very specific scenarios, and now that we have had net.inet.tcp.blackhole for
quite some time there is really no reason to use it any more.
(second of three commits)
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
Xircom CreditCard Netwave cnw
Intel PRO/Wireless 2011 (PRISM II) wi
3COM 3CRWE737A (PRISM II) wi
Note: I've had some reports that the latter two cards work, but I've not
been able to get them to work for me.
enable all harvesting options by default since having them on for
devices not present doesn't hurt anything. Leave them on by default
since for the most part they are not producing noticable slowdown,
and are about to get a lot more efficient.
Re-order part of the cheesy entropy process in preparation for
its complete removal.
during the boot process. We're turning it on by default, based on the
actual presence of a configured ethernet card, and/or ppp/tun devices.
Of course, it's easy to disable in rc.conf.
1) blackholes.mail-abuse.org is the same as FEATURE(dnsbl), so specifying
it in the "Other DNS based black hole lists" section leads to confusion of
specifying it twice.
2) Formatting issues. If error diagnostic not enclosed in double quotes,
varius visual artefacts appearse like 1) no space after ; and 2) redundant
space after ? (in CGI request), so I add quotes where needed.
3) FEATURE(dnsbl) directly use error code 550 by default, so I made other
dnsbl variants use the same error code too.
4) Comment relays.* list as "open relays" list, just "other" word is not
explain enough.
Submitted by: ache
