This avoids ipconfig having to explicitely specify the tag
when we want to set route type, as the tag can be provided
implicitely thru the "tag" command.
This adds a new route "t"-flag that enables network address translation,
replacing the source address (and local port) of a forwarded packet to
one of the outgoing interface.
The state for a translation is kept in a new Translation structure,
which contains two Iphash entries, so it can be inserted into the
per protocol 4-tuple hash table, requiering no extra lookups.
Translations have a low overhead (~200 bytes on amd64),
so we can have many of them. They get reused after 5 minutes
of inactivity or when the per protocol limit of 1000 entries
is reached (then the one with longest inactivity is reused).
The protocol needs to export a "forward" function that is responsible
for modifying the forwarded packet, and then handle translations in
its input function for iphash hits with Iphash.trans != 0.
This patch also fixes a few minor things found during development:
- Include the Iphash in the Conv structure, avoiding estra malloc
- Fix ttl exceeded check (ttl < 1 -> ttl <= 1)
- Router should not reply with ttl exceeded for multicast flows
- Extra checks for icmp advice to avoid protocol confusions.
Sometimes, there is the one-off occation when one needs to
pass a huge list in rc...
This change makes devenv track total memory consumption
of environment groups allowing them to grow up to 1MB in
size (including overhead).
(Before, only the variable size was restricted, but
not the amount of files being created).
The maximum value size of a single environment variable
is set to half of the total size, which allows the
occational large value. (But not many of them).
Because we track all memory consuption, it is also
now possible to create around 10k small environment
variales.
A hashtable is added for name lookups and the qid.path
was changed to allow direct indexing into the entry
array without needing a scan lookup.
All smalloc() calls have been removed, exhaustion is
handled with error(Enomem) avoiding deadlock
in case we run out of kernel memory.
Tilting allows using left/right rotated or invetrted display orientation.
This can be changed at runtime such as: echo tilt right > /dev/vgactl
This removes the old panning and vga overlays as they are only implemented
with some ancient vga controllers.
Added a ver= field to the filter to distinguish the ip version.
By default, a filter is parsed as ipv6, and after parsing
proto, src and dst fields are converted to ipv4. When no
ver= field is specified, a ip version filter is implicitely
added and both protocols are parsed.
This change also gets rid of the fast compare types as the
filed might not be aligned correctly in the packet.
This also fixes the ifc= filter, as we have to check any
local address.
this is a reimplementation of infernos os(1) command, which
allows running commands in the underhying host operating
system when inferno runs in hosted mode (emu). but unlike
inferno, we want to use it to run commands on the client
side of a inferno or drawterm session from the plan9 cpu
server, so it defaults to /mnt/term/cmd for the mountpoint.
yes, it peeks into IP packets to handle fragmentation when sending
onto tunnel ports and does mss clamping. but it can carry arbitrary
ethernet packets just fine (between ethernets).