summaryrefslogtreecommitdiff
path: root/node/Network.cpp
AgeCommit message (Collapse)Author
2016-09-13docsAdam Ierymenko
2016-09-09(1) Public networks now get COMs even though they do not gate with them ↵Adam Ierymenko
since they will need them to push auth for multicast stuff, (2) added a bunch of rate limit circuit breakers for anti-DOS, (3) cleanup.
2016-09-09Fix gating of multicast GATHER replies since these can come from upstream, ↵Adam Ierymenko
etc., and fix an issue with sending ECHO to recheck marginal paths.
2016-09-09More refactoring to clean up code, and add a gate function to make sure we ↵Adam Ierymenko
do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
2016-09-08Clean up handling of COMs, network access control, and fix a backward ↵Adam Ierymenko
compatiblity issue.
2016-09-08Fix bug causing null addresses to get in memberships[] hash.Adam Ierymenko
2016-09-07More correct and efficient to initialize member relationship push stuff ↵Adam Ierymenko
lazily when member is learned.
2016-09-07Also send MULTICAST_LIKEs to controllers.Adam Ierymenko
2016-09-07Refactor MULTICAST_LIKE pushing to eliminate redundant and unnecessary ↵Adam Ierymenko
pushes and simplify code.
2016-09-03Tweaks to new Path code for dual-stack operation, and other fixes.Adam Ierymenko
2016-09-01Cleanup.Adam Ierymenko
2016-09-01Optimize filter code a bit, and add a network-level setting for what should ↵Adam Ierymenko
happen if an unsupported or unknown MATCH is encountered in a rules table.
2016-08-31Also need to send credentials when TEEing and REDIRECTing.Adam Ierymenko
2016-08-31Simplify some logic.Adam Ierymenko
2016-08-31Think through and refine a few things in rules, especially edge case TEE and ↵Adam Ierymenko
REDIRECT behavior and semantics.
2016-08-31rename SAMENESS to DIFFERENCE which is less confusingAdam Ierymenko
2016-08-31Add overlooked MATCH_ICMP to rule set.Adam Ierymenko
2016-08-29Debug output fixes.Adam Ierymenko
2016-08-29Debug output fixes.Adam Ierymenko
2016-08-29Debug output fixes.Adam Ierymenko
2016-08-29EXT_FRAME messages should always be accepted if we are the destination for a ↵Adam Ierymenko
matching TEE or REDIRECT rule.
2016-08-29Make rules engine debug a bit more verbose.Adam Ierymenko
2016-08-26.Adam Ierymenko
2016-08-26Change logic a little for self-as-destination in TEE and REDIRECT.Adam Ierymenko
2016-08-26Do not TEE or REDIRECT to self.Adam Ierymenko
2016-08-26Add missing names in filter debug code.Adam Ierymenko
2016-08-26Always output trace info when debugging rules.Adam Ierymenko
2016-08-26Documentation updates, add rules engine revision to network config request ↵Adam Ierymenko
meta-data.
2016-08-25Fix chicken or egg problem in tags, and better filter debug instrumentation.Adam Ierymenko
2016-08-25Controller bug fixesAdam Ierymenko
2016-08-25Add a debug log feature in the filter, which only works if enabled in ↵Adam Ierymenko
Network.cpp.
2016-08-24It basically works... at least on current controllers.Adam Ierymenko
2016-08-24Push NETWORK_CONFIG_REFRESH on POSTs to /member/... in controller.Adam Ierymenko
2016-08-24Add length limit to TEE and REDIRECT, and completely factor out old C ↵Adam Ierymenko
json-parser to eliminate a dependency.
2016-08-23Instantaneous blacklisting and credential revocation.Adam Ierymenko
2016-08-23Cleanup.Adam Ierymenko
2016-08-23Obsolete "test network" removal.Adam Ierymenko
2016-08-22Get rid of expiration in Capability and Tag and move this to NetworkConfig ↵Adam Ierymenko
so it can be set network-wide and reset if needed. Also add NetworkConfig field for this and centralize checking of credential time validity.
2016-08-10Better instrumentation for filter, and filter bug fixes.Adam Ierymenko
2016-08-10Rule parse fix.Adam Ierymenko
2016-08-09Minor bug fix and some instrumentation stuff for testing.Adam Ierymenko
2016-08-09More cleanup and removal of cruft due to obsolete network-specific relays ↵Adam Ierymenko
(will be replaced with federation stuff).
2016-08-09Handling of multi-part chunked network configs on the inbound side.Adam Ierymenko
2016-08-09Encode and decode of tags and capabilities in NetworkConfig.Adam Ierymenko
2016-08-08It builds... almost ready to test some rules engine stuff.Adam Ierymenko
2016-08-08Refactor and tie-up of capabilities and tags and packet evaluation points. ↵Adam Ierymenko
Some optimization is possible here but it is minor and we will make it work first.
2016-08-05.Adam Ierymenko
2016-08-05.Adam Ierymenko
2016-08-04More cleanup and a tiny federation prep item.Adam Ierymenko
2016-08-04.Adam Ierymenko
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-25 21:18:00 +0000