History log of /freebsd-head/sbin/ifconfig/ifconfig.c
Revision Date Author Comments
37068152ae015e666a6172b0c4fc3f076b8303bb 18-Sep-2020 np <np@FreeBSD.org> Add two new ifnet capabilities for hw checksumming and TSO for VXLAN traffic.

These are similar to the existing VLAN capabilities.

Reviewed by: kib@
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D25873
d49c58f708a0b03992404a39a92245e311e8fd62 13-Aug-2020 eugen <eugen@FreeBSD.org> ifconfig(8): plug memory leak after r361790 by me.

MFC after: 3 days
dd5a75d38669588e7ddaf952e04dd93722533c0b 04-Jun-2020 eugen <eugen@FreeBSD.org> ifconfig(8): make it possible to filter output by interface group.

Now options -g/-G allow to select/unselect interfaces by groups
in the "ifconfig -a" output just like already existing -d/-u.


to exclude loopback from the list: ifconfig -a -G lo
to show vlan interfaces only: ifconfig -a -g vlan
to show tap interfaces that are up: ifconfig -aug tap

Arguments to -g/-G may be shell patterns and both may be specified.
Later options -g/-G override previous ones.

MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D25029
1cf31620c802b9e665385827148ab45a22cef571 27-Aug-2019 jhb <jhb@FreeBSD.org> Add kernel-side support for in-kernel TLS.

KTLS adds support for in-kernel framing and encryption of Transport
Layer Security (1.0-1.2) data on TCP sockets. KTLS only supports
offload of TLS for transmitted data. Key negotation must still be
performed in userland. Once completed, transmit session keys for a
connection are provided to the kernel via a new TCP_TXTLS_ENABLE
socket option. All subsequent data transmitted on the socket is
placed into TLS frames and encrypted using the supplied keys.

Any data written to a KTLS-enabled socket via write(2), aio_write(2),
or sendfile(2) is assumed to be application data and is encoded in TLS
frames with an application data type. Individual records can be sent
with a custom type (e.g. handshake messages) via sendmsg(2) with a new
control message (TLS_SET_RECORD_TYPE) specifying the record type.

At present, rekeying is not supported though the in-kernel framework
should support rekeying.

KTLS makes use of the recently added unmapped mbufs to store TLS
frames in the socket buffer. Each TLS frame is described by a single
ext_pgs mbuf. The ext_pgs structure contains the header of the TLS
record (and trailer for encrypted records) as well as references to
the associated TLS session.

KTLS supports two primary methods of encrypting TLS frames: software
TLS and ifnet TLS.

Software TLS marks mbufs holding socket data as not ready via
M_NOTREADY similar to sendfile(2) when TLS framing information is
added to an unmapped mbuf in ktls_frame(). ktls_enqueue() is then
called to schedule TLS frames for encryption. In the case of
sendfile_iodone() calls ktls_enqueue() instead of pru_ready() leaving
the mbufs marked M_NOTREADY until encryption is completed. For other
writes (vn_sendfile when pages are available, write(2), etc.), the
PRUS_NOTREADY is set when invoking pru_send() along with invoking

A pool of worker threads (the "KTLS" kernel process) encrypts TLS
frames queued via ktls_enqueue(). Each TLS frame is temporarily
mapped using the direct map and passed to a software encryption
backend to perform the actual encryption.

(Note: The use of PHYS_TO_DMAP could be replaced with sf_bufs if
someone wished to make this work on architectures without a direct

KTLS supports pluggable software encryption backends. Internally,
Netflix uses proprietary pure-software backends. This commit includes
a simple backend in a new ktls_ocf.ko module that uses the kernel's
OpenCrypto framework to provide AES-GCM encryption of TLS frames. As
a result, software TLS is now a bit of a misnomer as it can make use
of hardware crypto accelerators.

Once software encryption has finished, the TLS frame mbufs are marked
ready via pru_ready(). At this point, the encrypted data appears as
regular payload to the TCP stack stored in unmapped mbufs.

ifnet TLS permits a NIC to offload the TLS encryption and TCP
segmentation. In this mode, a new send tag type (IF_SND_TAG_TYPE_TLS)
is allocated on the interface a socket is routed over and associated
with a TLS session. TLS records for a TLS session using ifnet TLS are
not marked M_NOTREADY but are passed down the stack unencrypted. The
ip_output_send() and ip6_output_send() helper functions that apply
send tags to outbound IP packets verify that the send tag of the TLS
record matches the outbound interface. If so, the packet is tagged
with the TLS send tag and sent to the interface. The NIC device
driver must recognize packets with the TLS send tag and schedule them
for TLS encryption and TCP segmentation. If the the outbound
interface does not match the interface in the TLS send tag, the packet
is dropped. In addition, a task is scheduled to refresh the TLS send
tag for the TLS session. If a new TLS send tag cannot be allocated,
the connection is dropped. If a new TLS send tag is allocated,
however, subsequent packets will be tagged with the correct TLS send
tag. (This latter case has been tested by configuring both ports of a
Chelsio T6 in a lagg and failing over from one port to another. As
the connections migrated to the new port, new TLS send tags were
allocated for the new port and connections resumed without being

ifnet TLS can be enabled and disabled on supported network interfaces
via new '[-]txtls[46]' options to ifconfig(8). ifnet TLS is supported
across both vlan devices and lagg interfaces using failover, lacp with
flowid enabled, or lacp with flowid enabled.

Applications may request the current KTLS mode of a connection via a
new TCP_TXTLS_MODE socket option. They can also use this socket
option to toggle between software and ifnet TLS modes.

In addition, a testing tool is available in tools/tools/switch_tls.
This is modeled on tcpdrop and uses similar syntax. However, instead
of dropping connections, -s is used to force KTLS connections to
switch to software TLS and -i is used to switch to ifnet TLS.

Various sysctls and counters are available under the kern.ipc.tls
sysctl node. The kern.ipc.tls.enable node must be set to true to
enable KTLS (it is off by default). The use of unmapped mbufs must
also be enabled via kern.ipc.mb_use_ext_pgs to enable KTLS.

KTLS is enabled via the KERN_TLS kernel option.

This patch is the culmination of years of work by several folks
including Scott Long and Randall Stewart for the original design and
implementation; Drew Gallatin for several optimizations including the
use of ext_pgs mbufs, the M_NOTREADY mechanism for TLS records
awaiting software encryption, and pluggable software crypto backends;
and John Baldwin for modifications to support hardware TLS offload.

Reviewed by: gallatin, hselasky, rrs
Obtained from: Netflix
Sponsored by: Netflix, Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D21277
520aafe3ec663aef3c6d2631d6d32bfe470eeb67 29-Jun-2019 jhb <jhb@FreeBSD.org> Add an external mbuf buffer type that holds multiple unmapped pages.

Unmapped mbufs allow sendfile to carry multiple pages of data in a
single mbuf, without mapping those pages. It is a requirement for
Netflix's in-kernel TLS, and provides a 5-10% CPU savings on heavy web
serving workloads when used by sendfile, due to effectively
compressing socket buffers by an order of magnitude, and hence
reducing cache misses.

For this new external mbuf buffer type (EXT_PGS), the ext_buf pointer
now points to a struct mbuf_ext_pgs structure instead of a data
buffer. This structure contains an array of physical addresses (this
reduces cache misses compared to an earlier version that stored an
array of vm_page_t pointers). It also stores additional fields needed
for in-kernel TLS such as the TLS header and trailer data that are
currently unused. To more easily detect these mbufs, the M_NOMAP flag
is set in m_flags in addition to M_EXT.

Various functions like m_copydata() have been updated to safely access
packet contents (using uiomove_fromphys()), to make things like BPF

NIC drivers advertise support for unmapped mbufs on transmit via a new
IFCAP_NOMAP capability. This capability can be toggled via the new
'nomap' and '-nomap' ifconfig(8) commands. For NIC drivers that only
transmit packet contents via DMA and use bus_dma, adding the
capability to if_capabilities and if_capenable should be all that is

If a NIC does not support unmapped mbufs, they are converted to a
chain of mapped mbufs (using sf_bufs to provide the mapping) in
ip_output or ip6_output. If an unmapped mbuf requires software
checksums, it is also converted to a chain of mapped mbufs before
computing the checksum.

Submitted by: gallatin (earlier version)
Reviewed by: gallatin, hselasky, rrs
Discussed with: ae, kp (firewalls)
Relnotes: yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D20616
408cf301738c0cf3d3cfb3a8f193455e5effc7e3 10-May-2019 kevans <kevans@FreeBSD.org> ifconfig(8): Add kld mappings for ipsec/enc

Additionally, providing mappings makes the comparison for already loaded
modules a little more strict. This should have been done at initial
introduction, but there was no real reason- however, it proves necessary for
enc which has a standard enc -> if_enc mapping but there also exists an
'enc' module that's actually CAM. The mapping lets us unambiguously
determine the correct module.

Discussed with: ae
MFC after: 4 days
deab606f6db9d0e8279d6ac709994e2d32f51dff 09-May-2019 kevans <kevans@FreeBSD.org> ifconfig(8): Partial revert of r347241

r347241 introduced an ifname <-> kld mapping table, mostly so tun/tap/vmnet
can autoload the correct module on use. It also inadvertently made bogus
some previously valid uses of sizeof().

Revert back to ifkind on the stack for simplicity sake. This reduces the
diff from the previous version of ifmaybeload for easiser auditing.
0f415eea65ecbddff79f47e67d6bd3bf6346fc6b 08-May-2019 kevans <kevans@FreeBSD.org> tun/tap: merge and rename to `tuntap`

tun(4) and tap(4) share the same general management interface and have a lot
in common. Bugs exist in tap(4) that have been fixed in tun(4), and
vice-versa. Let's reduce the maintenance requirements by merging them
together and using flags to differentiate between the three interface types
(tun, tap, vmnet).

This fixes a couple of tap(4)/vmnet(4) issues right out of the gate:
- tap devices may no longer be destroyed while they're open [0]
- VIMAGE issues already addressed in tun by kp

[0] emaste had removed an easy-panic-button in r240938 due to devdrn
blocking. A naive glance over this leads me to believe that this isn't quite
complete -- destroy_devl will only block while executing d_* functions, but
doesn't block the device from being destroyed while a process has it open.
The latter is the intent of the condvar in tun, so this is "fixed" (for
certain definitions of the word -- it wasn't really broken in tap, it just
wasn't quite ideal).

ifconfig(8) also grew the ability to map an interface name to a kld, so
that `ifconfig {tun,tap}0` can continue to autoload the correct module, and
`ifconfig vmnet0 create` will now autoload the correct module. This is a
low overhead addition.

(MFC commentary)

This may get MFC'd if many bugs in tun(4)/tap(4) are discovered after this,
and how critical they are. Changes after this are likely easily MFC'd
without taking this merge, but the merge will be easier.

I have no plans to do this MFC as of now.

Reviewed by: bcr (manpages), tuexen (testing, syzkaller/packetdrill)
Input also from: melifaro
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D20044
edcbc8f7441a32ec27fb2e57542bf291cb01029e 26-Feb-2019 asomers <asomers@FreeBSD.org> ifconfig: eliminate trailing whitespace

Eliminate trailing whitespace on inet, inet6, and groups lines. I think the
"list txpower" command will still show some, but I'm not able to test that.

PR: 153731
Reported-by: Nikolay Denev <ndenev@gmail.com>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D19004
b98d2a04cc42d5bda863e4e4e14c2281f0187198 26-Feb-2019 asomers <asomers@FreeBSD.org> Create a project branch for fuse(4) work.

The branch will be used for a new test suite, bug fixes, and various other
enhancements to fuse.

Sponsored by: The FreeBSD Foundation
247f8f74e75cf3c56d4d87841ac102f53d1ba76e 28-Jan-2019 pkelsey <pkelsey@FreeBSD.org> Speed up non-status operations applied to a single interface

When performing a non-status operation on a single interface, it is
not necessary for ifconfig to build a list of all addresses in the
system, sort them, then iterate through them looking for the entry for
the single interface of interest. Doing so becomes increasingly
expensive as the number of interfaces in the system grows (e.g., in a
system with 1000+ vlan(4) interfaces).

Reviewed by: ae, kp
MFC after: 1 week
Sponsored by: RG Nets
Differential Revision: https://reviews.freebsd.org/D18919
879733f03bf6518eefd5784a54a254562e1d2d80 21-Oct-2018 ae <ae@FreeBSD.org> Fix grammar.

Reported by: yuripv
MFC after: 3 weeks
e383c28ab5b8d0bdc15281e7522c368d56ac1a76 21-Oct-2018 ae <ae@FreeBSD.org> Do not allow use `create` keyword as hostname when ifconfig(8) is invoked
for already existing interface.

It appeared, that ifconfig(8) assumes `create` keyword as hostname and
tries to resolve it, when `ifconfig ifname create` invoked for already
existing interface. This can produce some unexpected results, when hostname
resolving has successfully happened. This patch adds check for such case.
When an interface is already exists, and create is only one argument,
return error message. But when there are some other arguments, just remove
create keyword from the arguments list.

Obtained from: Yandex LLC
MFC after: 3 weeks
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D17171
c38387b1170eaef2f6484f3f6814b6e635ccc189 07-Aug-2018 markj <markj@FreeBSD.org> ifconfig: Fix use of _Noreturn.

The _Noreturn is a function-specifier (like inline) which must preceed
the declarator.

Submitted by: Sebastian Huber <sebastian.huber@embedded-brains.de>
MFC after: 1 week
493992a833246f65492ae4a7a8f9794dcc30da10 18-May-2018 ae <ae@FreeBSD.org> Make the name of option that toggles IFCAP_HWRXTSTMP capability to
match the name of this capability. It was added recently and is not merged
to stable branch, so I hope it is not too late to change the name.

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D15475
dde41c97866152e8c7eb1f52f07e3e5ac43b2652 17-Apr-2018 gallatin <gallatin@FreeBSD.org> Make lagg creation more fault tolerant

- Warn, don't exit, when SIOCSLAGGPORT returns an error.

When we exit with an error during lagg creation, a single
failed NIC (which no longer attaches) can prevent lagg
creation and other configuration, such as adding an IPv4
address, and thus leave a machine unreachable.

- Preserve non-EEXISTS errors for exit status from SIOCSLAGGPORT,
in case scripts are looking for it. Hopefully this can be
extended if other parts of ifconfig can allow a "soft" failure.

- Improve the warning message to mention what lagg and what
member are problematic.

Reviewed by: jtl, glebius
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D15046
9de215608cfe3e871e92c6d6444063dd8be2b5c9 27-Mar-2018 kib <kib@FreeBSD.org> Allow to specify PCP on packets not belonging to any VLAN.

According to 802.1Q-2014, VLAN tagged packets with VLAN id 0 should be
considered as untagged, and only PCP and DEI values from the VLAN tag
are meaningful. See for instance

Make it possible to specify PCP value for outgoing packets on an
ethernet interface. When PCP is supplied, the tag is appended, VLAN
id set to 0, and PCP is filled by the supplied value. The code to do
VLAN tag encapsulation is refactored from the if_vlan.c and moved into

Drivers might have issues with filtering VID 0 packets on
receive. This bug should be fixed for each driver.

Reviewed by: ae (previous version), hselasky, melifaro
Sponsored by: Mellanox Technologies
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D14702
872b698bd4a1bfc0bf008c09228e6fd238809c75 20-Nov-2017 pfg <pfg@FreeBSD.org> General further adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
ce9362dfb845a4f4507925622f04413497a85e44 07-Nov-2017 kib <kib@FreeBSD.org> Add a place for a driver to report rx timestamps in nanoseconds from
boot for the received packets.

The rcv_tstmp field overlaps the place of Ln header length indicators,
not used by received packets. The basic pkthdr rearrangement change
in sys/mbuf.h was provided by gallatin.

There are two accompanying M_ flags: M_TSTMP means that there is the
timestamp (and it was generated by hardware).

Another flag M_TSTMP_HPREC indicates that the timestamp is
high-precision. Practically M_TSTMP_HPREC means that hardware
provided additional precision comparing with the stamps when the flag
is not set. E.g., for ConnectX all packets are stamped by hardware
when PCIe transaction to write out the completion descriptor is
performed, but PTP packet are stamped on port. For Intel cards, when
PTP assist is enabled, only PTP packets are stamped in the limited
number of registers, so if Intel cards ever start support this
mechanism, they would always set M_TSTMP | M_TSTMP_HPREC if hardware
timestamp is present for the given packet.

Add IFCAP_HWRXTSTMP interface capability to indicate the support for
hardware rx timestamping, and ifconfig(8) command to toggle it.

Based on the patch by: gallatin
Reviewed by: gallatin (previous version), hselasky
Sponsored by: Mellanox Technologies
MFC after: 2 weeks (? mbuf KBI issue)
X-Differential revision: https://reviews.freebsd.org/D12638
d662cb6fb3f4bdba2a8eaf04bbf81cfb5765606b 08-Aug-2017 garga <garga@FreeBSD.org> Add missing parenthesis on error message

Approved by: loos
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC (Netgate)
65d648c0821dd8bf589176272cb2b21f35f68cb6 03-May-2017 asomers <asomers@FreeBSD.org> Unbreak ifconfig for mlx4en(4) after r317755

ifconfig doesn't correctly infer mlx interfaces' module names, so it will
attempt to load the mlx(4) module even when not necessary.

Reported by: rstone
MFC after: 3 weeks
X-MFC-With: 317755
Sponsored by: Spectra Logic Corp
82c097df2f838515cf18ecb0f83551a5b5361760 03-May-2017 asomers <asomers@FreeBSD.org> Various Coverity fixes in ifconfig(8)

* Exit early if kldload(2) fails (1011259). This is the only change that
affects ifconfig's behavior.
* Close memory and resource leaks (1305624, 1305205, 1007100)
* Mark usage() as _Noreturn (1305806, 1305750)
* Fix some dereference after null checks (1011474, 270774)

Reported by: Coverity
CID: 1305624, 1305205, 1007100, 1305806, 1305750, 1011474,
CID: 270774, 1011259
Reviewed by: cem
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D10587
7e6cabd06e6caa6a02eeb86308dc0cb3f27e10da 28-Feb-2017 imp <imp@FreeBSD.org> Renumber copyright clause 4

Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
efa6326974ec2cdb6721fec731bcd86758d0877c 18-Jan-2017 hselasky <hselasky@FreeBSD.org> Implement kernel support for hardware rate limited sockets.

- Add RATELIMIT kernel configuration keyword which must be set to
enable the new functionality.

- Add support for hardware driven, Receive Side Scaling, RSS aware, rate
limited sendqueues and expose the functionality through the already
established SO_MAX_PACING_RATE setsockopt(). The API support rates in
the range from 1 to 4Gbytes/s which are suitable for regular TCP and
UDP streams. The setsockopt(2) manual page has been updated.

- Add rate limit function callback API to "struct ifnet" which supports
the following operations: if_snd_tag_alloc(), if_snd_tag_modify(),
if_snd_tag_query() and if_snd_tag_free().

- Add support to ifconfig to view, set and clear the IFCAP_TXRTLMT
flag, which tells if a network driver supports rate limiting or not.

- This patch also adds support for rate limiting through VLAN and LAGG
intermediate network devices.

- How rate limiting works:

1) The userspace application calls setsockopt() after accepting or
making a new connection to set the rate which is then stored in the
socket structure in the kernel. Later on when packets are transmitted
a check is made in the transmit path for rate changes. A rate change
implies a non-blocking ifp->if_snd_tag_alloc() call will be made to the
destination network interface, which then sets up a custom sendqueue
with the given rate limitation parameter. A "struct m_snd_tag" pointer is
returned which serves as a "snd_tag" hint in the m_pkthdr for the
subsequently transmitted mbufs.

2) When the network driver sees the "m->m_pkthdr.snd_tag" different
from NULL, it will move the packets into a designated rate limited sendqueue
given by the snd_tag pointer. It is up to the individual drivers how the rate
limited traffic will be rate limited.

3) Route changes are detected by the NIC drivers in the ifp->if_transmit()
routine when the ifnet pointer in the incoming snd_tag mismatches the
one of the network interface. The network adapter frees the mbuf and
returns EAGAIN which causes the ip_output() to release and clear the send
tag. Upon next ip_output() a new "snd_tag" will be tried allocated.

4) When the PCB is detached the custom sendqueue will be released by a
non-blocking ifp->if_snd_tag_free() call to the currently bound network

Reviewed by: wblock (manpages), adrian, gallatin, scottl (network)
Differential Revision: https://reviews.freebsd.org/D3687
Sponsored by: Mellanox Technologies
MFC after: 3 months
8e48e062788518254874792647e9b1d699395b16 02-Jun-2016 allanjude <allanjude@FreeBSD.org> Address feedback from hrs@ re: r301059 (ifconfig subnet mask)

- Use NI_MAXHOST to size buffers for getnameinfo()
- remove non-standard 'full' inet6 address printing
- remove 'no scope' option
- use strchr(3) to optimize replacing separator character in lladdrs

Reviewed by: gnn, jhb
Differential Revision: https://reviews.freebsd.org/D2856
700d26896ca2f6c060890f6c5523c060ee809c5a 31-May-2016 allanjude <allanjude@FreeBSD.org> ifconfig(8) now supports some output formatting options

specified by the -f flag or IFCONFIG_FORMAT environment variable, the user
can request that inet4 subnet masks be printed in CIDR or dotted-quad
notation, in addition to the traditional hex output.
inet6 prefixes can be printed in CIDR as well.

For more documentation see the ifconfig(8) man page.

PR: 169072
Requested by: seanc, marcel, brd, many others
Reviewed by: gnn, jhb (earlier version)
Relnotes: yes
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D2856
00d578928eca75be320b36d37543a7e2a4f9fbdb 27-May-2016 grehan <grehan@FreeBSD.org> Create branch for bhyve graphics import.
f13286bea2a5de0abb600bc6528987f21cf48a28 20-May-2016 truckman <truckman@FreeBSD.org> MFC r299873

Use strlcpy() instead of strncpy() when copying ifname to ensure
that it is NUL terminated. Additional NUL padding is not required
for short names.

Use sizeof(destination) in a few places instead of IFNAMSIZ.

Cast afp->af_ridreq and afp->af_addreq to make the intent of
the code more obvious.

Reported by: Coverity
CID: 1009628, 1009630, 1009631, 1009632, 1009633, 1009635, 1009638
CID: 1009639, 1009640, 1009641, 1009642, 1009643, 1009644, 1009645
CID: 1009646, 1009647, 1010049, 1010050, 1010051, 1010052, 1010053
CID: 1010054, 1011293, 1011294, 1011295, 1011296, 1011297, 1011298
CID: 1011299, 1305821, 1351720, 1351721
4d196a467d42ebc70eeb0b7276fcfe350b5570de 16-May-2016 truckman <truckman@FreeBSD.org> Use strlcpy() instead of strncpy() when copying ifname to ensure
that it is NUL terminated. Additional NUL padding is not required
for short names.

Use sizeof(destination) in a few places instead of IFNAMSIZ.

Cast afp->af_ridreq and afp->af_addreq to make the intent of
the code more obvious.

Reported by: Coverity
CID: 1009628, 1009630, 1009631, 1009632, 1009633, 1009635, 1009638
CID: 1009639, 1009640, 1009641, 1009642, 1009643, 1009644, 1009645
CID: 1009646, 1009647, 1010049, 1010050, 1010051, 1010052, 1010053
CID: 1010054, 1011293, 1011294, 1011295, 1011296, 1011297, 1011298
CID: 1011299, 1305821, 1351720, 1351721
MFC after: 1 week
a0a9dc5d39bce93901950e25e91887b10edd6402 06-Mar-2016 kp <kp@FreeBSD.org> MFC r295836:
ifconfig(8): can't use 'name' or 'description' when creating interface with auto numbering

If one does 'ifconfig tap create name blah', it will return error because the
'name' command doesn't properly populate the request sent to ioctl(...). The
'description' command has the same bug, and is also fixed with this patch.

If one does 'ifconfig tap create mtu 9000 name blah', it DOES work, but 'tap0'
(or other sequence number) is echoed, instead of the expected 'blah'. (assuming
the name change actually succeeded)

PR: 206876
Submitted by: Marie Helene Kvello-Aune <marieheleneka@gmail.com>
Differential Revision: https://reviews.freebsd.org/D5341
33ef68fedb3270f37fc4d216f733431e0e22f138 20-Feb-2016 kp <kp@FreeBSD.org> ifconfig(8): can't use 'name' or 'description' when creating interface with auto numbering

If one does 'ifconfig tap create name blah', it will return error because the
'name' command doesn't properly populate the request sent to ioctl(...). The
'description' command has the same bug, and is also fixed with this patch.

If one does 'ifconfig tap create mtu 9000 name blah', it DOES work, but 'tap0'
(or other sequence number) is echoed, instead of the expected 'blah'. (assuming
the name change actually succeeded)

Submitted by: Marie Helene Kvello-Aune <marieheleneka@gmail.com>
Differential Revision: https://reviews.freebsd.org/D5341
30790e76c24aea499d29d0d91d9b66ec174e60e0 12-Jan-2016 allanjude <allanjude@FreeBSD.org> MFC: r287842
Make ifconfig always exit with an error code if an important ioctl fails

PR: 203062
c85e427d4b01a01f4bab465891b5db701949bc74 26-Oct-2015 ngie <ngie@FreeBSD.org> MFC r288305:

Replace N #defines with nitems to simplify ifconfig code slightly
224e90af33d317174a0009f3c6d62a9aff280e42 27-Sep-2015 ngie <ngie@FreeBSD.org> Replace N #defines with nitems to simplify ifconfig code slightly

MFC after: 1 week
6093eb3b9f4368a35ac09c85817008b52cb55718 16-Sep-2015 allanjude <allanjude@FreeBSD.org> Make ifconfig always exit with an error code if an important ioctl fails

PR: 203062
Arm Twisting by: Kristof Provost
Reviewed by: kp
Approved by: bapt (mentor)
MFC after: 2 weeks
Relnotes: yes
Sponsored by: ScaleEngine Inc.
Sponsored by: vBSDCon
Differential Revision: https://reviews.freebsd.org/D3644
a91e3ef58a004aace2995a6dec20856019ce1c7d 15-Aug-2015 melifaro <melifaro@FreeBSD.org> MFC r270064,r270068,r270069,r270115,r270129,r270287,r270822,r271014,

Add support for reading i2c SFP/SFP+ data from NIC driver and
presenting most interesting fields via ifconfig -v.
This version supports Intel ixgbe driver only.

Tested on: Cisco,Intel,Mellanox,ModuleTech,Molex transceivers

* Add new net/sff8436.h containing constants used to access
QSFP+ data via i2c inteface. These constants has been taken
from SFF-8436 "QSFP+ 10 Gbs 4X PLUGGABLE TRANSCEIVER" standard
rev 4.8.
* Add support for printing QSFP+ information from 40G NICs
such as Chelsio T5.

cxl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 00:07:43:28:ad:08
media: Ethernet 40Gbase-LR4 <full-duplex>
status: active
plugged: QSFP+ 40GBASE-LR4 (MPO Parallel Optic)
vendor: OEM PN: OP-QSFP-40G-LR4 SN: 20140318001 DATE: 2014-03-18
module temperature: 64.06 C voltage: 3.26 Volts
lane 1: RX: 0.47 mW (-3.21 dBm) TX: 2.78 mW (4.46 dBm)
lane 2: RX: 0.20 mW (-6.94 dBm) TX: 2.80 mW (4.47 dBm)
lane 3: RX: 0.18 mW (-7.38 dBm) TX: 2.79 mW (4.47 dBm)
lane 4: RX: 0.90 mW (-0.45 dBm) TX: 2.80 mW (4.48 dBm)

Tested on: Chelsio T5
Tested on: Mellanox/Huawei passive/active cables/transceivers.

Sponsored by: Yandex LLC
0fbe5b3df813c02a8ba34d7696447fa1b2ed0b89 09-Apr-2015 jhb <jhb@FreeBSD.org> MFC 279951:
Simplify string mangling in ifmaybeload().
- Use strlcpy() instead of strcpy().
- Use strlcat() instead of a strlcpy() with a magic number subtracted
from the length.
- Replace strncmp(..., strlen(foo) + 1) with strcmp(...).
78d51c7b15fc92383c6c68b46966248bdaf2bf1a 06-Apr-2015 glebius <glebius@FreeBSD.org> Stop including if_var.h from userland.

Sponsored by: Nginx, Inc.
dfbeeb5833dea1dff822ac815e689445b17d0553 13-Mar-2015 jhb <jhb@FreeBSD.org> Simplify string mangling in ifmaybeload().
- Use strlcpy() instead of strcpy().
- Use strlcat() instead of a strlcpy() with a magic number subtracted
from the length.
- Replace strncmp(..., strlen(foo) + 1) with strcmp(...).

Differential Revision: https://reviews.freebsd.org/D1814
Reviewed by: rpaulo
MFC after: 2 weeks
143df1bc49248dce22ad0ac3fad8ea428a7710ae 02-Feb-2015 vsevolod <vsevolod@FreeBSD.org> Revert the change of flowid output format. [1]

Reverse the sorting order of the interfaces addresses familise so it should be
the same as getifaddrs(3) order. [2]

Suggested by: hrs [1], bz [2]
Approved by: hrs, bapt
baaa04fd525b2ceb0a43fcc7c22623394f6545f6 02-Feb-2015 vsevolod <vsevolod@FreeBSD.org> Style(9) fixes.

Approved by: bapt, ae
X-MFC-With: r278080
6a39979cd265fe809358adb6070c064e4e020600 02-Feb-2015 vsevolod <vsevolod@FreeBSD.org> Reorganize the list of addresses associated with an interface and group them
based on the address family. This should help to recognize interfaces with
multiple AF (e.g. ipv4 and ipv6) with many aliases or additional addresses. The
order of addresses inside a single group is strictly preserved.

Improve the scope_id output for AF_INET6 families, as the
current approach uses hexadecimal string that is basically the ID of an
interface, whilst this information is already depicted by getnameinfo(3) call.
Therefore, now ifconfig just prints the scope of address as it is defined in
2.4 of RFC 2373.

PR: 197270
Approved by: bapt
MFC after: 2 weeks
424e7334fbbda2ecb68e66f7d096ab6ccb0a1ae9 02-Oct-2014 hrs <hrs@FreeBSD.org> Revert r272390.

Pointed out by: glebius
f64371468d02246bc05a8b3b82639814489e3f98 02-Oct-2014 hrs <hrs@FreeBSD.org> Add IFCAP_HWSTATS.
0c02adae03a55821b773682cdcca772d82058321 16-Aug-2014 melifaro <melifaro@FreeBSD.org> Add support for reading i2c SFP/SFP+ data from NIC driver and
presenting most interesting fields via ifconfig -v.
This version supports Intel ixgbe driver only.

Tested on: Cisco,Intel,Mellanox,ModuleTech,Molex transceivers
MFC after: 2 weeks
28c99f4366718cbf51d5b9827d250ef24b82296c 15-Aug-2014 gjb <gjb@FreeBSD.org> MFC r269888:
Fix a typo in a comment: s/interprete/interpret/

Sponsored by: The FreeBSD Foundation
3a0070ccedfee41724d5288d112f2e2aeab68b1e 12-Aug-2014 gjb <gjb@FreeBSD.org> Fix a typo in a comment: s/interprete/interpret/

Submitted by: Sam Fourman Jr.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
d494babace1c51efd0d2c4582515a1e1ae5fa9d2 14-Mar-2014 glebius <glebius@FreeBSD.org> Remove IPX support.

IPX was a network transport protocol in Novell's NetWare network operating
system from late 80s and then 90s. The NetWare itself switched to TCP/IP
as default transport in 1998. Later, in this century the Novell Open
Enterprise Server became successor of Novell NetWare. The last release
that claimed to still support IPX was OES 2 in 2007. Routing equipment
vendors (e.g. Cisco) discontinued support for IPX in 2011.

Thus, IPX won't be supported in FreeBSD 11.0-RELEASE.
eb1a5f8de9f7ea602c373a710f531abbf81141c4 21-Feb-2014 gjb <gjb@FreeBSD.org> Move ^/user/gjb/hacking/release-embedded up one directory, and remove
^/user/gjb/hacking since this is likely to be merged to head/ soon.

Sponsored by: The FreeBSD Foundation
6b01bbf146ab195243a8e7d43bb11f8835c76af8 27-Dec-2013 gjb <gjb@FreeBSD.org> Copy head@r259933 -> user/gjb/hacking/release-embedded for initial
inclusion of (at least) arm builds with the release.

Sponsored by: The FreeBSD Foundation
ca7094039acbfbd5bcf9f8607c64411510d18d46 05-Nov-2013 glebius <glebius@FreeBSD.org> Axe IFF_SMART.

Submitted by: pluknet
804c67a4867afb8b7ef41a3ade748cab870b788c 21-Dec-2012 kevlo <kevlo@FreeBSD.org> Fix socket calls on error post-r243965.

Submitted by: Garrett Cooper
67d5f1a727273d8e141e96c429114dff9fb06ec3 19-Jun-2012 np <np@FreeBSD.org> - Updated TOE support in the kernel.

- Stateful TCP offload drivers for Terminator 3 and 4 (T3 and T4) ASICs.
These are available as t3_tom and t4_tom modules that augment cxgb(4)
and cxgbe(4) respectively. The cxgb/cxgbe drivers continue to work as
usual with or without these extra features.

- iWARP driver for Terminator 3 ASIC (kernel verbs). T4 iWARP in the
works and will follow soon.

Build-tested with make universe.

30s overview
What interfaces support TCP offload? Look for TOE4 and/or TOE6 in the
capabilities of an interface:
# ifconfig -m | grep TOE

Enable/disable TCP offload on an interface (just like any other ifnet
# ifconfig cxgbe0 toe
# ifconfig cxgbe0 -toe

Which connections are offloaded? Look for toe4 and/or toe6 in the
output of netstat and sockstat:
# netstat -np tcp | grep toe
# sockstat -46c | grep toe

Reviewed by: bz, gnn
Sponsored by: Chelsio communications.
MFC after: ~3 months (after 9.1, and after ensuring MFC is feasible)
e888f5e00cc55f77170cce44c847c965668d60bf 28-May-2012 bz <bz@FreeBSD.org> Removed the IFCAP_ prefix when printing the IPv6 checksum capabilities.

Submitted by: dim
MFC after: 3 days
ac429c704460cebd04cbe8314edf44e51038bc3b 28-May-2012 bz <bz@FreeBSD.org> It turns out that too many drivers are not only parsing the L2/3/4
headers for TSO but also for generic checksum offloading. Ideally we
would only have one common function shared amongst all drivers, and
perhaps when updating them for IPv6 we should introduce that.
Eventually we should provide the meta information along with mbufs to
avoid (re-)parsing entirely.

To not break IPv6 (checksums and offload) and to be able to MFC the
changes without risking to hurt 3rd party drivers, duplicate the v4
framework, as other OSes have done as well.

Introduce interface capability flags for TX/RX checksum offload with
IPv6, to allow independent toggling (where possible). Add CSUM_*_IPV6
flags for UDP/TCP over IPv6, and reserve further for SCTP, and IPv6
fragmentation. Define CSUM_DELAY_DATA_IPV6 as we do for legacy IP and
add an alias for CSUM_DATA_VALID_IPV6.

This pretty much brings IPv6 handling in line with IPv4.
TSO is still handled in a different way and not via if_hwassist.

Update ifconfig to allow (un)setting of the new capability flags.
Update loopback to announce the new capabilities and if_hwassist flags.

Individual driver updates will have to follow, as will SCTP.

Reported by: gallatin, dim, ..
Reviewed by: gallatin (glanced at?)
MFC after: 3 days
X-MFC with: r235961,235959,235958
39bd73ddd4464be28e975776f13b834426a11618 19-May-2012 bz <bz@FreeBSD.org> MFp4 bz_ipv6_fast:

Allow tso4 and tso6 be set individually given we have the bits.
This will help with drivers not working as expected during the
transition time and later.

Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems

Reviewed by: gnn
MFC After: 1 week
0cc840ee23062e4ae7541fa8c16bed937d496cf1 14-Feb-2012 rmh <rmh@FreeBSD.org> Disable jail support in ifconfig when either building a rescue
image or MK_JAIL knob has been set to "no".

Reviewed by: bz
Approved by: adrian (mentor)
27a36f6ac8242750daa092abd7180b10d16f4508 16-Dec-2011 glebius <glebius@FreeBSD.org> A major overhaul of the CARP implementation. The ip_carp.c was started
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.

The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.

ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.

To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]

The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.

Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!

PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
7a0d48ebc3311ca8354f797d5fd2a5411af66086 18-Jul-2011 bz <bz@FreeBSD.org> If compiling RESCUE always ignore feature_present(3) calls so that
a /rescue/ifconfig more modern than the kernel could still configure
IPv4 or IPv6 addresses.

Reported by: Andrzej Tobola (ato iem.pw.edu.pl)
Reported by: gcooper
MFC after: 1 day
X-MFC: will not MFC any time soon, just reminder for r222527
7cd78b912e49a7054d596bcc33452dd4e104da5a 14-Jun-2011 luigi <luigi@FreeBSD.org> Grab one of the ifcap bits for netmap, and enable printing in ifconfig.

Document the fact that we might want an IFCAP_CANTCHANGE mask,
even though the value is not yet used in sys/net/if.c

(asked on -current a week ago, no feedback so i assume no objection).
bc4d32e80bd81ea96c4c2544ab36f7e8caa777b7 31-May-2011 attilio <attilio@FreeBSD.org> MFC
b41f984f28787536530ac8d4af207059466e4656 31-May-2011 bz <bz@FreeBSD.org> Conditionally compile in the af_inet and af_inet6, af_nd6 modules.
If compiled in for dual-stack use, test with feature_present(3)
to see if we should register the IPv4/IPv6 address family related

In case there is no "inet" support we would love to go with the
usage() and make the address family mandatory (as it is for anything
but inet in theory). Unfortunately people are used to
ifconfig IF up/down
etc. as well, so use a fallback of "link". Adjust the man page
to reflect these minor details.

Improve error handling printing a warning in addition to the usage
telling that we do not know the given address family in two places.

Reviewed by: hrs, rwatson
Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems
MFC after: 2 weeks
33417874f42d859e6925c0cad02eb4a0ade247ca 07-Dec-2010 weongyo <weongyo@FreeBSD.org> Introduces IFF_CANTCONFIG interface flag to point that the interface
isn't configurable in a meaningful way. This is for ifconfig(8) or
other tools not to change code whenever IFT_USB-like interfaces are
registered at the interface list.

Reviewed by: brooks
No objections: gavin, jkim
bc2682b97b76f566f657795f57da6991d671a208 01-Dec-2010 weongyo <weongyo@FreeBSD.org> Don't print usbus[0-9] interfaces that it's not the interesting
interface type for ifconfig(8).
09f9c897d33c41618ada06fbbcf1a9b3812dee53 19-Oct-2010 jamie <jamie@FreeBSD.org> A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.
7909344bdf3f86ce88f5a00d727704861218adc9 06-Aug-2010 jhb <jhb@FreeBSD.org> Ethernet vlan(4) interfaces have valid Ethernet link layer addresses but
use a different interface type (IFT_L2VLAN vs IFT_ETHER). Treat IFT_L2VLAN
interfaces like IFT_ETHER interfaces when handling link layer addresses.

Reviewed by: syrinx (bsnmpd)
MFC after: 1 week
248d9cd26d04261a18656cb19e504268ca0d3fe2 28-Apr-2010 delphij <delphij@FreeBSD.org> MFC r206637:

When an underlying ioctl(2) handler returns an error, our ioctl(2)
interface considers that it hits a fatal error, and will not copyout
the request structure back for _IOW and _IOWR ioctls, keeping them

The previous implementation of the SIOCGIFDESCR ioctl intends to
feed the buffer length back to userland. However, if we return
an error, the feedback would be defeated and ifconfig(8) would
trap into an infinite loop.

This commit changes SIOCGIFDESCR to set buffer field to NULL to
indicate the previous ENAMETOOLONG case.

Reported by: bschmidt
58be1647f81d964462a1ca747976a7a85714fc0b 14-Apr-2010 delphij <delphij@FreeBSD.org> When an underlying ioctl(2) handler returns an error, our ioctl(2)
interface considers that it hits a fatal error, and will not copyout
the request structure back for _IOW and _IOWR ioctls, keeping them

The previous implementation of the SIOCGIFDESCR ioctl intends to
feed the buffer length back to userland. However, if we return
an error, the feedback would be defeated and ifconfig(8) would
trap into an infinite loop.

This commit changes SIOCGIFDESCR to set buffer field to NULL to
indicate the previous ENAMETOOLONG case.

Reported by: bschmidt
MFC after: 2 weeks
103baea9240b5ccaea44e22c2809b2ed736bf095 02-Apr-2010 qingli <qingli@FreeBSD.org> MFC 205222

Verify interface up status using its link state only
if the interface has such capability. The interface
capability flag indicates whether such capability
exists. This approach is much more backward compatible.
Physical device driver changes will be part of another

Also updated the ifconfig utility to show the LINKSTATE
capability if present.

Reviewed by: rwatson, imp, juli
f1216d1f0ade038907195fc114b7e630623b402c 19-Mar-2010 delphij <delphij@FreeBSD.org> Create a custom branch where I will be able to do the merge.
fcd12ff899e71f93db63ff403f00771dd21956fe 18-Mar-2010 yongari <yongari@FreeBSD.org> MFC r204150:
Add TSO support on VLAN in fconfig(8).
4ff4954e4e9b86c057c52b9d83cd9b7ba9517e0c 16-Mar-2010 qingli <qingli@FreeBSD.org> Verify interface up status using its link state only
if the interface has such capability. The interface
capability flag indicates whether such capability
exists. This approach is much more backward compatible.
Physical device driver changes will be part of another

Also updated the ifconfig utility to show the LINKSTATE
capability if present.

Reviewed by: rwatson, imp, juli
MFC after: 3 days
2c255a85f1a94490d53a0d50a11a7292322fdebb 26-Feb-2010 delphij <delphij@FreeBSD.org> MFC 203052:

Add interface description capability as inspired by OpenBSD. Thanks for
rwatson@, jhb@, brooks@ and others for feedback to the old implementation!

Sponsored by: iXsystems, Inc.
0bad3ad1891d1a6bf1269196733eae4e5167b43a 20-Feb-2010 yongari <yongari@FreeBSD.org> Add TSO support on VLAN in fconfig(8).

Reviewed by: thompsa
d9a0cd0982402f9faf826972323ba7e2c92d4da2 27-Jan-2010 delphij <delphij@FreeBSD.org> Revised revision 199201 (add interface description capability as inspired
by OpenBSD), based on comments from many, including rwatson, jhb, brooks
and others.

Sponsored by: iXsystems, Inc.
MFC after: 1 month
c7017d0550079fead9d0fe4bf431577d879ca9a8 25-Nov-2009 will <will@FreeBSD.org> Make ``ifconfig -l ether'' only list interfaces that speak Ethernet.

PR: 118987
Approved by: ken (mentor)
8fed657163fb373990aaa15c79b58a7c963373b2 12-Nov-2009 delphij <delphij@FreeBSD.org> Revert revision 199201 for now as it has introduced a kernel vulnerability
and requires more polishing.
13a19ef806aacb68fca8a06969fe760e790cf191 11-Nov-2009 delphij <delphij@FreeBSD.org> Add interface description capability as inspired by OpenBSD.

MFC after: 3 months
0de8238d45da1b7b3bf6f6206fbba3b8534c683a 26-Jul-2009 bz <bz@FreeBSD.org> Make ifconfig ifN -vnet <jname|jid> actually work:

- fix ifconfig to ignore the non-existent interface in the current
network stack in case of '-vnet'.
- in ifconfig: actually use the local variables defined for the
vnet functions rather than modifying the global.

Reviewed by: rwatson
Approved by: re (kib)
17732421076935a7d2072f52c7a30754ed31f34b 24-Jun-2009 jamie <jamie@FreeBSD.org> Add the "vnet" and "-vnet" options, to allow moving interfaces between
jails with VIMAGE.

Approved by: bz (mentor)
e55dc5c4eb8e9b93da21c537889150f3b177e253 23-Jun-2009 delphij <delphij@FreeBSD.org> - Use size_t instead of int when appropriate;
- Use C99 sparse initialization.

With these changes ifconfig(8) is WARNS=2 clean.
fac27ce7dc33ac3df2b40cb16a94f2296ee6550f 18-Apr-2009 rwatson <rwatson@FreeBSD.org> ifconfig(8) no longer needs to know how to print the IFF_NEEDSGIANT flag,
since it shortly won't be defined at all.
172e53d32b65f2bac0f0d0d4080969bb14d3f8e8 15-Mar-2009 jamie <jamie@FreeBSD.org> Default to AF_LOCAL instead of AF_INET sockets for non-family-specific
operations. This allows the query operations to work in non-IPv4 jails,
and will be necessary in a future of possible non-INET networking.

Approved by: bz (mentor)
d6f3751eea073450f635cecd82b43fb792f3f76b 14-Jan-2009 sam <sam@FreeBSD.org> use correct interface name when setting flags; fixes ifconfig ... create ... up

Noticed by: Chris Anderson
19b6af98ec71398e77874582eb84ec5310c7156f 22-Nov-2008 dfr <dfr@FreeBSD.org> Clone Kip's Xen on stable/6 tree so that I can work on improving FreeBSD/amd64
performance in Xen's HVM mode.
cf5320822f93810742e3d4a1ac8202db8482e633 19-Oct-2008 lulf <lulf@FreeBSD.org> - Import the HEAD csup code which is the basis for the cvsmode work.
679a0ae405d6b9dd914f295119a9279e67da9d3b 29-Sep-2008 sam <sam@FreeBSD.org> Distinguish between cmd/parameters used for clone operations and
all others. Use this to disambiguate cmd line arguments that can
be either clone params or regular parameters so, in particular,
"bssid" again works as a regular parameter.

While here leverage the above to improve the logic for flushing
clone operations on the first !clone cmd line parameter.

Reviewed by: jhay
4d6b183b48b63e8ef2604da76af5d70f3c4be57e 28-Aug-2008 jfv <jfv@FreeBSD.org> Add support in ifconfig to control the vlan hardware filter feature.

Reviewed by: EvilSam and moi
MFC after:1 week
dd68eea321c5f282e0c1121626f2981565a72c4d 03-Aug-2008 thompsa <thompsa@FreeBSD.org> Move the grekey to its own file, ifconfig.c does not have interface specific

Submitted by: sam
0c235e44e0fb17bd33556dadd61d7697ab1920d5 20-Jun-2008 thompsa <thompsa@FreeBSD.org> Add support for the optional key in the GRE header.

PR: kern/114714
Submitted by: Cristian KLEIN
760cb14114d6d37050b99926fbc0a9fc1592774c 25-Apr-2008 sam <sam@FreeBSD.org> MFC: Fix handling of create operation together with setting other parameters.
02e03a52bf84af52234247a95d7e73575585f700 03-Apr-2008 sam <sam@FreeBSD.org> MFC: WOL infrastructure support
1cec369535292eab06c22690afab8043336f2e23 31-Mar-2008 sam <sam@FreeBSD.org> Fix handling of create operation together with setting other parameters:
o mark cmds/parameters to indicate they are potential arguments to a clone
operation (e.g. vlantag)
o when handling a create/clone operation do the callback on seeing the first
non-clone cmd line argument so the new device is created and can be used;
and re-setup operating state to reflect the newly created device

Reviewed by: Eugene Grosbein
MFC after: 2 weeks
08954540f840d7da2963bbfea3f07480e5b0b7d2 10-Dec-2007 sam <sam@FreeBSD.org> Wake On Lan (WOL) infrastructure

Submitted by: Stefan Sperling <stsp@stsp.name>
Reviewed by: brooks
b0693660ac94e20dfca3134e27bf94215e3199cb 11-Oct-2007 thompsa <thompsa@FreeBSD.org> MFC ifconfig.8 r1.138, ifconfig.c r1.131

Add the -n flag for disabling automatic module loading
f1ca7ff2d4a6fadab27fdfe822c3fbd87bffeb12 04-Oct-2007 thompsa <thompsa@FreeBSD.org> Fix the module name matching to the drivers present in the kernel. Previously
it would return true on a partial match where it would think the edsc module
was already present by having a positive match on 'ed'. This changes it so
that it compares the full string including the nul terminators.

This also fixes a buffer overflow in the ifkind variable where the length of
the interface name in *argv wasnt checked for size.

Reviewed by: brooks
Approved by: re (gnn)
b936eeb39ddebd2dd21440a77901dc032bd0f608 13-Jun-2007 rwatson <rwatson@FreeBSD.org> Remove IPX over IP tunneling pieces from ifconfig(8), omitted portion of
previous commit:

Remove IPX over IP tunneling support, which allows IPX routing over IP
tunnels, and was not MPSAFE. The code can be easily restored in the
event that someone with an IPX over IP tunnel configuration can work
with me to test patches.

This removes one of five remaining consumers of NET_NEEDS_GIANT.

Approved by: re (kensmith)

Spotted by: Artem Naluzhny <tutat nhamon dot com dot ua>
6955439784cadeca74b3a9edeea2729fe14c7ae9 11-Jun-2007 andre <andre@FreeBSD.org> Add reporting and toggling of TCP LRO (large receive offload) support to
fca21956cbcff5f887587646cb3ad8dcb4911fb1 22-May-2007 thompsa <thompsa@FreeBSD.org> Add the -n flag for disabling automatic module loading, this will be used by
rc.d to stop it reloading the network module on unload.
4b290448139db304f54bd5f27ffdf1897dbfa5f7 24-Mar-2007 yar <yar@FreeBSD.org> Back out rev. 1.129 because it breaks the practice of auto-loading
hardware drivers. Unlike pseudo-device drivers, which just attach
to the cloning framework and wait for "ifconfig create", h/w drivers
create interfaces for installed cards as soon as loaded. The issue
of devd(8) involuntarily reloading modules should be dealt with in a
different way.
3084e0d1c8c0cdb2e2597237146839d679a8d980 12-Mar-2007 yar <yar@FreeBSD.org> Attempt to load the kernel module only if we are going to create a
new interface. In other cases loading the module is unwanted and
can lead to ill side effects. One such effect found is as follows:
"kldunload if_foo" tells the module to kill all its interfaces,
which results in messages sent to devd; the module unloads. Then
devd starts processing the messages, which ends up in a etc script
running ifconfig fooX, which reloads the module.
a0324781f288a9ee994f0fc87aa2adb515d8d393 27-Feb-2007 sam <sam@FreeBSD.org> o consistently check strlcpy result
o warn when we skip an interface because it's name is too long
843968091888fd46d557169a41fc4403d81b8edc 27-Feb-2007 sam <sam@FreeBSD.org> correct type to silence const complaint
adee842450911645d2c4da8fc08e135cdaea922d 27-Feb-2007 sam <sam@FreeBSD.org> unbreak create operation, must copy argument to global name

Spotted by: des
cd822ec72803ef63ba2d56e1fcdc837cd656a1b5 24-Feb-2007 sam <sam@FreeBSD.org> use getifaddrs from libc instead of private code

Reviewed by: bms
MFC after: 1 month
7c57814bdcf673bb4e3961b662c3dbf11a8f9c7e 29-Dec-2006 bz <bz@FreeBSD.org> Fix an off-by-one which could mean writing beyond the end of the array
when copying the interface name.
This code part should probably be rewritten.
4619fa3a870ed00ddba414027d735e9ebb3eb31b 20-Sep-2006 andre <andre@FreeBSD.org> In setifcap() only set/unset those capabilities the interface actually
da4d1fe46fba751bc6b6ced0cd2caed75e4cf82b 08-Sep-2006 andre <andre@FreeBSD.org> Fix octal representation of TSO4 and TSO6 bits in interface capabilities
f88e673aad2d1d0b5d140bf94727f31efa4d919c 06-Sep-2006 andre <andre@FreeBSD.org> Make TSO (TCP segmentation offload) capabilities visible and accessible with
'ifconfig em0 tso' and 'ifconfig em0 -tso'. TSO for IPv4 and IPv6 is always
enabled or disabled together. The driver may enable only one if it doesn't
support both.

Document 'tso' and '-tso' in the ifconfig(8) man pages.

Sponsored by: TCP/IP Optimization Fundraise 2005
5fe5db7b92d100880e8e1049b140630a29d38514 09-Jul-2006 sam <sam@FreeBSD.org> o replace special handling of clone operations by a clone callback
o change vlan cloning to use callback and pass all vlan parameters
on create using the new SIOCREATE2 ioctl
o update vlan set logic to match existing practice
64f07cddfc4e529cfadaec16d34530ee02f600ab 18-Mar-2006 glebius <glebius@FreeBSD.org> MFC 1.119:
There is no IFF_POLLING flag anymore.

Approved by: re (mux)
7275dc9d98857fe78c4f0e12345c9f9ad60b4a6e 12-Mar-2006 glebius <glebius@FreeBSD.org> There is no IFF_POLLING flag anymore.
af897e152b22c268384ed0e64cd18f43f14a669a 09-Feb-2006 yar <yar@FreeBSD.org> MFC ifconfig.c rev. 1.117:
Do address assignment/removal operations after callbacks. Presently,
ifconfig callbacks are used for L2 configuration, media and vlan,
so actions associated with address assignment, like sending out a
gratuitous ARP, should go when L2 is running already.

Return ifvlan.c to the state of rev. -- undo the last
back-out. The above change to ifconfig.c lets us use a callback
for vlan set-up without facing the evil side-effects from IP
assignment to an orphaned vlan interface.

Approved by: re (scottl)
ef319cb614ae8dd1db856dd246801a7d4a11f54f 30-Jan-2006 glebius <glebius@FreeBSD.org> Recognize new VLAN_HWCSUM flag.
a388ebb962934fe140e9559cc12ca537afae2187 30-Jan-2006 yar <yar@FreeBSD.org> Do address assignment/removal operations after callbacks.

Presently, ifconfig callbacks are used for L2 configuration, media
and vlan, so actions associated with address assignment, like sending
out a gratuitous ARP, should go when L2 is running already.

This also should fix the problem with setting up vlan interfaces
from rc.conf, when both IP and vlan+vlandev parameters are passed
to ifconfig at once.

Future work: Consider introducing several ifconfig callback lists
to invoke callbacks orderly.

MFC after: 1 week
70ec80eace60e23c7d1dcdf6691783f7f97e1480 06-Oct-2005 yar <yar@FreeBSD.org> MFC:

ifconfig.c 1.116

For the sake of consistency and easier typing,
introduce "-tunnel" as an alias for "deletetunnel".
The latter is overly long and prone to typos, but
keep it for POLA since it costs nothing.

ifvlan.c 1.8

Deprecate the useless argument to -vlandev.

ifconfig.8 1.102-1.105

Document the above changes.
Logically group vlan- and tunnel-related parameters.

Approved by: re (scottl)
3ddc14f22ce145bcd209c232cb62a7086e4e285d 29-Sep-2005 yar <yar@FreeBSD.org> For the sake of consistency and easier typing,
introduce "-tunnel" as an alias for "deletetunnel".
The latter is overly long and prone to typos, but
keep it for POLA since it costs nothing.

MFC after: 5 days
6ef35a9033cdebfe27efd05ad442122a02ec3c12 21-Jul-2005 rwatson <rwatson@FreeBSD.org> Merge ifconfig.8:1.98, ifconfig.c:1.115, ifconfig.h:1.17,
ifieee80211.c:1.19 from HEAD to RELENG_6:

Add a new flag '-k' to ifconfig(8), indicating that it is alright to
print potentially sensitive keying material to stdout. With the new
802.11 support, ifconfig(8) is now capable of printing 802.11 keys,
and did by default for the root user, which is undesirable in some
environments. Now it will not print keying material unless requested
(and available to the user).

Approved by: re (kensmith)
9718a6e4b2a18bab5a1656f8af5a3cd4bc238db1 18-Jul-2005 yar <yar@FreeBSD.org> MFC 1.114: Add missing symbolic names of new interface flags.

Approved by: re (kensmith)
2df666ab6946c86d6f646d4417a3bbd60f66cafc 14-Jul-2005 rwatson <rwatson@FreeBSD.org> Add a new flag '-k' to ifconfig(8), indicating that it is alright to
print potentially sensitive keying material to stdout. With the new
802.11 support, ifconfig(8) is now capable of printing 802.11 keys,
and did by default for the root user, which is undesirable in some
environments. Now it will not print keying material unless requested
(and available to the user).

MFC after: 1 week
fbc6f8c90bc866966059aaea49d9b5e8e06fcddb 13-Jul-2005 yar <yar@FreeBSD.org> Add symbolic names for the IFF_PPROMISC and IFF_NEEDSGIANT flags
so that ifconfig(8) can print them.

MFC after: 5 days
01b6c1ef442edd2751ae8728c9583dab08ae95e9 20-May-2005 sam <sam@FreeBSD.org> guard against bogus address data

Submitted by: Bakul Shah
93dc7c672e88559f4ae90f91fdc693a94c8d940a 08-Apr-2005 stefanf <stefanf@FreeBSD.org> ISO C does not allow unnamed union members.
2bd54b55a67f0891a12f690b4014bf1e5f4e5c90 08-Apr-2005 stefanf <stefanf@FreeBSD.org> Fix typo in comment.
65cf57f523204a7d6cd5d3c0982549ff4e7a3c01 31-Dec-2004 sam <sam@FreeBSD.org> Fix special status reporting. Prior to the reorg there was
special-purpose code to display status for an interface for
state that was not address-oriented. This status reporting
was merged in to the address-oriented status reporting but
did not work for link address reporting (as discovered with
fwip interfaces). Correct this mis-merge and eliminate the
bogus kludge that was used for link-level address reporting.

o add an af_other_status method for an address family for
reporting status of things like media, vlan, etc.
o call the af_other_status methods after reporting address
status for an interface
o special-case link address status; when reporting all
status for an interface invoke it specially prior to
reporting af_other_status methods (since it requires the
sockaddr_dl that is passed in to status separately from
the rtmsg address state)
o correct the calling convention for link address status;
don't cast types, construct the proper parameter

This fixes ifconfig on fwip interfaces.
476c9d3a010c9ec2db658c943141a6cee92cd794 11-Dec-2004 sam <sam@FreeBSD.org> add a callback mechanism for code that wants to defer committing changes
until all the command line args have been processed

Reviewed by: ambrisko
68cd8761a723205e9d0dbd54067af7db9f163492 08-Dec-2004 sam <sam@FreeBSD.org> Overhaul to cleanup some of the tangled logic that's grown over the years.

o break per-address family support out into separate files
o modularize per-address family and functional operations using
a registration mechanism; this permits configuration according
to which files you include (but beware that order of the files
is important to insure backwards compatibility)
o many cleanups to eliminate incestuous behaviour, global variables,
and poor coding practices (still much more to fix)

The original motivation of this work was to support dynamic addition
of functionality based on the interface so we can eliminate the various
little control programs and so that vendors can distribute ifconfig
plugins that support their in-kernel code. That work is still to be

o Update 802.11 support for all the new net80211 functionality; some
of these operations (e.g. list *) may be better suited in a different
ba918da2a51c9e7f2352076e0fbab5f3a82f8104 01-Sep-2004 brooks <brooks@FreeBSD.org> Use a spare byte in struct if_data to store the structure size without
increasing it. Add code to ifconfig to use this size to find the
sockaddr_dl after the struct if_data in the routing message. This
allows struct if_data to grow (up to 255 bytes) without breaking

Submitted by: peter
2b707fbd8fb9f2858a26eea1d2962ad18c405966 09-Aug-2004 yongari <yongari@FreeBSD.org> Fix long standing mediaopt setting bugs seen on sparc64. Though
the bug exists in little-endian machine, it was not triggered due
to the difference of memory ordering between little/big endian
machines. Instead of relying on possibly modified value during
function invokcations, use saved copy of ifr.ifr_addr.sa_family.
Also add a comment at the top of ifconfig.c clarifying the issue
so the bug won't re-appear.

Approved by: jake
Reviewed by: yar
78326c15fe417280aa5aa8548e2864bd64075f52 26-Jul-2004 yar <yar@FreeBSD.org> Add two knobs to ifconfig(8), `vlanmtu' and `vlanhwtag',
that provide control over the respective capabilities
of an interface, reception of extended frames and hardware
VLAN multiplexor.
8abe6632d3c2a913fdbb461ba5fa74a260ce895c 30-Apr-2004 ambrisko <ambrisko@FreeBSD.org> For both ifconfig and route if we didn't get enough memory from the
prior sysctl due to the structure growing between calls try again.

Also try again for deleting routes if things fail. We've seen
route -f fail this way which does not actually flush all routes.
This fixes it. It will whine but it will do the work.

PR: 56732
Obtained from: IronPort
ce58934c26f217ac83da72bdcf78eaadc9efd26a 13-Apr-2004 luigi <luigi@FreeBSD.org> Replace ROUNDUP/ADVANCE with SA_SIZE
dd9ed984465845ba1807ad894b5cf81130230e40 11-Apr-2004 ru <ru@FreeBSD.org> Added the new interface capability option for drivers that implement
user-configurable polling(4) support. Make ifconfig(8) aware of it.

Suggested by: luigi
90f91e78798ca6837ca6cfadaf08d8a961b5844a 09-Apr-2004 markm <markm@FreeBSD.org> Remove advertising clause from University of California Regent's license,
per letter dated July 22, 1999.

Approved by: core, imp
0242ed134b11f2e07839056e0f2d2311860e39a5 30-Mar-2004 sam <sam@FreeBSD.org> add support for setting 802.11 rtsthreshold, transmit power,
and 11g protection mode

Reviewed by: imp (just code)
f2b9d84260efde88b7a4b4af9694236c69d78c0e 12-Mar-2004 ru <ru@FreeBSD.org> The print mask's first part is the base, not the total number of bit
1579b4cc4ff80a96d034c3a6f73003f85dfd5a9b 12-Mar-2004 ru <ru@FreeBSD.org> Show the polling(4) flag on the interface.
7432091236a4f7e854963b7353bb9e33c7f126ad 10-Mar-2004 bde <bde@FreeBSD.org> Fixed a misspelling of 0 as NULL.
75985f5938295297d0b0e6921d7824da05b427a6 27-Feb-2004 kan <kan@FreeBSD.org> Look for both name and if_<name> strings in module metadata. Pseudo-devices
like tun are naming their modules using the 'if_; prefix and previous version of
the code failed to detect their presence in the kernel, resulting in the same
module being loaded twice.
b8d51aa138d0828da395e4cd549238f660870733 04-Feb-2004 brooks <brooks@FreeBSD.org> Add ifconfig support for network interface renaming. In the process,
reorganize the printing of the interface name when using wildcard
cloning so it is not printed if it we either immediately rename or
destroy the interface.

Reviewed by: ru
ee34d661dfd58fb717336382ab24ba06a7cc166f 31-Jan-2004 brooks <brooks@FreeBSD.org> Use memcpy plus a manual NUL termination when copying the interface name
from the sdl because strlcpy requires that the source string be
NUL-terminated unlike strncpy.

Submitted by: Peter Jeremy <PeterJeremy at optushome dot com dot au>
280fcfee010f264faacd1e395fd9a429bdb87843 27-Jan-2004 brooks <brooks@FreeBSD.org> Use IFNAMSIZ instead of a magic value for the length of an interface

Prevent the kernel from potentially overflowing the interface name
variable. The size argument of strlcpy is complex because the name is
not null-terminated in sdl_data.
7f6ed48f658999a5345b7e16993c1b02ba03dc1d 26-Oct-2003 peter <peter@FreeBSD.org> Give wider types to sscanf to fix two warnings (u_short cannot be > 0xffff)
and to make sure that we catch oversized arguments rather than silently
truncate them. I dont know if sscanf will reject an integer if it will
not fit in the short return variable or not, but this way it should be
e7ebf2c29a49deea4eaab17c9af60539b957ba24 01-Oct-2003 ru <ru@FreeBSD.org> By popular demand, added the "static ARP" per-interface option.
1e1e2faff9349ae3ff2a353151c0f008eb767008 28-Apr-2003 sam <sam@FreeBSD.org> add a "mode" directive to specify the operating mode for multi-mode devices;
this is mostly intended for use with multi-mode 802.11 devices that support
some combination of 11a, 11b, and 11g
f6ae17d57c44b163fe0367205dedeef274e90aa6 15-Apr-2003 mdodd <mdodd@FreeBSD.org> Don't abuse module names to facilitate ifconfig module loading;
such abuse isn't really needed. (And if we do need type information
associated with a module then we should make it explicit and not
use hacks.)
558c08e2ecc414c4732e37ea8e7e35abb53b9f7e 05-Mar-2003 peter <peter@FreeBSD.org> Kill #ifdef NS code
111dab8175570784d1ee41747fac806c5c96f407 23-Jan-2003 mdodd <mdodd@FreeBSD.org> Add missing #if USE_IF_MEDIA/#endif.
aecb199acfbb6634f3874a30a1bed19632af5594 22-Jan-2003 fjoe <fjoe@FreeBSD.org> fix link_status() in non-Ethernet case

MFC after: 1 week
12578e5745721154b6d9aedb452cec7f0c7b0ce1 15-Nov-2002 sam <sam@FreeBSD.org> o display new interface capability bits
o capitilize capability bit strings for consistency

Approved by: re
19c2ebcc00187b7c0f6c5fa4ce92b80b2c20e8da 24-Oct-2002 phk <phk@FreeBSD.org> Report the MONITOR bit.
d98de7a2cf71a2e2d7fa1681696f9e0784cf85a5 23-Oct-2002 rwatson <rwatson@FreeBSD.org> Rename ifconfig's "mac" argument to "maclabel" to prevent confusion
regarding 802.1 MAC and Mandatory Access Control (MAC). Some
potential for confusion remains further in other areas of the
system regarding Message Authentication Codes (MAC).

Requested by: wollman
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
2450bdb69b00fa80c6300b0490ce491af643f642 23-Oct-2002 rwatson <rwatson@FreeBSD.org> Teach ifconfig(8) how to print and set the MAC labels on network
interfaces using the 'mac' argument. Without MAC support in the
kernel, this does not change the behavior of ifconfig.

Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
b9a8a81041d75fd2f18a80da77ef21a9b9ea5394 02-Oct-2002 dd <dd@FreeBSD.org> Don't crash when the user feeds us nonesense in the form:
ifconfig IF ether WHATEVER -alias

PR: 42544
Submitted by: Mike Makonnen <makonnen@pacbell.net>
d61cac74b0dc667b645880b386219cacfb3c53f6 27-Sep-2002 phk <phk@FreeBSD.org> Add the "Monitor" interface flag.

Setting this flag on an ethernet interface blocks transmission of packets
and discards incoming packets after BPF processing.

This is useful if you want to monitor network trafic but not interact
with the network in question.

Sponsored by: http://www.babeltech.dk
e50e3b03ec109b238fb7d960a5be0b08961b41d4 19-Aug-2002 sobomax <sobomax@FreeBSD.org> Implement user-setable promiscuous mode (a new `promisc' flag for ifconfig(8)).
Also, for all interfaces in this mode pass all ethernet frames to upper layer,
even those not addressed to our own MAC, which allows packets encapsulated
in those frames be processed with packet filters (ipfw(8) et al).

Emphatically requested by: Anton Turygin <pa3op@ukr-link.net>
Valuable suggestions by: fenner
357ca3e7e3c2488784d8e1261f4572c2114af6dc 19-Aug-2002 sobomax <sobomax@FreeBSD.org> Fix last-minute typo which breaks the world.

Submitted by: many
f6cebc060671b6c67f52080c35a0e55d5498cbf0 18-Aug-2002 sobomax <sobomax@FreeBSD.org> Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoid
breaking application ABI use unused ifreq.ifru_flags[1] for upper 16 bits in

Reviewed by: -hackers, -net
5d491107087efa8a27bf20b95a62726cd4cd9ce2 15-Jun-2002 ume <ume@FreeBSD.org> Add eui64 option which fills interface index (lowermost 64bit of
an IPv6 address) automatically.
This should obsolete prefix(8).

Obtained from: NetBSD
MFC after: 2 weeks
71bc4d4331e5f218fbe229a98683683b0ed3cbcc 18-Apr-2002 imp <imp@FreeBSD.org> De-__P, use ansi function definitions
ebeb271872a4ee0787a53456d3f20d23fa319b25 27-Mar-2002 ru <ru@FreeBSD.org> Turn "ether" address family into a generic "link" family
that could be used to set/get arbitrary length link level
addresses. Alias "lladdr" parameter and "ether" family
to the new "link" family for backward compatibility.

PR: bin/31476
MFC after: 1 week
73c6870b18b8289171acd66d63bdd7ce8fb819b6 20-Mar-2002 obrien <obrien@FreeBSD.org> Remove 'register' keyword.
It does not help modern compilers, and some may take some hit from it.
(I also found several functions that listed *every* of its 10 local vars with
"register" -- just how many free registers do people think machines have?)
c55fbd48a87bd450592bb317754a6bf3961674ff 03-Dec-2001 ru <ru@FreeBSD.org> MTU and metric are available with NET_RT_IFLIST.

MFC after: 3 days
2436924bafba3c4d95013e9650a67c311deac5d8 17-Oct-2001 jlemon <jlemon@FreeBSD.org> When specifying an interface to ifconfig, first look up the interface
index, then retrieve statistics for that index, rather than retrieving
all interfaces and then looking for a matching name. This allows the
user to refer to an interface via an alias name.

While I'm here, also perform a few assorted cleanups.
ead81b8e599b0d82b0e0a20dbbed77bd21c45754 18-Sep-2001 jlemon <jlemon@FreeBSD.org> Split hwcsum into rxcsum and txcsum components.
8fc7300a95e7a67875fbaddc3d784cab4b6cbfb5 18-Sep-2001 jlemon <jlemon@FreeBSD.org> Teach ifconfig about the new interface capability words.
426e63d9a66291dab270729160301de4c826f266 17-Aug-2001 brooks <brooks@FreeBSD.org> Actuall make plumb work in addition to create as per the manpage.

PR: bin/29812
Submitted by: Joao Carlos Mendes Luis <jonny@eng05.embratel.net.br>
ad2a92535a38126b277ecfe0c0eceba50dfc055d 26-Jul-2001 ume <ume@FreeBSD.org> ifconfig if0 netmask xxx.xxx.xxx.0 didn't change the netmask.

PR: bin/28833
MFC after: 3 days
b0081693851fb6c7e1ebecba5ad85e80794a418e 21-Jul-2001 obrien <obrien@FreeBSD.org> Dike out the IPX bits if RELEASE_CRUNCH is defined.
1e69f4eb2364d7e5da7ca1d7cb99c3e77599e36d 02-Jul-2001 brooks <brooks@FreeBSD.org> Support network device cloning via create and destroy options.

Reviewed by: ru, ume
Obtained from: NetBSD
MFC after: 1 week
832f8d224926758a9ae0b23a6b45353e44fbc87a 11-Jun-2001 ume <ume@FreeBSD.org> Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

- The definitions of SADB_* in sys/net/pfkeyv2.h are still different
from RFC2407/IANA assignment because of binary compatibility
issue. It should be fixed under 5-CURRENT.
- ip6po_m member of struct ip6_pktopts is no longer used. But, it
is still there because of binary compatibility issue. It should
be removed under 5-CURRENT.

Reviewed by: itojun
Obtained from: KAME
MFC after: 3 weeks
de9bff5d04a6648d18315758ba3fc3c56bef1f05 29-May-2001 phk <phk@FreeBSD.org> When using interfaces that support if_media, the supported media list is
printed on a single, very long, and generally unreadable line. This
isn't very useful. It's also really ugly and most of the time you don't
care what media is supported anyway.

PR: 27701
Submitted by: Brooks Davis <brooks@one-eyed-alien.net>
1aacce7a450370feff7a5e098c12e915e4f731f8 26-May-2001 phk <phk@FreeBSD.org> Currently, each wireless networking driver has it's own control program
despite the fact that most people want to set exactly the same settings
regardless of which card they have. It has been repeatidly suggested
that this configuration should be done via ifconfig. This patch
implements the required functionality in ifconfig and add support to the
wi and an drivers. It also provides partial, untested support for the
awi driver.

PR: 25577
Submitted by: Brooks Davis <brooks@one-eyed-alien.net>
814b5baeb7dc8c25c9cdaed60143c2d40939131a 04-May-2001 jesper <jesper@FreeBSD.org> Implement slash/CIDR notation for IPv4 and IPv6 addresses.

MFC after: 1 week

Reviewed by: phk
Obtained from: NetBSD
d47422989ecc87926a1f7f852c44a1b3f1354897 21-Feb-2001 ume <ume@FreeBSD.org> if no address is setted, do not call ioctl(SIOCAIFADDR)

Obtained from: KAME
00d9acaf95e328fdd0d20e9dff7d6f988c919675 30-Nov-2000 ache <ache@FreeBSD.org> Add missing && which absense stops 'make world'
4be44d4baa03936003ffa23ce98ceb8b3cb4175e 30-Nov-2000 luigi <luigi@FreeBSD.org> remove an undefined reference when no VLAN support is compiled in.
a58a1e8b3f461ec82ce7f30272e41ab0f04da3a5 27-Nov-2000 ume <ume@FreeBSD.org> Add missing initialization for IPv6 address lifetime.

PR: misc/22884
Obtained from: KAME
b16240b827e66c5ee41e826518fe10d23ef44bfd 19-Jul-2000 archie <archie@FreeBSD.org> Show the actual command line usage in the man page and usage error string.
e58c321b82d2de60cbd3cae2af253ea6a58f7841 18-Jul-2000 archie <archie@FreeBSD.org> Make "ifconfig" with no arguments equivalent to "ifconfig -a".
16f88d4b690af7f1a6b7b9cfd5721f7a60c53fa7 12-Jul-2000 jhb <jhb@FreeBSD.org> Add support to the 'ether' address family to support setting of addresses.
This allows you to set ether addresses with 'ifconfig ether'. Also, use
some saner socket address families that allow several special case tests
to be removed.
82e4a377a336192df9c5242f53d08e055da24e00 16-Jun-2000 wpaul <wpaul@FreeBSD.org> Implement SIOCSIFLLADDR, which allows you to change the link-level
address on an interface. This basically allows you to do what my
little setmac module/utility does via ifconfig. This involves the
following changes:

socket.h: define SIOCSIFLLADDR
if.c: add support for SIOCSIFLLADDR, which resets the values in
the arpcom struct and sockaddr_dl for the specified interface.
Note that if the interface is already up, we need to down/up
it in order to program the underlying hardware's receive filter.
ifconfig.c: add lladdr command
ifconfig.8: document lladdr command

You can now force the MAC address on any ethernet interface to be
whatever you want. (The change is not sticky across reboots of course:
we don't actually reprogram the EEPROM or anything.) Actually, you
can reprogram the MAC address on other kinds of interfaces too; this
shouldn't be ethernet-specific (though at the moment it's limited to
6 bytes of address data).

Nobody ran up to me and said "this is the politically correct way to
do this!" so I don't want to hear any complaints from people who think
I could have done it more elegantly. Consider yourselves lucky I didn't
do it by having ifconfig tread all over /dev/kmem.
b42951578188c5aab5c9f8cbcde4a743f8092cdc 02-Apr-2000 cvs2svn <cvs2svn@FreeBSD.org> This commit was manufactured by cvs2svn to create branch 'ALSA'.
76def55630f684262b031d69788337b56c8e8e06 06-Mar-2000 peter <peter@FreeBSD.org> Purely cosmetic tweak, use consistant whitespace with scopeid.
ce0f910200f5c366a4d1c7d0a4975c21d2bdaa38 28-Feb-2000 shin <shin@FreeBSD.org> Print scope id for scoped addrs.

Approved by: jkh
ccbd17ca87bbd7b091dddbfe192e3b06aeab3189 26-Feb-2000 rwatson <rwatson@FreeBSD.org> Introduce ``add'' and ``remove'' as alternatives to ``alias'' and ``delete''.
Improve compatibility with BSD/OS, and also more accurately reflect that
IP aliases aren't really any different than the primary IP address on an

Reviewed by: dcs
Approved by: jkh
681d6b5c31759a5f92f206cdc05e9b377807239a 10-Feb-2000 shin <shin@FreeBSD.org> Support IPv6 scoped addr in ifconfig and route

IPv6 scoped addr display is not yet supported by ifconfig
and route. Now almost of IPv6 apps support it, so its support
in ifconfig and route is important to keep consisetncy, and
to avoid user confusion.

Approved by: jkh
a40df25abfe506d75d925d8c890834eb094c1172 29-Dec-1999 ru <ru@FreeBSD.org> - do not dereference a null pointer.
- minor sanity.

PR: 15318
73b591d0a1c84d964fbfc13c7fbf3f18b3d8d636 16-Dec-1999 billf <billf@FreeBSD.org> Spelling correction (adress -> address)
70f0bdf6818a73c858bc47a23afc1e9d7c56d716 07-Dec-1999 shin <shin@FreeBSD.org> udp IPv6 support, IPv6/IPv4 tunneling support in kernel,
packet divert at kernel for IPv6/IPv4 translater daemon

This includes queue related patch submitted by jburkhol@home.com.

Submitted by: queue related patch from jburkhol@home.com
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
4d16916f800d4c5ee37fb3c93ca6981ad9b33eb3 20-Sep-1999 msmith <msmith@FreeBSD.org> If we don't appear to have a module loaded supporting the interface
we're about to operate on, try to load one. Don't complain if the
load fails, and always press on regardless (there may not be a module
suitable or required).

With the renaming of the PCI ethernet driver modules and the addition
of appropriate miibus dependancies on those modules that need it, it is
now no longer necessary to compile many ethernet drivers into the kernel;
they will be loaded on demand the first time they are ifconfig'ed.

Inspiration from: mount
Reviewed by: obrien
76f0c923fe4b2a1616453876611dc76b4f6b5355 28-Aug-1999 peter <peter@FreeBSD.org> $Id$ -> $FreeBSD$
ff773191969ea0eb35218ab5f90ca57d05cff015 19-Jun-1999 phk <phk@FreeBSD.org> Move the IFSTATUS stuff after the address listing.
1048fa73010ca9dfb0cfba83b166fcfa2ef994be 19-Jun-1999 phk <phk@FreeBSD.org> Add a new interface ioctl, to return "aux status".

This is inteded for to allow ifconfig to print various unstructured
information from an interface.

The data is returned from the kernel in ASCII form, see the comment in
if.h for some technicalities.

Canonical cut&paste example to be found in if_tun.c

Initial use:
Now tun* interfaces tell the PID of the process which opened them.

Future uses could be (volounteers welcome!):
Have ppp/slip interfaces tell which tty they use.
Make sync interfaces return their media state: red/yellow/blue
alarm, timeslot assignment and so on.
Make ethernets warn about missing heartbeats and/or cables
0098c16802b914fdce6d769f5d8614afd9752297 06-Jun-1999 phk <phk@FreeBSD.org> Introduce IFF_SMART bit.

This means that the driver will add/delete routes when it knows it is
up/down, rather than have the generic code belive it is up if configured.

This is probably most useful for serial lines, although many PHY chips
could probably tell us if we're connected to the cable/hub as well.
a1b49dc15234a4ca3eddd3dbaac7e6d80043d7a2 15-Mar-1999 wpaul <wpaul@FreeBSD.org> Grrr... botched remote commit. Let's try this again: vlan updates,
take two.
71eadd074a07ec8e512a23643a9f35013c2f794d 07-Aug-1998 phk <phk@FreeBSD.org> unifdef -UISO

Inspired by bdes comment to PR: 7419
170787cd28a2b65772d89d7d3037fb8e9c8a39ed 06-Jul-1998 bde <bde@FreeBSD.org> ioctl() request args are unsigned longs, so don't attempt to store
them as ints. Among other bugs, doing so at best caused benign
overflow followed by fatal sign extension on machines with 32-bit
ints and 64-bit longs.
dde477ffbba9d267e2d4f9d010c07eb982a7afc3 06-Jul-1998 charnier <charnier@FreeBSD.org> Update man page to allow adding address_family when -l is used (this is a no op
for now). Correct use of .Nm. Short usage string (see man page for full list).
Spelling. Use err(3).
7be3e77c0acdb8f6edfb7faed259eb29ff968fa6 19-Mar-1998 eivind <eivind@FreeBSD.org> Make 'ifconfig -l ether' only list Ethernet interfaces. This is
useful, intuitive, and match the old comments in the source.
Previously, 'ifconfig -l ether' and 'ifconfig -l' were equal.
0506343883d62f6649f7bbaf1a436133cef6261d 11-Jan-1998 cvs2svn <cvs2svn@FreeBSD.org> This commit was manufactured by cvs2svn to create branch 'jb'.
7c6e96080c4fb49bf912942804477d202a53396c 10-Jan-1998 cvs2svn <cvs2svn@FreeBSD.org> This commit was manufactured by cvs2svn to create branch 'JB'.
ec6e7a3cf863f9bc9b25ea098dcc0b58d6d6958b 26-Dec-1997 imp <imp@FreeBSD.org> style(9) corrections
Submitted by: bde
fb787b8d6adfec597d90e7b3d696fcbdedb5ab07 24-Dec-1997 imp <imp@FreeBSD.org> Be extra paranoid about trusting the size of the address returned from
Submitted by: Julian Assange
668d29bd1f8d1ed1e07f0293b41ea17f77352920 27-Oct-1997 steve <steve@FreeBSD.org> Fix a misleading comment.

PR: bin/4861
Submitted by: Alex <garbanzo@hooked.net>
12c811026acf26a5aee6fe6fb9b842b33f109a0b 16-Oct-1997 peter <peter@FreeBSD.org> Make the supported media info output the default.
The -m switch is now accepted for backwards compatability.

Suggested by: davidg
ef73892b1acfc074fbfd815642d36a0659a87649 10-May-1997 peter <peter@FreeBSD.org> Clean up some more. Move parsing of sysctl iflist data into a single
place rather than updating the main loop's index variables from within
a subroutine and other revolting things like that. Move some more
globals into local variables.
6f36e2eccf49524bd4de897bfe7947bf6020aec1 10-May-1997 peter <peter@FreeBSD.org> Grumble.. My last patchup here didn't quite work either. I hate this
program and it's use of global variables. Somehow, I managed to miss the
most obvious case.. "ifconfig ed0" failed (no "inet")

Submitted by: dfr
c54176b4c3fca4f46121bf74f15b33df068dd3be 07-May-1997 peter <peter@FreeBSD.org> Restore unintentially lost backwards compat behavior of defaulting to
family inet if not specified. (eg: "ifconfig ed0" down would fail because
no family was specified, even though the up/down status is not per family)

Pointed out by: Wolfgang Helbig <helbig@MX.BA-Stuttgart.De>
54b5e92f49c141588dd1ac95ea0899bb19eee068 04-May-1997 peter <peter@FreeBSD.org> Commit hooks for ifmedia support. It's optional in the Makefile, and
can be trivially disabled.
c2cd7da05d5aa14b9e3e34a77aad3ac3d5379388 04-May-1997 peter <peter@FreeBSD.org> Second try at cleanups and fixes (without if_media stuff for the moment)
- parse command options using getopt for consistancy
- sanitise the command parsing so that it's less like spaghetti
- implement a "-l" option (idea from NetBSD - just list names)
- attempt to clean up the sysctl parsing loop some more. It still needs
to be taken out the back and shot though.
- cut down on global usage, but there's a lot more scope for this.
- make usage string a bit closer to reality (it was missing lots of things)

Unfortunately, I did this for the second time but with the memory of
the NetBSD version still recently in my mind. It's hard to redo simple
changes or getopt stuff without making it look like what you've been
working with a few hours ago.
2c9c5546d4433627d8d5fa97a9f8b20d13549dbc 04-May-1997 peter <peter@FreeBSD.org> force null commit to skip over rev 1.25 so there's less cvs trouble
4968036f61ba12b2d7bd7a825b0a79c67054a395 22-Feb-1997 peter <peter@FreeBSD.org> Revert $FreeBSD$ to $Id$
808a36ef658c1810327b5d329469bcf5dad24b28 14-Jan-1997 jkh <jkh@FreeBSD.org> Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
5972643f58355298ad5382ed2e5cf054930f6927 03-Jan-1997 wollman <wollman@FreeBSD.org> Update to match changes in <net/if.h>.
d3ecee07b35f58cb9d8e5e3c25e923af0c1c5056 10-Dec-1996 wollman <wollman@FreeBSD.org> Fix up programs which expect <net/if.h> to include <sys/time.h> to instead
do it themselves. (Some of these programs actually depended on this
beyond compiling the definition of struct ifinfo!) Also fix up some
other #include messes while we're at it.
1ee570ecc1ba7cad26c2876b4f78f0462b5d55dc 21-Nov-1996 wollman <wollman@FreeBSD.org> Fix lots of non-bug questionable code:

- Don't link against libkvm and don't uselessly include <kvm.h>.
- Declare constant objects as const.
- Declare functions with the correct types.
- Call functions with the correct parameters.

Not fixed:

- The sysctl parsing remains ugly (but it may be the best we can do).
- atnetrange() should use strtoul() rather than sscanf() for better
error checking.
d7d8eed5bb0a8a1a0c22960ed12c3f2498649eff 04-Sep-1996 julian <julian@FreeBSD.org> Get rid of an unexpectedly bogus sanity check under appletalk because
it stopped us from removing or setting loopback address
on lo0:

also make use of the fact the athe sockaddre_at struct now has a "netrange"

CVS ----------------------------------------------------------------------
7805978130bff3d12577cd0f7ab22e16fcf455ed 23-Jul-1996 julian <julian@FreeBSD.org> Submitted by: archie@whistle.com

appletalk cleanups
b3eaec8941075071ac8fb652adaad1e6b2a4b431 14-Jul-1996 alex <alex@FreeBSD.org> Grammar fix described by wollman in response to PR 1363.
37f1fda73bb57146d5448c106944e20efc42c06e 09-Jul-1996 julian <julian@FreeBSD.org> Submitted by: Archie@whistle.com
Obtained from: Whistle Communications
patches to allow ifconfig to work with appletalk addresses etc.
379b9b388fc8788659993af038bb322bfbcea8b2 13-Feb-1996 wollman <wollman@FreeBSD.org> XNS sort-of-support is no more.
61d8d8e40b45efc45d9bbdf14fe96e565ceb074f 06-Feb-1996 wollman <wollman@FreeBSD.org> Remove support for OSI networking in user-land (#ifdef OSI aor CCITT)
in preparation for its removal from the kernel source tree. NB: because
a function was deleted, libc is now at version 3.0 (was 2.2 previously).
26ca6e51478ba895bfd95b4b11ec989020e0a17d 30-Jan-1996 ache <ache@FreeBSD.org> Add missing comma in usage printf
250a8d27d3a03118cbd0b4c9c232107adeabf587 08-Jan-1996 peter <peter@FreeBSD.org> Yet another "fix" for some of the mistakes in the recent versions..

I discovered that when asking for the IFLIST via sysctl(), if you
specify only AF_INET address, it actually gives you only AF_INET..
(suprise, suprise..!)

Now, it should "do the right thing" in just about all cases... The only
problem, is that "the right thing" isn't exactly clear in all cases.
bb732328cebd73f44de4acd2ac5139f12a639ce0 08-Jan-1996 peter <peter@FreeBSD.org> Fix some of my mistakes, slight cleanup, improve reliability (the old
ifconfig would segfault on "ifconfig ed0 ether up" and the like).

The main reason for this commit was that an "ifconfig -a" would also show
the AF_INET addresses in AF_IPX form (if the kernel was configured for IPX)
due to insufficient AF checking in my "new way" of doing it.
76ccec8b122f93562a3d98509b943d6cd9eff112 01-Jan-1996 peter <peter@FreeBSD.org> My really ugly hack to ifconfig to make it pick up interface aliases
and the ethernet address for non-root users.

I apologise to the world for propagating the ugliness of some of the code
constructs within ifconfig... Fixing them would just abou mean rewriting
most of the function call interfaces, something I didn't have the stomach
for. :-)
ff7271fe707305ee1b15f5b069fdf2510e58dbf9 07-Dec-1995 wollman <wollman@FreeBSD.org> Use a dynamically-sized buffer for SIOCGIFCONF so that `ifconfig -a'
actually retrieves all the information no matter how many interfaces
there are. (Probably there are other utilities which need similar

Submitted by: Andrew Webster <awebster@dataradio.com>
86f1bc4514fdcfd255f37f3218fe234bdc3664fc 05-Nov-1995 cvs2svn <cvs2svn@FreeBSD.org> This commit was manufactured by cvs2svn to create branch 'LINUX'.
90ae06d6ac1d2da3758389a70a20c91f3e9fd1dc 26-Oct-1995 julian <julian@FreeBSD.org> Reviewed by: julian and jhay@mikom.csir.co.za
Submitted by: Mike Mitchell, supervisor@alb.asctmd.com

This is a bulk mport of Mike's IPX/SPX protocol stacks and all the
related gunf that goes with it..
it is not guaranteed to work 100% correctly at this time
but as we had several people trying to work on it
I figured it would be better to get it checked in so
they could all get teh same thing to work on..

Mikes been using it for a year or so
but on 2.0

more changes and stuff will be merged in from other developers now that this is in.

Mike Mitchell, Network Engineer
AMTECH Systems Corporation, Technology and Manufacturing
8600 Jefferson Street, Albuquerque, New Mexico 87113 (505) 856-8000
f3a2b348daf9fa6063c38d2d69563f732a2f80e7 30-May-1995 rgrimes <rgrimes@FreeBSD.org> Remove trailing whitespace.
a153267748ead18b28287e3a1a46a720b15d4f8a 26-Apr-1995 pst <pst@FreeBSD.org> Replace call to obsolete inet_addr routine with inet_aton so we can specify
netmasks and broadcast addresses of
2e14d9ebc3d3592c67bdf625af9ebe0dfc386653 14-Mar-1995 cvs2svn <cvs2svn@FreeBSD.org> This commit was manufactured by cvs2svn to create branch 'MATT_THOMAS'.
f35bd2b8e80fbedba802ad510574a163bedb55db 12-Mar-1995 wpaul <wpaul@FreeBSD.org> Impliment -ad and -au flags in addition to -a and document the change
in the man page. ifconfig -au affects all interfaces marked as up,
and ifconfig -ad affects only the interfaces marked down. ifconfig -a
still handles everything. This change is purely for compatibility with
SunOS, for those who might be accustomed to the SunOS ifconfig's
19e605aa040972b8e64820a16bdd6fbe8c33946b 30-Dec-1994 jkh <jkh@FreeBSD.org> From: Wankle Rotary Engine <wpaul@skynet.ctr.columbia.edu>

- The -a flag now works just as it does in SunOS: '-a' is actually
handled like a wildcard for all interfaces. 'ifconfig -a' displays
the status of all interfaces, 'ifconfig -a netmask 0xffffff00' sets
the netmask of all interfaces, and so forth. I don't know if many
people really need to be able to set the netmasks of all interfaces
at once, but the SunOS ifconfig seems to allow this, so there you
have it.

- An 'ether_status' function has been added to display the ethernet
address of all ethernet interfaces. Again, as in SunOS, you must
be root in order for this to work. The ethernet address is read
from /dev/kmem using kvm_open() and kvm_read(), much in the same
was as it's done with netstat. If you choose to install ifconfig
set-gid kmem then normal users will be able to see the ethernet
address as well, though this may not be desireable. This feature
requires a small change to the ifconfig Makefile: you need to link
with -lkvm in order to use the kvm_*() functions.

Submitted by: wpaul
7fc3a478182ec1e04a7abcff4cab99b52d192c81 20-Nov-1994 ats <ats@FreeBSD.org> Add parameters "compress", "normal" and "noicmp" for the slip usage.
These names are used in the slip.hosts file as examples, but ifconfig
have formerly only accepted link0, -link0 and link1 for this.
34cd81d75f398ee455e61969b118639dacbfd7a6 23-Sep-1994 cvs2svn <cvs2svn@FreeBSD.org> This commit was manufactured by cvs2svn to create branch 'MACKERRAS'.
475bdabd4d7858d65fef64d51de810440cd7959c 08-Aug-1994 dg <dg@FreeBSD.org> Added support for setting the per-interface MTU.
e16baf7a5fe7ac1453381d0017ed1dcdeefbc995 07-Aug-1994 cvs2svn <cvs2svn@FreeBSD.org> This commit was manufactured by cvs2svn to create branch 'SUNRPC'.
d038e02fd667ab6c02875840105798aaa7029504 26-May-1994 rgrimes <rgrimes@FreeBSD.org> BSD 4.4 Lite sbin Sources

Note: XNSrouted and routed NOT imported here, they shall be imported with