|
|
d79585d44d
|
Circuit tests now report link quality. Also fixed a little thing in revocation propagation.
|
2017-03-01 15:12:17 -08:00 |
|
|
|
592b628523
|
comment broken TRACE message
|
2017-03-01 14:50:28 -08:00 |
|
|
|
2b10a982e9
|
Match on tag sender equals or tag recipient equals.
|
2017-02-28 09:22:10 -08:00 |
|
|
|
31bece7fa0
|
Add ipauth handling of IPv6 NDP neighbor solicitations and advertisements. IPv6 works well now with ipauth.
|
2017-02-28 07:43:40 -08:00 |
|
|
|
4436824faf
|
ipauth characteristic now works with ARP
|
2017-02-27 17:51:58 -08:00 |
|
|
|
9d7ff26f25
|
Helps if you actually add the ipauth mask to the characteristics mask.
|
2017-02-23 14:27:31 -08:00 |
|
|
|
72653e54f9
|
Finish wiring up ipauth and macauth to Network filter.
|
2017-02-23 12:34:17 -08:00 |
|
|
|
b679ebde3b
|
Ad-hoc networks, a cool and easy to implement little feature that allows controllerless networks. These only allow IPv6 6plane, no multicast, and the network ID encodes the allowed port range.
|
2017-02-22 15:32:55 -08:00 |
|
|
|
cdc289fa9c
|
Tags work.
|
2017-02-07 14:06:40 -08:00 |
|
|
|
672f17c6e9
|
Add a mask and value range to the IP tos rule field. This allows TOS to be matched more usefully. This will break anyone using tos in the beta, but nobody seems to be and its pre-release so now is the time.
|
2017-02-07 09:33:39 -08:00 |
|
|
|
78d548458b
|
Capabilities basically work but need to refactor a bit for performance reasons.
|
2017-02-06 16:38:48 -08:00 |
|
|
|
9ddc2a4331
|
Add a break action to rules engine to make capabilities easier to use.
|
2017-02-06 14:00:49 -08:00 |
|
|
|
5dbebc513a
|
Minor send path refactor to make packet I/O work on clusters if they are members of networks. Also fix a crash if compiled in cluster mode but no cluster is enabled.
|
2017-02-01 12:00:25 -08:00 |
|
|
|
ed31cb76d6
|
Fix to cluster network configs.
|
2017-01-30 16:04:05 -08:00 |
|
|
|
0b3b994241
|
Relay policy can now be computed.
|
2017-01-27 14:05:09 -08:00 |
|
|
|
c8554504f3
|
.
|
2016-12-22 18:37:46 -08:00 |
|
|
|
6b12d86209
|
Add a workaround for an edge case in TEE/REDIRECT if we are the inbound destination and teeing is only being done on the outbound side.
|
2016-12-22 18:06:35 -08:00 |
|
|
|
fe530548bb
|
Fix MATCH_RANDOM in controller.
|
2016-12-22 16:57:45 -08:00 |
|
|
|
2eaff6d484
|
Fix to characteristcs in rules engine.
|
2016-12-22 16:36:38 -08:00 |
|
|
|
226123ca08
|
Refactor controller to permit sending of pushes as well as just replies to config requests.
|
2016-11-10 11:54:47 -08:00 |
|
|
|
27d997a2e5
|
.
|
2016-10-13 15:17:17 -07:00 |
|
|
|
6469aa9df9
|
typo
|
2016-10-13 14:28:39 -07:00 |
|
|
|
ce6b5bc6f5
|
.
|
2016-10-13 14:21:24 -07:00 |
|
|
|
4f3775bb86
|
Fix ICMP match.
|
2016-10-13 14:21:00 -07:00 |
|
|
|
8850a8610a
|
Fix filter trace.
|
2016-10-13 13:59:17 -07:00 |
|
|
|
e53f63ca87
|
Broke down and added an OR to the rules engine. It is now possible to have a series of MATCHes that are ORed.
|
2016-10-11 12:00:16 -07:00 |
|
|
|
45c4ccb153
|
Add a tags both equal match.
|
2016-10-05 16:38:42 -07:00 |
|
|
|
adeb7e7da0
|
Make capability flags match more user-friendly and appropriate since "match any flag" is generally what we want.
|
2016-10-05 12:54:46 -07:00 |
|
|
|
988049f39b
|
Add new rule to rules engine: random match.
|
2016-09-30 14:07:00 -07:00 |
|
|
|
9eaa3756f8
|
Fix deadlock-causing regression in Network.
|
2016-09-30 12:22:54 -07:00 |
|
|
|
4fe9a4fe83
|
Fix memory leak.
|
2016-09-28 16:13:59 -07:00 |
|
|
|
9f550292fe
|
Simply network auth logic and always sent error on auth failure even for unknown networks to prevent forensics.
|
2016-09-27 13:49:43 -07:00 |
|
|
|
cc4bacc199
|
Cleanup, and implement compression disable flag for networks.
|
2016-09-27 12:22:25 -07:00 |
|
|
|
15c07c58b6
|
Refactored network config chunking to sign every chunk to prevent stupid DOS attack potential, and implement network config fast propagate (though we probably will not use this for a bit).
|
2016-09-27 11:33:48 -07:00 |
|
|
|
eac3667ec1
|
Bunch more refactoring and work on revocations, etc.
|
2016-09-26 16:17:02 -07:00 |
|
|
|
1f74dd4589
|
Revocation work in progress, add WATCH which is TEE with implicit rate sync (thanks JG@DCVC!), and clean up some cruft in Network.
|
2016-09-23 16:08:38 -07:00 |
|
|
|
d3524f3609
|
Refactor COM stuff a bit, and respond to COM requests a bit more readily for rapid setup. Will need to revisit later.
|
2016-09-20 21:21:34 -07:00 |
|
|
|
68e549233d
|
Revise bearer token code in controller, and add relay policy as a meta-data item presented to controller by nodes (to facilitate future meshiness).
|
2016-09-15 13:17:37 -07:00 |
|
|
|
15402933bc
|
Add physical MTU recommendation hint to network config via API.
|
2016-09-14 16:55:25 -07:00 |
|
|
|
83abc00aae
|
docs
|
2016-09-13 14:58:59 -07:00 |
|
|
|
ab9afbc749
|
(1) Public networks now get COMs even though they do not gate with them since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.
|
2016-09-09 11:36:10 -07:00 |
|
|
|
ef87069957
|
Fix gating of multicast GATHER replies since these can come from upstream, etc., and fix an issue with sending ECHO to recheck marginal paths.
|
2016-09-09 09:32:00 -07:00 |
|
|
|
0d4109a9f1
|
More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
|
2016-09-09 08:43:58 -07:00 |
|
|
|
16df2c3363
|
Clean up handling of COMs, network access control, and fix a backward compatiblity issue.
|
2016-09-08 19:48:05 -07:00 |
|
|
|
1f6b13b7fd
|
Fix bug causing null addresses to get in memberships[] hash.
|
2016-09-08 16:09:56 -07:00 |
|
|
|
daf8a66ced
|
More correct and efficient to initialize member relationship push stuff lazily when member is learned.
|
2016-09-07 15:47:20 -07:00 |
|
|
|
20278bb9e4
|
Also send MULTICAST_LIKEs to controllers.
|
2016-09-07 15:34:34 -07:00 |
|
|
|
1908aa55f5
|
Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary pushes and simplify code.
|
2016-09-07 15:15:52 -07:00 |
|
|
|
eebcf08084
|
Tweaks to new Path code for dual-stack operation, and other fixes.
|
2016-09-03 15:39:05 -07:00 |
|
|
|
22271f2a49
|
Cleanup.
|
2016-09-01 13:36:41 -07:00 |
|
