Thomas Leonard
13138dc636
Fix OOM check when adding NAT entries
2016-01-05 16:43:07 +00:00
Thomas Leonard
7e68eebbc8
Remove mirage-qubes pin; it's released now
2016-01-05 13:49:16 +00:00
Thomas Leonard
d4775a1fcd
Log SetDateTime messages from dom0
2016-01-05 13:43:02 +00:00
Thomas Leonard
ea7c10ce58
Handle Out_of_memory adding NAT entries
...
Because hash tables resize in big steps, this can happen even if we have
a fair chunk of free memory.
2016-01-03 17:10:02 +00:00
Thomas Leonard
491dbd9323
Calculate checksums even for Accept action
...
If packet has been NAT'd then we certainly need to recalculate the checksum,
but even for direct pass-through it might have been received with an invalid
checksum due to checksum offload. For now, recalculate full checksum in all
cases.
See #1 .
2016-01-03 14:14:00 +00:00
Thomas Leonard
96bc12c591
Log correct destination for redirected packets
...
Before, we always said it was going to "NetVM".
2016-01-02 20:38:38 +00:00
Thomas Leonard
0e8e142337
If we can't find a free port, reset the NAT table
2016-01-02 16:50:16 +00:00
Thomas Leonard
f1ed6ffdd8
Report current memory use to XenStore
2016-01-02 16:14:02 +00:00
Thomas Leonard
425ba26286
Reset NAT table if memory gets low
2016-01-02 15:50:05 +00:00
Thomas Leonard
1779f0fdbe
Removed unused function
2016-01-02 15:27:25 +00:00
Thomas Leonard
61c4c730d4
Link to blog post
2016-01-02 08:34:39 +00:00
Thomas Leonard
7e76123a37
Build also requires patch
...
Reported by William Waites.
2016-01-02 08:30:29 +00:00
Thomas Leonard
a801e538f2
Add 'make tar' build target
2016-01-01 15:49:06 +00:00
Thomas Leonard
aee124338a
Minor cleanup
2016-01-01 13:03:18 +00:00
Thomas Leonard
1da8775814
Provide same actions to client and NetVM rules
2016-01-01 12:54:44 +00:00
Thomas Leonard
d0f4189df8
Turn off XenStore debug logging
2016-01-01 12:37:39 +00:00
Thomas Leonard
2002126b8b
Rationalised firewall rules syntax
...
Added explicit NAT target, allowing NAT even within client net and
making it clear that NAT is used externally.
Changed Redirect_to_netvm to NAT_to, and allow specifying any target
host.
2016-01-01 11:32:57 +00:00
Thomas Leonard
4032a5d776
Simplify code slightly
2016-01-01 10:56:37 +00:00
Thomas Leonard
86b31f7f4b
Process all client frames
...
Before, we only looked at frames with our MAC address, but we may want
to handle client-to-client communication too.
2015-12-31 15:56:56 +00:00
Thomas Leonard
0d864d6cde
Minor cleanup
2015-12-31 15:30:32 +00:00
Thomas Leonard
ac0444f1c1
Log packet details when dropping
2015-12-31 09:56:58 +00:00
Thomas Leonard
cd69ce5a86
Move NAT code to router and add DNS redirects
2015-12-30 19:34:04 +00:00
Thomas Leonard
5a2f6f7ce8
Minor cleanups
2015-12-30 14:32:59 +00:00
Thomas Leonard
11e18c0b83
Moved uplink code to its own module
2015-12-30 14:22:46 +00:00
Thomas Leonard
9dc7d01896
Moved client networking to its own module
...
Renamed the old Client_net to Client_eth, as it just handles the
Ethernet layer.
2015-12-30 13:52:56 +00:00
Thomas Leonard
f3332ed4da
Split database access into its own module
2015-12-30 12:07:29 +00:00
Thomas Leonard
914b6bbbf6
Initial import
2015-12-30 11:07:17 +00:00