Commit Graph

5393 Commits

Author SHA1 Message Date
Pawel Jakub Dawidek
864cba9669 Add support for Camellia encryption algorithm.
PR:		kern/113790
Submitted by:	Yoshisato YANAGISAWA <yanagisawa@csg.is.titech.ac.jp>
Approved by:	re (bmah)
2007-09-01 06:33:02 +00:00
Maxim Konovalov
4a296ec798 o Fix bug I introduced in the previous commit (ipfw set extention):
pack a set number correctly.

Submitted by:	oleg

o Plug a memory leak.

Submitted by:	oleg and Andrey V. Elsukov
Approved by:	re (kensmith)
MFC after:	1 week
2007-08-26 18:38:31 +00:00
Daniel Gerzo
046bcd1bcf document hw.realmem
Submitted by:	cnst@ (Constantine A. Murenin)
Sponsored by:	Google Summer of Code 2007
Approved by:	re@ (bmah)
MFC after:	1 week
2007-08-24 20:38:09 +00:00
Daniel Gerzo
75803d7f94 - Sweep the boot(8) man page after addition of boot.config(5).
Reviewed by: keramida
Approved by: re (kensmith)
2007-08-18 07:58:36 +00:00
John Baldwin
14657ee81f Expand the data structure returned by the ATA RAID status ioctl to include
detailed status on each of the backing subdisks.  This allows userland
to see which subdisks are online, failed, missing, or a hot spare.

MFC after:	1 week
Approved by:	re (bmah)
Reviewed by:	sos
2007-08-13 18:46:31 +00:00
Maxim Konovalov
e863318e45 o You have to reboot the system after tuning softupdates on the root
filesystem on to make SU work.

Approved by:	re (hrs)
MFC after:	1 week
2007-08-12 20:08:07 +00:00
Pawel Jakub Dawidek
db3f838d97 Fix fscking gjournaled root file system: root file system is already mounted
read-only, so we can't simply exit right after calling gjournal_check(),
instead we need to ask about super block reload.

Submitted by:	Niki Denev <niki@totalterror.net>
PR:		misc/113889
Approved by:	re (kensmith)
2007-08-10 06:29:54 +00:00
Bjoern A. Zeeb
cc977adc71 Rename option IPSEC_FILTERGIF to IPSEC_FILTERTUNNEL.
Also rename the related functions in a similar way.
There are no functional changes.

For a packet coming in with IPsec tunnel mode, the default is
to only call into the firewall with the "outer" IP header and
payload.

With this option turned on, in addition to the "outer" parts,
the "inner" IP header and payload are passed to the
firewall too when going through ip_input() the second time.

The option was never only related to a gif(4) tunnel within
an IPsec tunnel and thus the name was very misleading.

Discussed at:			BSDCan 2007
Best new name suggested by:	rwatson
Reviewed by:			rwatson
Approved by:			re (bmah)
2007-08-05 16:16:15 +00:00
Christian S.J. Peron
f5cbef3c2d Remove references to mpsafenet. This option no longer exists.
Approved by:	re@ (bmah)
2007-08-04 20:35:42 +00:00
Andrew Thompson
85ce729794 Add a bridge interface flag called PRIVATE where any private port can not
communicate with another private port.

All unicast/broadcast/multicast layer2 traffic is blocked so it works much the
same way as using firewall rules but scales better and is generally easier as
firewall packages usually do not allow ARP blocking.

An example usage would be having a number of customers on separate vlans
bridged with a server network. All the vlans are marked private, they can all
communicate with the server network unhindered, but can not exchange any
traffic whatsoever with each other.

Approved by:	re (rwatson)
2007-08-01 00:33:52 +00:00
Christian Brueffer
064d25a08a First round of cleanups.
Approved by:	re (blanket)
2007-07-24 18:08:16 +00:00
Scott Long
c5933b2086 Introduce Danny Braniss' iSCSI initiator, version 2.0.99. Please read the
included man pages on how to use it.  This code is still somewhat experimental
but has been successfully tested on a number of targets.  Many thanks to
Danny for contributing this.

Approved by: re
2007-07-24 15:35:02 +00:00
Robert Watson
2b851aeb63 Disconnect netatm from the build as it is not MPSAFE and relies on
NET_NEEDS_GIANT, which will shortly be removed.  This is done in a
away that it may be easily reattached to the build before 7.1 if
appropriate locking is added.  Specifics:

- Don't install netatm include files
- Disconnect netatm command line management tools
- Don't build libatm
- Don't include ATM parts in rescue or sysinstall
- Don't install sample configuration files and documents
- Don't build kernel support as a module or in NOTES
- Don't build netgraph wrapper nodes for netatm

This removes the last remaining consumer of NET_NEEDS_GIANT.

Reviewed by:	harti
Discussed with:	bz, bms
Approved by:	re (kensmith)
2007-07-14 21:49:24 +00:00
Sam Leffler
fdef6acc3d updates for 802.11-related parameters
Reviewed by:	thompsa
Approved by:	re (hrs)
2007-07-09 15:39:58 +00:00
Andrew Thompson
b3d37ca5f8 Allow the LACP state to be queried from userland which at the moment is the
actor and partner peer info. Print out the active aggregator and per port data
in verbose mode from ifconfig.

Approved by:	re (mux)
2007-07-05 09:18:57 +00:00
Bjoern A. Zeeb
53bf725ae1 Remove the -DFAST_IPSEC from Makefiles again.
This was needed during the IPSEC->FAST_IPSEC->IPSEC transition
period to not break the build after picking up netipsec header
files. Now that the FAST_IPSEC kernel option is gone and the
default is IPSEC again those defines are superfluous.

Approved by:	re (rwatson)
2007-07-05 08:56:46 +00:00
Andrew Thompson
60932bc9ae Use the -n flag on ifconfig so that dhclient does not cause the kernel module
to be reloaded when the interface is torn down.

Reviewed by:	brooks
Approved by:	re (kensmith)
2007-07-03 17:49:32 +00:00
Max Laier
60ee384760 Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
George V. Neville-Neil
8409aedfa6 Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.

Submitted by:    bz
Approved by:    re
2007-07-01 12:08:08 +00:00
Rong-En Fan
534046e301 - Remove UMAP filesystem. It was disconnected from build three years ago,
and it is seriously broken.

Discussed on:   freebsd-arch@
Approved by:	re (mux)
2007-06-25 05:06:57 +00:00
Maxim Konovalov
d069a5d478 o Make ipfw set more robust -- now it is possible:
- to show a specific set: ipfw set 3 show
    - to delete rules from the set: ipfw set 9 delete 100 200 300
    - to flush the set: ipfw set 4 flush
    - to reset rules counters in the set: ipfw set 1 zero

PR:		kern/113388
Submitted by:	Andrey V. Elsukov
Approved by:	re (kensmith)
MFC after:	6 weeks
2007-06-18 17:52:37 +00:00
Xin LI
98397198e7 In the previous changeset a cast of myminor to u_int were
removed, which will cause problems on architectures where
longs are longer than ints, for instance,
	"mknod foo c 0 0xffff00ff"
would fail in such cases.

Use a proper cast instead.

Prompted by:	bde
2007-06-14 03:16:16 +00:00
Andrew Thompson
22dcc3c17b Add the vlan tag to the bridge route table. This allows a vlan trunk to be
bridged, previously legitimate traffic was not passed as the bridge could not
tell that it was on a different Ethernet segment.

All non-tagged traffic is treated as vlan1 as per IEEE 802.1Q-2003
2007-06-13 18:58:04 +00:00
Robert Watson
0cae11b9cc Remove IPX over IP tunneling pieces from ifconfig(8), omitted portion of
previous commit:

  Remove IPX over IP tunneling support, which allows IPX routing over IP
  tunnels, and was not MPSAFE.  The code can be easily restored in the
  event that someone with an IPX over IP tunnel configuration can work
  with me to test patches.

  This removes one of five remaining consumers of NET_NEEDS_GIANT.

  Approved by:    re (kensmith)

Spotted by:	Artem Naluzhny <tutat nhamon dot com dot ua>
2007-06-13 18:07:59 +00:00
Xin LI
5224d0a1d6 WARNS=6 2007-06-13 05:30:07 +00:00
Poul-Henning Kamp
adf28c3c9b Add recoverdisk to the base system, it is far too useful to live
in obscurity over in src/tools.

(Repocopied)
2007-06-12 21:31:39 +00:00
Andrew Thompson
6b3375abfa Catch up with variable name changes in struct lagg_protos. 2007-06-12 10:07:57 +00:00
Andrew Thompson
927a1b4120 Reset the pointer to the ioctl buffer after it gets changed. 2007-06-12 00:52:40 +00:00
Andre Oppermann
a6575bfc2d Add reporting and toggling of TCP LRO (large receive offload) support to
ifconfig(8).
2007-06-11 20:15:20 +00:00
Olivier Houchard
083524da25 Exclude inet_addr.c from the build.
It only provides inet_aton(), which is already provided by the libc. This
causes multiple symbol definitions when linking statically.

Reviewed by:    darrenr
2007-06-11 19:38:38 +00:00
Bruce Evans
6b6b665bfd When we return from a "show" function without printing anything except
a warning, return 1 instead of 0 to indicate that we didn't print
anything, so that top-level callers don't print a spurious newline.
This is mainly to fix output formatting when stderr is redirected.  It
also helps in some cases when stderr is interleaved with stdout,
depending on the details of the interleaving (this program has the
usual null explicit support for syncing stderr with stdout).

Return 1 instead of -1 after printing the "malloc failed" warning, since
the return value is boolean.
2007-06-11 13:02:15 +00:00
Sam Leffler
8f3591a5bb Update for revised 802.11 support:
o revised channel handling support; ifconfig now queries the kernel to
  find the list of available channels and handles channel promotion;
  channel attributes can be specified as part of the channel; e.g. 36:a
  for channel 36 in 11a (as opposed to turbo A or HT A)
o use channel list to map between freq and IEEE channel #; this eliminates
  all knowledge of how the mapping is done and fixes handling of cases
  where channels overlap in the IEEE channel # space but are distinct in
  the frequency+attributes space (e.g. PSB)
o add new knobs: bgscan, ff (Atheors fast frames), dturbo (Atheros
  Dynamic Turbo mode), bgscanidle, bgscanintvl, scanvalid, roam:rssi11a,
  roam:rssi11b, roam:rssi11g, roam:rate11a, roam:rate11b, roam:rate11g
  (roaming parameters), burst, doth (forthcoming 11h support)
o print contents of WME, ATH, WPA, RSN, information elements with -v option
o print signal strength in dBm
o print noise floor in dBm
o add list txpow to print tx power caps/channel
o change default channel display in status to be more informative
2007-06-11 03:56:33 +00:00
David Malone
e37d2b3001 Some improvements to the int-type printing code based on suggestions by bde. 2007-06-10 20:11:52 +00:00
David Malone
fd8c668afc Fix a number of WARNS, including printf, constness and unsigned comparison
warnings.
2007-06-10 19:32:20 +00:00
David Malone
21e1f59618 Some style improvements suggested by bde, including removing an
unused include, adding parens for return and sizeof and renaming,
adding some missing whitespace and sorting some variables.
2007-06-10 19:13:40 +00:00
David Malone
41e419cb61 Use common code for printing ints and longs by coppying the sysctl
value into a variable of the right type and then printing it via
an intmax_t. This makes avoids some duplication and makes it easy
to add a new integer format Q for printing things of type CTLTYPE_QUAD.
2007-06-04 18:02:23 +00:00
Darren Reed
d7eeb25225 Merge IPFilter 4.1.23 back to HEAD
See src/contrib/ipfilter/HISTORY for details of changes since 4.1.13
2007-06-04 02:54:36 +00:00
Remko Lodder
fcd7ed0e3a I understood the MLINK part incorrectly, it should be the other way around
also remove the init mlink to securelevel.

Discussed with and sharing pointyhat with:	brueffer
2007-06-01 21:48:07 +00:00
Tom Rhodes
93c26a8293 The newfs_msdos utility does not store the boot signature in the
correct place on large sector disks.  The boot signature should be at
offset 0x1fe in the BPB; newfs_msdos currently stores it 2 bytes from
the end of the sector.

Taken from:	NetBSD
2007-05-31 20:06:46 +00:00
Kevin Lo
76f23bd523 Check fdopen return value.
Reviewed by: phk
2007-05-28 09:48:25 +00:00
Ruslan Ermilov
0a21e430f3 Fix the online usage for the "dump" command. 2007-05-24 09:21:20 +00:00
Andrew Thompson
a389ab003f Add the -n flag for disabling automatic module loading, this will be used by
rc.d to stop it reloading the network module on unload.
2007-05-22 17:41:09 +00:00
Olivier Houchard
e81f504954 Force the alignment of the chars arrays, as they are casted later to
structs.
gcc 4.2 doesn't do it by default, and that results in unaligned access on
arm.
2007-05-21 14:38:45 +00:00
Giorgos Keramidas
5810c7ef77 Add an example which shows how mdconfig(8) can be used
to mount an ISO 9660 CD image file.

PR:		112691
Submitted by:	Warren Block, wblock at wonkity.com
MFC after:	3 days
2007-05-18 13:57:17 +00:00
Marcel Moolenaar
cf805fab87 Fix the construction of the gctl_req that got broken by my
previous commit and that introduced optional parameters.
Existing classes (like geli(8)) use empty strings by default
and expect the parameter to be passed to the kernel as such.
Also, the default value of a string argument can be NULL.
Fix both cases by making the optional parameter conditional
upon gc_argname being set and making sure to test for NULL
before dereferencing the pointer.

Reported by: brueffer@
2007-05-17 15:34:51 +00:00
Marcel Moolenaar
18e10ae841 Bump G_LIB_VERSION to reflect the ABI change.
Pointed out by: pjd@
2007-05-16 23:32:40 +00:00
Marcel Moolenaar
3cf55d3ab9 Add gpart(8).
In order to support gpart(8), geom(8) needs to support a named
argument. Also, optional string parameters are a requirement.
Both have been added to the infrastructure. The former required
all existing classes to be adjusted.
2007-05-15 20:25:18 +00:00
Remko Lodder
c918e9f747 -n is used by newfs to tell "do not generate a .snap directory" instead of
specifying rotational-positions, reflect that in the command arguments.

PR:		bin/110178
Submitted by:	Alex Kozlov <spam at rm-rf dot kiev dot ua>
Approved by:	imp (mentor)
2007-05-14 19:23:13 +00:00
Pav Lucistnik
a8dec2ad79 Replace incomprehensive description of -m by much clearer text from OpenBSD,
with the exception of one word.

PR:		docs/112465
Submitted by:	naddy
Obtained from:	OpenBSD
MFC after:	1 week
2007-05-12 22:35:22 +00:00
Yoshihiro Takahashi
a1d83124ce Another merging from sbin/fdisk/fdisk.8.
PR:		109929
Submitted by:	Alex Kozlov
2007-05-10 12:33:00 +00:00