/if_gif.c Thu May 6 06:44:19 2010 (r207695) @@ -94,20 +94,9 @@ */ static struct mtx gif_mtx; static MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface"); - static VNET_DEFINE(LIST_HEAD(, gif_softc), gif_softc_list); - #define V_gif_softc_list VNET(gif_softc_list) -#ifdef INET -VNET_DEFINE(int, ip_gif_ttl) = GIF_TTL; -#define V_ip_gif_ttl VNET(ip_gif_ttl) -#endif -#ifdef INET6 -VNET_DEFINE(int, ip6_gif_hlim) = GIF_HLIM; -#define V_ip6_gif_hlim VNET(ip6_gif_hlim) -#endif - void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af); void (*ng_gif_input_orphan_p)(struct ifnet *ifp, struct mbuf *m, int af); void (*ng_gif_attach_p)(struct ifnet *ifp); @@ -135,19 +124,11 @@ SYSCTL_NODE(_net_link, IFT_GIF, gif, CTL */ #define MAX_GIF_NEST 1 #endif - static VNET_DEFINE(int, max_gif_nesting) = MAX_GIF_NEST; #define V_max_gif_nesting VNET(max_gif_nesting) - SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_RW, &VNET_NAME(max_gif_nesting), 0, "Max nested tunnels"); -#ifdef INET6 -SYSCTL_DECL(_net_inet6_ip6); -SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM, gifhlim, CTLFLAG_RW, - &VNET_NAME(ip6_gif_hlim), 0, ""); -#endif - /* * By default, we disallow creation of multiple tunnels between the same * pair of addresses. Some applications require this functionality so @@ -159,7 +140,6 @@ static VNET_DEFINE(int, parallel_tunnels static VNET_DEFINE(int, parallel_tunnels) = 0; #endif #define V_parallel_tunnels VNET(parallel_tunnels) - SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, parallel_tunnels, CTLFLAG_RW, &VNET_NAME(parallel_tunnels), 0, "Allow parallel tunnels?"); Modified: stable/8/sys/net/if_gif.h ============================================================================== --- stable/8/sys/net/if_gif.h Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/net/if_gif.h Thu May 6 06:44:19 2010 (r207695) @@ -118,10 +118,6 @@ int gif_ioctl(struct ifnet *, u_long, ca int gif_set_tunnel(struct ifnet *, struct sockaddr *, struct sockaddr *); void gif_delete_tunnel(struct ifnet *); int gif_encapcheck(const struct mbuf *, int, int, void *); - -VNET_DECLARE(int, ip_gif_ttl); -#define V_ip_gif_ttl VNET(ip_gif_ttl) - #endif /* _KERNEL */ #define GIFGOPTS _IOWR('i', 150, struct ifreq) Modified: stable/8/sys/net/route.c ============================================================================== --- stable/8/sys/net/route.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/net/route.c Thu May 6 06:44:19 2010 (r207695) @@ -88,15 +88,14 @@ SYSCTL_INT(_net, OID_AUTO, add_addr_allf &rt_add_addr_allfibs, 0, ""); TUNABLE_INT("net.add_addr_allfibs", &rt_add_addr_allfibs); -VNET_DEFINE(struct radix_node_head *, rt_tables); -static VNET_DEFINE(uma_zone_t, rtzone); /* Routing table UMA zone. */ -VNET_DEFINE(int, rttrash); /* routes not in table but not freed */ VNET_DEFINE(struct rtstat, rtstat); +#define V_rtstat VNET(rtstat) +VNET_DEFINE(struct radix_node_head *, rt_tables); #define V_rt_tables VNET(rt_tables) -#define V_rtzone VNET(rtzone) + +VNET_DEFINE(int, rttrash); /* routes not in table but not freed */ #define V_rttrash VNET(rttrash) -#define V_rtstat VNET(rtstat) /* compare two sockaddr structures */ @@ -114,6 +113,9 @@ VNET_DEFINE(struct rtstat, rtstat); */ #define RNTORT(p) ((struct rtentry *)(p)) +static VNET_DEFINE(uma_zone_t, rtzone); /* Routing table UMA zone. */ +#define V_rtzone VNET(rtzone) + #if 0 /* default fib for tunnels to use */ u_int tunnel_fib = 0; Modified: stable/8/sys/netinet/icmp6.h ============================================================================== --- stable/8/sys/netinet/icmp6.h Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/icmp6.h Thu May 6 06:44:19 2010 (r207695) @@ -652,7 +652,6 @@ struct rtentry; struct rttimer; struct in6_multi; # endif -void icmp6_init(void); void icmp6_paramerror(struct mbuf *, int); void icmp6_error(struct mbuf *, int, int, int); void icmp6_error2(struct mbuf *, int, int, int, struct ifnet *); Modified: stable/8/sys/netinet/if_ether.c ============================================================================== --- stable/8/sys/netinet/if_ether.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/if_ether.c Thu May 6 06:44:19 2010 (r207695) @@ -82,16 +82,15 @@ SYSCTL_DECL(_net_link_ether); SYSCTL_NODE(_net_link_ether, PF_INET, inet, CTLFLAG_RW, 0, ""); SYSCTL_NODE(_net_link_ether, PF_ARP, arp, CTLFLAG_RW, 0, ""); -VNET_DEFINE(int, useloopback) = 1; /* use loopback interface for - * local traffic */ - /* timer values */ static VNET_DEFINE(int, arpt_keep) = (20*60); /* once resolved, good for 20 * minutes */ +static VNET_DEFINE(int, arp_maxtries) = 5; +VNET_DEFINE(int, useloopback) = 1; /* use loopback interface for + * local traffic */ +static VNET_DEFINE(int, arp_proxyall) = 0; static VNET_DEFINE(int, arpt_down) = 20; /* keep incomplete entries for * 20 seconds */ -static VNET_DEFINE(int, arp_maxtries) = 5; -static VNET_DEFINE(int, arp_proxyall); static VNET_DEFINE(struct arpstat, arpstat); /* ARP statistics, see if_arp.h */ #define V_arpt_keep VNET(arpt_keep) @@ -103,7 +102,6 @@ static VNET_DEFINE(struct arpstat, arpst SYSCTL_VNET_INT(_net_link_ether_inet, OID_AUTO, max_age, CTLFLAG_RW, &VNET_NAME(arpt_keep), 0, "ARP entry lifetime in seconds"); - SYSCTL_VNET_INT(_net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_RW, &VNET_NAME(arp_maxtries), 0, "ARP resolution attempts before returning error"); Modified: stable/8/sys/netinet/in.c ============================================================================== --- stable/8/sys/netinet/in.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/in.c Thu May 6 06:44:19 2010 (r207695) @@ -77,20 +77,19 @@ static int in_ifinit(struct ifnet *, static void in_purgemaddrs(struct ifnet *); static VNET_DEFINE(int, subnetsarelocal); -static VNET_DEFINE(int, sameprefixcarponly); -VNET_DECLARE(struct inpcbinfo, ripcbinfo); - #define V_subnetsarelocal VNET(subnetsarelocal) -#define V_sameprefixcarponly VNET(sameprefixcarponly) -#define V_ripcbinfo VNET(ripcbinfo) - SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, subnets_are_local, CTLFLAG_RW, &VNET_NAME(subnetsarelocal), 0, "Treat all subnets as directly connected"); +static VNET_DEFINE(int, sameprefixcarponly); +#define V_sameprefixcarponly VNET(sameprefixcarponly) SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, same_prefix_carp_only, CTLFLAG_RW, &VNET_NAME(sameprefixcarponly), 0, "Refuse to create same prefixes on different interfaces"); +VNET_DECLARE(struct inpcbinfo, ripcbinfo); +#define V_ripcbinfo VNET(ripcbinfo) + /* * Return 1 if an internet address is for a ``local'' host * (one to which we have a connection). If subnetsarelocal Modified: stable/8/sys/netinet/in_gif.c ============================================================================== --- stable/8/sys/netinet/in_gif.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/in_gif.c Thu May 6 06:44:19 2010 (r207695) @@ -85,6 +85,8 @@ struct protosw in_gif_protosw = { .pr_usrreqs = &rip_usrreqs }; +VNET_DEFINE(int, ip_gif_ttl) = GIF_TTL; +#define V_ip_gif_ttl VNET(ip_gif_ttl) SYSCTL_VNET_INT(_net_inet_ip, IPCTL_GIF_TTL, gifttl, CTLFLAG_RW, &VNET_NAME(ip_gif_ttl), 0, ""); Modified: stable/8/sys/netinet/in_proto.c ============================================================================== --- stable/8/sys/netinet/in_proto.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/in_proto.c Thu May 6 06:44:19 2010 (r207695) @@ -208,7 +208,6 @@ struct protosw inetsw[] = { .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = icmp_input, .pr_ctloutput = rip_ctloutput, - .pr_init = icmp_init, .pr_usrreqs = &rip_usrreqs }, { Modified: stable/8/sys/netinet/in_rmx.c ============================================================================== --- stable/8/sys/netinet/in_rmx.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/in_rmx.c Thu May 6 06:44:19 2010 (r207695) @@ -131,22 +131,22 @@ in_matroute(void *v_arg, struct radix_no return rn; } -static VNET_DEFINE(int, rtq_reallyold); -static VNET_DEFINE(int, rtq_minreallyold); -static VNET_DEFINE(int, rtq_toomany); - +static VNET_DEFINE(int, rtq_reallyold) = 60*60; /* one hour is "really old" */ #define V_rtq_reallyold VNET(rtq_reallyold) -#define V_rtq_minreallyold VNET(rtq_minreallyold) -#define V_rtq_toomany VNET(rtq_toomany) - SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTEXPIRE, rtexpire, CTLFLAG_RW, &VNET_NAME(rtq_reallyold), 0, "Default expiration time on dynamically learned routes"); +/* never automatically crank down to less */ +static VNET_DEFINE(int, rtq_minreallyold) = 10; +#define V_rtq_minreallyold VNET(rtq_minreallyold) SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTMINEXPIRE, rtminexpire, CTLFLAG_RW, &VNET_NAME(rtq_minreallyold), 0, "Minimum time to attempt to hold onto dynamically learned routes"); +/* 128 cached routes is "too many" */ +static VNET_DEFINE(int, rtq_toomany) = 128; +#define V_rtq_toomany VNET(rtq_toomany) SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW, &VNET_NAME(rtq_toomany), 0, "Upper limit on dynamically learned routes"); @@ -239,7 +239,7 @@ in_rtqkill(struct radix_node *rn, void * } #define RTQ_TIMEOUT 60*10 /* run no less than once every ten minutes */ -static VNET_DEFINE(int, rtq_timeout); +static VNET_DEFINE(int, rtq_timeout) = RTQ_TIMEOUT; static VNET_DEFINE(struct callout, rtq_timer); #define V_rtq_timeout VNET(rtq_timeout) @@ -362,11 +362,6 @@ in_inithead(void **head, int off) if (off == 0) /* XXX MRT see above */ return 1; /* only do the rest for a real routing table */ - V_rtq_reallyold = 60*60; /* one hour is "really old" */ - V_rtq_minreallyold = 10; /* never automatically crank down to less */ - V_rtq_toomany = 128; /* 128 cached routes is "too many" */ - V_rtq_timeout = RTQ_TIMEOUT; - rnh = *head; rnh->rnh_addaddr = in_addroute; rnh->rnh_matchaddr = in_matroute; Modified: stable/8/sys/netinet/ip_icmp.c ============================================================================== --- stable/8/sys/netinet/ip_icmp.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/ip_icmp.c Thu May 6 06:44:19 2010 (r207695) @@ -75,65 +75,60 @@ __FBSDID("$FreeBSD$"); * routines to turnaround packets back to the originator, and * host table maintenance routines. */ - VNET_DEFINE(struct icmpstat, icmpstat); -static VNET_DEFINE(int, icmpmaskrepl); -static VNET_DEFINE(u_int, icmpmaskfake); -static VNET_DEFINE(int, drop_redirect); -static VNET_DEFINE(int, log_redirect); -static VNET_DEFINE(int, icmplim); -static VNET_DEFINE(int, icmplim_output); -static VNET_DEFINE(char, reply_src[IFNAMSIZ]); -static VNET_DEFINE(int, icmp_rfi); -static VNET_DEFINE(int, icmp_quotelen); -static VNET_DEFINE(int, icmpbmcastecho); - -#define V_icmpmaskrepl VNET(icmpmaskrepl) -#define V_icmpmaskfake VNET(icmpmaskfake) -#define V_drop_redirect VNET(drop_redirect) -#define V_log_redirect VNET(log_redirect) -#define V_icmplim VNET(icmplim) -#define V_icmplim_output VNET(icmplim_output) -#define V_reply_src VNET(reply_src) -#define V_icmp_rfi VNET(icmp_rfi) -#define V_icmp_quotelen VNET(icmp_quotelen) -#define V_icmpbmcastecho VNET(icmpbmcastecho) - SYSCTL_VNET_STRUCT(_net_inet_icmp, ICMPCTL_STATS, stats, CTLFLAG_RW, &VNET_NAME(icmpstat), icmpstat, ""); +static VNET_DEFINE(int, icmpmaskrepl) = 0; +#define V_icmpmaskrepl VNET(icmpmaskrepl) SYSCTL_VNET_INT(_net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, CTLFLAG_RW, &VNET_NAME(icmpmaskrepl), 0, "Reply to ICMP Address Mask Request packets."); +static VNET_DEFINE(u_int, icmpmaskfake) = 0; +#define V_icmpmaskfake VNET(icmpmaskfake) SYSCTL_VNET_UINT(_net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW, &VNET_NAME(icmpmaskfake), 0, "Fake reply to ICMP Address Mask Request packets."); +static VNET_DEFINE(int, drop_redirect) = 0; +#define V_drop_redirect VNET(drop_redirect) SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, drop_redirect, CTLFLAG_RW, &VNET_NAME(drop_redirect), 0, "Ignore ICMP redirects"); +static VNET_DEFINE(int, log_redirect) = 0; +#define V_log_redirect VNET(log_redirect) SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, log_redirect, CTLFLAG_RW, &VNET_NAME(log_redirect), 0, "Log ICMP redirects to the console"); +static VNET_DEFINE(int, icmplim) = 200; +#define V_icmplim VNET(icmplim) SYSCTL_VNET_INT(_net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW, &VNET_NAME(icmplim), 0, "Maximum number of ICMP responses per second"); +static VNET_DEFINE(int, icmplim_output) = 1; +#define V_icmplim_output VNET(icmplim_output) SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW, &VNET_NAME(icmplim_output), 0, "Enable rate limiting of ICMP responses"); +static VNET_DEFINE(char, reply_src[IFNAMSIZ]); +#define V_reply_src VNET(reply_src) SYSCTL_VNET_STRING(_net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW, &VNET_NAME(reply_src), IFNAMSIZ, "icmp reply source for non-local packets."); +static VNET_DEFINE(int, icmp_rfi) = 0; +#define V_icmp_rfi VNET(icmp_rfi) SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, reply_from_interface, CTLFLAG_RW, &VNET_NAME(icmp_rfi), 0, "ICMP reply from incoming interface for non-local packets"); +static VNET_DEFINE(int, icmp_quotelen) = 8; +#define V_icmp_quotelen VNET(icmp_quotelen) SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW, &VNET_NAME(icmp_quotelen), 0, "Number of bytes from original packet to quote in ICMP reply"); @@ -141,7 +136,8 @@ SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO /* * ICMP broadcast echo sysctl */ - +static VNET_DEFINE(int, icmpbmcastecho) = 0; +#define V_icmpbmcastecho VNET(icmpbmcastecho) SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, bmcastecho, CTLFLAG_RW, &VNET_NAME(icmpbmcastecho), 0, ""); @@ -156,21 +152,6 @@ static void icmp_send(struct mbuf *, str extern struct protosw inetsw[]; -void -icmp_init(void) -{ - - V_icmpmaskrepl = 0; - V_icmpmaskfake = 0; - V_drop_redirect = 0; - V_log_redirect = 0; - V_icmplim = 200; - V_icmplim_output = 1; - V_icmp_rfi = 0; - V_icmp_quotelen = 8; - V_icmpbmcastecho = 0; -} - /* * Kernel module interface for updating icmpstat. The argument is an index * into icmpstat treated as an array of u_long. While this encodes the Modified: stable/8/sys/netinet/ip_icmp.h ============================================================================== --- stable/8/sys/netinet/ip_icmp.h Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/ip_icmp.h Thu May 6 06:44:19 2010 (r207695) @@ -208,7 +208,6 @@ struct icmp { #ifdef _KERNEL void icmp_error(struct mbuf *, int, int, uint32_t, int); void icmp_input(struct mbuf *, int); -void icmp_init(void); int ip_next_mtu(int, int); #endif Modified: stable/8/sys/netinet/ip_input.c ============================================================================== --- stable/8/sys/netinet/ip_input.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/ip_input.c Thu May 6 06:44:19 2010 (r207695) @@ -89,66 +89,40 @@ __FBSDID("$FreeBSD$"); CTASSERT(sizeof(struct ip) == 20); #endif -static VNET_DEFINE(int, ipsendredirects) = 1; /* XXX */ -static VNET_DEFINE(int, ip_checkinterface); -static VNET_DEFINE(int, ip_keepfaith); -static VNET_DEFINE(int, ip_sendsourcequench); - -#define V_ipsendredirects VNET(ipsendredirects) -#define V_ip_checkinterface VNET(ip_checkinterface) -#define V_ip_keepfaith VNET(ip_keepfaith) -#define V_ip_sendsourcequench VNET(ip_sendsourcequench) - -VNET_DEFINE(int, ip_defttl) = IPDEFTTL; -VNET_DEFINE(int, ip_do_randomid); -VNET_DEFINE(int, ipforwarding); - -VNET_DEFINE(struct in_ifaddrhead, in_ifaddrhead); /* first inet address */ -VNET_DEFINE(struct in_ifaddrhashhead *, in_ifaddrhashtbl); /* inet addr hash table */ -VNET_DEFINE(u_long, in_ifaddrhmask); /* mask for hash table */ -VNET_DEFINE(struct ipstat, ipstat); - -static VNET_DEFINE(int, ip_rsvp_on); -VNET_DEFINE(struct socket *, ip_rsvpd); -VNET_DEFINE(int, rsvp_on); - -#define V_ip_rsvp_on VNET(ip_rsvp_on) - -static VNET_DEFINE(TAILQ_HEAD(ipqhead, ipq), ipq[IPREASS_NHASH]); -static VNET_DEFINE(int, maxnipq); /* Administrative limit on # reass queues. */ -static VNET_DEFINE(int, maxfragsperpacket); -static VNET_DEFINE(int, nipq); /* Total # of reass queues */ - -#define V_ipq VNET(ipq) -#define V_maxnipq VNET(maxnipq) -#define V_maxfragsperpacket VNET(maxfragsperpacket) -#define V_nipq VNET(nipq) - -VNET_DEFINE(int, ipstealth); - struct rwlock in_ifaddr_lock; RW_SYSINIT(in_ifaddr_lock, &in_ifaddr_lock, "in_ifaddr_lock"); +VNET_DEFINE(int, rsvp_on); + +VNET_DEFINE(int, ipforwarding); SYSCTL_VNET_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW, &VNET_NAME(ipforwarding), 0, "Enable IP forwarding between interfaces"); +static VNET_DEFINE(int, ipsendredirects) = 1; /* XXX */ +#define V_ipsendredirects VNET(ipsendredirects) SYSCTL_VNET_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW, &VNET_NAME(ipsendredirects), 0, "Enable sending IP redirects"); +VNET_DEFINE(int, ip_defttl) = IPDEFTTL; SYSCTL_VNET_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW, &VNET_NAME(ip_defttl), 0, "Maximum TTL on IP packets"); +static VNET_DEFINE(int, ip_keepfaith); +#define V_ip_keepfaith VNET(ip_keepfaith) SYSCTL_VNET_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW, &VNET_NAME(ip_keepfaith), 0, "Enable packet capture for FAITH IPv4->IPv6 translater daemon"); +static VNET_DEFINE(int, ip_sendsourcequench); +#define V_ip_sendsourcequench VNET(ip_sendsourcequench) SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW, &VNET_NAME(ip_sendsourcequench), 0, "Enable the transmission of source quench packets"); +VNET_DEFINE(int, ip_do_randomid); SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW, &VNET_NAME(ip_do_randomid), 0, "Assign random ip_id values"); @@ -166,6 +140,8 @@ SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, * to the loopback interface instead of the interface where the * packets for those addresses are received. */ +static VNET_DEFINE(int, ip_checkinterface); +#define V_ip_checkinterface VNET(ip_checkinterface) SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW, &VNET_NAME(ip_checkinterface), 0, "Verify packet arrives on correct interface"); @@ -182,16 +158,22 @@ static struct netisr_handler ip_nh = { extern struct domain inetdomain; extern struct protosw inetsw[]; u_char ip_protox[IPPROTO_MAX]; +VNET_DEFINE(struct in_ifaddrhead, in_ifaddrhead); /* first inet address */ +VNET_DEFINE(struct in_ifaddrhashhead *, in_ifaddrhashtbl); /* inet addr hash table */ +VNET_DEFINE(u_long, in_ifaddrhmask); /* mask for hash table */ +VNET_DEFINE(struct ipstat, ipstat); SYSCTL_VNET_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW, &VNET_NAME(ipstat), ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)"); static VNET_DEFINE(uma_zone_t, ipq_zone); -#define V_ipq_zone VNET(ipq_zone) - +static VNET_DEFINE(TAILQ_HEAD(ipqhead, ipq), ipq[IPREASS_NHASH]); static struct mtx ipqlock; +#define V_ipq_zone VNET(ipq_zone) +#define V_ipq VNET(ipq) + #define IPQ_LOCK() mtx_lock(&ipqlock) #define IPQ_UNLOCK() mtx_unlock(&ipqlock) #define IPQ_LOCK_INIT() mtx_init(&ipqlock, "ipqlock", NULL, MTX_DEF) @@ -201,10 +183,16 @@ static void maxnipq_update(void); static void ipq_zone_change(void *); static void ip_drain_locked(void); +static VNET_DEFINE(int, maxnipq); /* Administrative limit on # reass queues. */ +static VNET_DEFINE(int, nipq); /* Total # of reass queues */ +#define V_maxnipq VNET(maxnipq) +#define V_nipq VNET(nipq) SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, fragpackets, CTLFLAG_RD, &VNET_NAME(nipq), 0, "Current number of IPv4 fragment reassembly queue entries"); +static VNET_DEFINE(int, maxfragsperpacket); +#define V_maxfragsperpacket VNET(maxfragsperpacket) SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW, &VNET_NAME(maxfragsperpacket), 0, "Maximum number of IPv4 fragments allowed per packet"); @@ -217,6 +205,7 @@ SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, m #endif #ifdef IPSTEALTH +VNET_DEFINE(int, ipstealth); SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, &VNET_NAME(ipstealth), 0, "IP stealth mode, no TTL decrementation on forwarding"); @@ -1740,6 +1729,11 @@ makedummy: * locking. This code remains in ip_input.c as ip_mroute.c is optionally * compiled. */ +static VNET_DEFINE(int, ip_rsvp_on); +VNET_DEFINE(struct socket *, ip_rsvpd); + +#define V_ip_rsvp_on VNET(ip_rsvp_on) + int ip_rsvp_init(struct socket *so) { Modified: stable/8/sys/netinet/ip_var.h ============================================================================== --- stable/8/sys/netinet/ip_var.h Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/ip_var.h Thu May 6 06:44:19 2010 (r207695) @@ -181,9 +181,13 @@ VNET_DECLARE(int, ipforwarding); /* ip #ifdef IPSTEALTH VNET_DECLARE(int, ipstealth); /* stealth forwarding */ #endif -VNET_DECLARE(int, rsvp_on); +extern u_char ip_protox[]; VNET_DECLARE(struct socket *, ip_rsvpd); /* reservation protocol daemon*/ VNET_DECLARE(struct socket *, ip_mrouter); /* multicast routing daemon */ +extern int (*legal_vif_num)(int); +extern u_long (*ip_mcast_src)(int); +VNET_DECLARE(int, rsvp_on); +extern struct pr_usrreqs rip_usrreqs; #define V_ipstat VNET(ipstat) #define V_ip_id VNET(ip_id) @@ -192,14 +196,9 @@ VNET_DECLARE(struct socket *, ip_mrouter #ifdef IPSTEALTH #define V_ipstealth VNET(ipstealth) #endif -#define V_rsvp_on VNET(rsvp_on) #define V_ip_rsvpd VNET(ip_rsvpd) #define V_ip_mrouter VNET(ip_mrouter) - -extern u_char ip_protox[]; -extern int (*legal_vif_num)(int); -extern u_long (*ip_mcast_src)(int); -extern struct pr_usrreqs rip_usrreqs; +#define V_rsvp_on VNET(rsvp_on) void inp_freemoptions(struct ip_moptions *); int inp_getmoptions(struct inpcb *, struct sockopt *); Modified: stable/8/sys/netinet/tcp_hostcache.c ============================================================================== --- stable/8/sys/netinet/tcp_hostcache.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/tcp_hostcache.c Thu May 6 06:44:19 2010 (r207695) @@ -107,9 +107,9 @@ __FBSDID("$FreeBSD$"); #define TCP_HOSTCACHE_PRUNE 5*60 /* every 5 minutes */ static VNET_DEFINE(struct tcp_hostcache, tcp_hostcache); -static VNET_DEFINE(struct callout, tcp_hc_callout); - #define V_tcp_hostcache VNET(tcp_hostcache) + +static VNET_DEFINE(struct callout, tcp_hc_callout); #define V_tcp_hc_callout VNET(tcp_hc_callout) static struct hc_metrics *tcp_hc_lookup(struct in_conninfo *); Modified: stable/8/sys/netinet/tcp_input.c ============================================================================== --- stable/8/sys/netinet/tcp_input.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/tcp_input.c Thu May 6 06:44:19 2010 (r207695) @@ -99,20 +99,6 @@ __FBSDID("$FreeBSD$"); static const int tcprexmtthresh = 3; VNET_DEFINE(struct tcpstat, tcpstat); -VNET_DEFINE(int, blackhole); -VNET_DEFINE(int, tcp_delack_enabled); -VNET_DEFINE(int, drop_synfin); -VNET_DEFINE(int, tcp_do_rfc3042); -VNET_DEFINE(int, tcp_do_rfc3390); -VNET_DEFINE(int, tcp_do_ecn); -VNET_DEFINE(int, tcp_ecn_maxretries); -VNET_DEFINE(int, tcp_insecure_rst); -VNET_DEFINE(int, tcp_do_autorcvbuf); -VNET_DEFINE(int, tcp_autorcvbuf_inc); -VNET_DEFINE(int, tcp_autorcvbuf_max); -VNET_DEFINE(int, tcp_do_rfc3465); -VNET_DEFINE(int, tcp_abc_l_var); - SYSCTL_VNET_STRUCT(_net_inet_tcp, TCPCTL_STATS, stats, CTLFLAG_RW, &VNET_NAME(tcpstat), tcpstat, "TCP statistics (struct tcpstat, netinet/tcp_var.h)"); @@ -122,56 +108,79 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_ &tcp_log_in_vain, 0, "Log all incoming TCP segments to closed ports"); +VNET_DEFINE(int, blackhole) = 0; +#define V_blackhole VNET(blackhole) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW, &VNET_NAME(blackhole), 0, "Do not send RST on segments to closed ports"); +VNET_DEFINE(int, tcp_delack_enabled) = 1; SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW, &VNET_NAME(tcp_delack_enabled), 0, "Delay ACK to try and piggyback it onto a data packet"); +VNET_DEFINE(int, drop_synfin) = 0; +#define V_drop_synfin VNET(drop_synfin) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, drop_synfin, CTLFLAG_RW, &VNET_NAME(drop_synfin), 0, "Drop TCP packets with SYN+FIN set"); +VNET_DEFINE(int, tcp_do_rfc3042) = 1; +#define V_tcp_do_rfc3042 VNET(tcp_do_rfc3042) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3042, CTLFLAG_RW, &VNET_NAME(tcp_do_rfc3042), 0, "Enable RFC 3042 (Limited Transmit)"); +VNET_DEFINE(int, tcp_do_rfc3390) = 1; +#define V_tcp_do_rfc3390 VNET(tcp_do_rfc3390) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3390, CTLFLAG_RW, &VNET_NAME(tcp_do_rfc3390), 0, "Enable RFC 3390 (Increasing TCP's Initial Congestion Window)"); +VNET_DEFINE(int, tcp_do_rfc3465) = 1; +#define V_tcp_do_rfc3465 VNET(tcp_do_rfc3465) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3465, CTLFLAG_RW, &VNET_NAME(tcp_do_rfc3465), 0, "Enable RFC 3465 (Appropriate Byte Counting)"); +VNET_DEFINE(int, tcp_abc_l_var) = 2; +#define V_tcp_abc_l_var VNET(tcp_abc_l_var) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, abc_l_var, CTLFLAG_RW, &VNET_NAME(tcp_abc_l_var), 2, "Cap the max cwnd increment during slow-start to this number of segments"); SYSCTL_NODE(_net_inet_tcp, OID_AUTO, ecn, CTLFLAG_RW, 0, "TCP ECN"); +VNET_DEFINE(int, tcp_do_ecn) = 0; SYSCTL_VNET_INT(_net_inet_tcp_ecn, OID_AUTO, enable, CTLFLAG_RW, &VNET_NAME(tcp_do_ecn), 0, "TCP ECN support"); +VNET_DEFINE(int, tcp_ecn_maxretries) = 1; SYSCTL_VNET_INT(_net_inet_tcp_ecn, OID_AUTO, maxretries, CTLFLAG_RW, &VNET_NAME(tcp_ecn_maxretries), 0, "Max retries before giving up on ECN"); +VNET_DEFINE(int, tcp_insecure_rst) = 0; +#define V_tcp_insecure_rst VNET(tcp_insecure_rst) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, insecure_rst, CTLFLAG_RW, &VNET_NAME(tcp_insecure_rst), 0, "Follow the old (insecure) criteria for accepting RST packets"); +VNET_DEFINE(int, tcp_do_autorcvbuf) = 1; +#define V_tcp_do_autorcvbuf VNET(tcp_do_autorcvbuf) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_auto, CTLFLAG_RW, &VNET_NAME(tcp_do_autorcvbuf), 0, "Enable automatic receive buffer sizing"); +VNET_DEFINE(int, tcp_autorcvbuf_inc) = 16*1024; +#define V_tcp_autorcvbuf_inc VNET(tcp_autorcvbuf_inc) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_inc, CTLFLAG_RW, &VNET_NAME(tcp_autorcvbuf_inc), 0, "Incrementor step size of automatic receive buffer"); +VNET_DEFINE(int, tcp_autorcvbuf_max) = 256*1024; +#define V_tcp_autorcvbuf_max VNET(tcp_autorcvbuf_max) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_max, CTLFLAG_RW, &VNET_NAME(tcp_autorcvbuf_max), 0, "Max size of automatic receive buffer"); @@ -181,8 +190,8 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, read &tcp_read_locking, 0, "Enable read locking strategy"); VNET_DEFINE(struct inpcbhead, tcb); -VNET_DEFINE(struct inpcbinfo, tcbinfo); #define tcb6 tcb /* for KAME src sync over BSD*'s */ +VNET_DEFINE(struct inpcbinfo, tcbinfo); static void tcp_dooptions(struct tcpopt *, u_char *, int, int); static void tcp_do_segment(struct mbuf *, struct tcphdr *, Modified: stable/8/sys/netinet/tcp_output.c ============================================================================== --- stable/8/sys/netinet/tcp_output.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/tcp_output.c Thu May 6 06:44:19 2010 (r207695) @@ -87,43 +87,46 @@ __FBSDID("$FreeBSD$"); extern struct mbuf *m_copypack(); #endif -VNET_DEFINE(int, path_mtu_discovery); -VNET_DEFINE(int, ss_fltsz); -VNET_DEFINE(int, ss_fltsz_local); -VNET_DEFINE(int, tcp_do_newreno); -VNET_DEFINE(int, tcp_do_tso); -VNET_DEFINE(int, tcp_do_autosndbuf); -VNET_DEFINE(int, tcp_autosndbuf_inc); -VNET_DEFINE(int, tcp_autosndbuf_max); - +VNET_DEFINE(int, path_mtu_discovery) = 1; SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, path_mtu_discovery, CTLFLAG_RW, &VNET_NAME(path_mtu_discovery), 1, "Enable Path MTU Discovery"); +VNET_DEFINE(int, ss_fltsz) = 1; SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, slowstart_flightsize, CTLFLAG_RW, &VNET_NAME(ss_fltsz), 1, "Slow start flight size"); +VNET_DEFINE(int, ss_fltsz_local) = 4; SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, local_slowstart_flightsize, CTLFLAG_RW, &VNET_NAME(ss_fltsz_local), 1, "Slow start flight size for local networks"); +VNET_DEFINE(int, tcp_do_newreno) = 1; SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, newreno, CTLFLAG_RW, &VNET_NAME(tcp_do_newreno), 0, "Enable NewReno Algorithms"); +VNET_DEFINE(int, tcp_do_tso) = 1; +#define V_tcp_do_tso VNET(tcp_do_tso) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, tso, CTLFLAG_RW, &VNET_NAME(tcp_do_tso), 0, "Enable TCP Segmentation Offload"); +VNET_DEFINE(int, tcp_do_autosndbuf) = 1; +#define V_tcp_do_autosndbuf VNET(tcp_do_autosndbuf) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_auto, CTLFLAG_RW, &VNET_NAME(tcp_do_autosndbuf), 0, "Enable automatic send buffer sizing"); +VNET_DEFINE(int, tcp_autosndbuf_inc) = 8*1024; +#define V_tcp_autosndbuf_inc VNET(tcp_autosndbuf_inc) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_inc, CTLFLAG_RW, &VNET_NAME(tcp_autosndbuf_inc), 0, "Incrementor step size of automatic send buffer"); +VNET_DEFINE(int, tcp_autosndbuf_max) = 256*1024; +#define V_tcp_autosndbuf_max VNET(tcp_autosndbuf_max) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_max, CTLFLAG_RW, &VNET_NAME(tcp_autosndbuf_max), 0, "Max size of automatic send buffer"); Modified: stable/8/sys/netinet/tcp_reass.c ============================================================================== --- stable/8/sys/netinet/tcp_reass.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/tcp_reass.c Thu May 6 06:44:19 2010 (r207695) @@ -74,30 +74,28 @@ __FBSDID("$FreeBSD$"); #include #endif /* TCPDEBUG */ -static VNET_DEFINE(int, tcp_reass_maxseg); -VNET_DEFINE(int, tcp_reass_qsize); -static VNET_DEFINE(int, tcp_reass_maxqlen); -static VNET_DEFINE(int, tcp_reass_overflows); - -#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg) -#define V_tcp_reass_maxqlen VNET(tcp_reass_maxqlen) -#define V_tcp_reass_overflows VNET(tcp_reass_overflows) - SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0, "TCP Segment Reassembly Queue"); +static VNET_DEFINE(int, tcp_reass_maxseg) = 0; +#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg) SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, &VNET_NAME(tcp_reass_maxseg), 0, "Global maximum number of TCP Segments in Reassembly Queue"); +VNET_DEFINE(int, tcp_reass_qsize) = 0; SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, cursegments, CTLFLAG_RD, &VNET_NAME(tcp_reass_qsize), 0, "Global number of TCP Segments currently in Reassembly Queue"); +static VNET_DEFINE(int, tcp_reass_maxqlen) = 48; +#define V_tcp_reass_maxqlen VNET(tcp_reass_maxqlen) SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxqlen, CTLFLAG_RW, &VNET_NAME(tcp_reass_maxqlen), 0, "Maximum number of TCP Segments per individual Reassembly Queue"); +static VNET_DEFINE(int, tcp_reass_overflows) = 0; +#define V_tcp_reass_overflows VNET(tcp_reass_overflows) SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLFLAG_RD, &VNET_NAME(tcp_reass_overflows), 0, "Global number of TCP Segment Reassembly Queue Overflows"); @@ -117,11 +115,6 @@ void tcp_reass_init(void) { - V_tcp_reass_maxseg = 0; - V_tcp_reass_qsize = 0; - V_tcp_reass_maxqlen = 48; - V_tcp_reass_overflows = 0; - V_tcp_reass_maxseg = nmbclusters / 16; TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments", &V_tcp_reass_maxseg); Modified: stable/8/sys/netinet/tcp_sack.c ============================================================================== --- stable/8/sys/netinet/tcp_sack.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/tcp_sack.c Thu May 6 06:44:19 2010 (r207695) @@ -123,29 +123,28 @@ __FBSDID("$FreeBSD$"); #include VNET_DECLARE(struct uma_zone *, sack_hole_zone); -VNET_DEFINE(int, tcp_do_sack); -VNET_DEFINE(int, tcp_sack_maxholes); -VNET_DEFINE(int, tcp_sack_globalmaxholes); -VNET_DEFINE(int, tcp_sack_globalholes); - #define V_sack_hole_zone VNET(sack_hole_zone) -#define V_tcp_do_sack VNET(tcp_do_sack) -#define V_tcp_sack_maxholes VNET(tcp_sack_maxholes) -#define V_tcp_sack_globalmaxholes VNET(tcp_sack_globalmaxholes) -#define V_tcp_sack_globalholes VNET(tcp_sack_globalholes) SYSCTL_NODE(_net_inet_tcp, OID_AUTO, sack, CTLFLAG_RW, 0, "TCP SACK"); +VNET_DEFINE(int, tcp_do_sack) = 1; +#define V_tcp_do_sack VNET(tcp_do_sack) SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, enable, CTLFLAG_RW, &VNET_NAME(tcp_do_sack), 0, "Enable/Disable TCP SACK support"); +VNET_DEFINE(int, tcp_sack_maxholes) = 128; +#define V_tcp_sack_maxholes VNET(tcp_sack_maxholes) SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, maxholes, CTLFLAG_RW, &VNET_NAME(tcp_sack_maxholes), 0, "Maximum number of TCP SACK holes allowed per connection"); +VNET_DEFINE(int, tcp_sack_globalmaxholes) = 65536; +#define V_tcp_sack_globalmaxholes VNET(tcp_sack_globalmaxholes) SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, globalmaxholes, CTLFLAG_RW, &VNET_NAME(tcp_sack_globalmaxholes), 0, "Global maximum number of TCP SACK holes"); +VNET_DEFINE(int, tcp_sack_globalholes) = 0; +#define V_tcp_sack_globalholes VNET(tcp_sack_globalholes) SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, globalholes, CTLFLAG_RD, &VNET_NAME(tcp_sack_globalholes), 0, "Global number of TCP SACK holes currently allocated"); Modified: stable/8/sys/netinet/tcp_subr.c ============================================================================== --- stable/8/sys/netinet/tcp_subr.c Thu May 6 04:57:33 2010 (r207694) +++ stable/8/sys/netinet/tcp_subr.c Thu May 6 06:44:19 2010 (r207695) @@ -111,28 +111,10 @@ __FBSDID("$FreeBSD$"); #include -VNET_DEFINE(int, tcp_mssdflt); +VNET_DEFINE(int, tcp_mssdflt) = TCP_MSS; #ifdef INET6 -VNET_DEFINE(int, tcp_v6mssdflt); +VNET_DEFINE(int, tcp_v6mssdflt) = TCP6_MSS; #endif -VNET_DEFINE(int, tcp_minmss); -VNET_DEFINE(int, tcp_do_rfc1323); - -static VNET_DEFINE(int, icmp_may_rst); -static VNET_DEFINE(int, tcp_isn_reseed_interval); -static VNET_DEFINE(int, tcp_inflight_enable); -static VNET_DEFINE(int, tcp_inflight_rttthresh); -static VNET_DEFINE(int, tcp_inflight_min); -static VNET_DEFINE(int, tcp_inflight_max); -static VNET_DEFINE(int, tcp_inflight_stab); - -#define V_icmp_may_rst VNET(icmp_may_rst) -#define V_tcp_isn_reseed_interval VNET(tcp_isn_reseed_interval) -#define V_tcp_inflight_enable VNET(tcp_inflight_enable) -#define V_tcp_inflight_rttthresh VNET(tcp_inflight_rttthresh) -#define V_tcp_inflight_min VNET(tcp_inflight_min) -#define V_tcp_inflight_max VNET(tcp_inflight_max) -#define V_tcp_inflight_stab VNET(tcp_inflight_stab) static int sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS) @@ -194,10 +176,12 @@ vnet_sysctl_msec_to_ticks(SYSCTL_HANDLER * with packet generation and sending. Set to zero to disable MINMSS * checking. This setting prevents us from sending too small packets. */ +VNET_DEFINE(int, tcp_minmss) = TCP_MINMSS; SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, minmss, CTLFLAG_RW, &VNET_NAME(tcp_minmss), 0, "Minmum TCP Maximum Segment Size"); +VNET_DEFINE(int, tcp_do_rfc1323) = 1; SYSCTL_VNET_INT(_net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323, CTLFLAG_RW, &VNET_NAME(tcp_do_rfc1323), 0, "Enable rfc1323 (high performance TCP) extensions"); @@ -217,10 +201,14 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_t SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, pcbcount, CTLFLAG_RD, &VNET_NAME(tcbinfo.ipi_count), 0, "Number of active PCBs"); +static VNET_DEFINE(int, icmp_may_rst) = 1; +#define V_icmp_may_rst VNET(icmp_may_rst) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW, &VNET_NAME(icmp_may_rst), 0, "Certain ICMP unreachable messages may abort connections in SYN_SENT"); +static VNET_DEFINE(int, tcp_isn_reseed_interval) = 0; +#define V_tcp_isn_reseed_interval VNET(tcp_isn_reseed_interval) SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, isn_reseed_interval, CTLFLAG_RW, &VNET_NAME(tcp_isn_reseed_interval), 0, "Seconds between reseeding of ISN secret"); @@ -233,6 +221,8 @@ SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, SYSCTL_NODE(_net_inet_tcp, OID_AUTO, inflight, CTLFLAG_RW, 0, "TCP inflight data limiting"); +static VNET_DEFINE(int, tcp_inflight_enable) = 1; +#define V_tcp_inflight_enable VNET(tcp_inflight_enable) SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, enable, CTLFLAG_RW, &VNET_NAME(tcp_inflight_enable), 0, "Enable automatic TCP inflight data limiting"); @@ -242,19 +232,27 @@ SYSCTL_INT(_net_inet_tcp_inflight, OID_A &tcp_inflight_debug, 0, "Debug TCP inflight calculations"); +static VNET_DEFINE(int, tcp_inflight_rttthresh); +#define V_tcp_inflight_rttthresh VNET(tcp_inflight_rttthresh) SYSCTL_VNET_PROC(_net_inet_tcp_inflight, OID_AUTO, rttthresh, CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(tcp_inflight_rttthresh), 0, vnet_sysctl_msec_to_ticks, "I", "RTT threshold below which inflight will deactivate itself"); +static VNET_DEFINE(int, tcp_inflight_min) = 6144; +#define V_tcp_inflight_min VNET(tcp_inflight_min) SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, min, CTLFLAG_RW, &VNET_NAME(tcp_inflight_min), 0, "Lower-bound for TCP inflight window"); +static VNET_DEFINE(int, tcp_inflight_max) = TCP_MAXWIN << TCP_MAX_WINSHIFT; +#define V_tcp_inflight_max VNET(tcp_inflight_max) SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, max, CTLFLAG_RW, &VNET_NAME(tcp_inflight_max), 0, "Upper-bound for TCP inflight window"); +static VNET_DEFINE(int, tcp_inflight_stab) = 20; +#define V_tcp_inflight_stab VNET(tcp_inflight_stab) SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, stab, CTLFLAG_RW, &VNET_NAME(tcp_inflight_stab), 0, "Inflight Algorithm Stabilization 20 = 2 packets"); @@ -323,53 +321,6 @@ tcp_init(void) { int hashsize; - V_blackhole = 0; - V_tcp_delack_enabled = 1; - V_drop_synfin = 0; - V_tcp_do_rfc3042 = 1; - V_tcp_do_rfc3390 = 1; - V_tcp_do_ecn = 0; - V_tcp_ecn_maxretries = 1; - V_tcp_insecure_rst = 0; - V_tcp_do_autorcvbuf = 1; - V_tcp_autorcvbuf_inc = 16*1024; - V_tcp_autorcvbuf_max = 256*1024; - V_tcp_do_rfc3465 = 1; - V_tcp_abc_l_var = 2; - - V_tcp_mssdflt = TCP_MSS; -#ifdef INET6 - V_tcp_v6mssdflt = TCP6_MSS; -#endif - V_tcp_minmss = TCP_MINMSS; - V_tcp_do_rfc1323 = 1; - V_icmp_may_rst = 1; - V_tcp_isn_reseed_interval = 0; - V_tcp_inflight_enable = 1; - V_tcp_inflight_min = 6144; - V_tcp_inflight_max = TCP_MAXWIN << TCP_MAX_WINSHIFT; - V_tcp_inflight_stab = 20; - - V_path_mtu_discovery = 1; - V_ss_fltsz = 1; - V_ss_fltsz_local = 4; - V_tcp_do_newreno = 1; - V_tcp_do_tso = 1; *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***