d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
84,302 Commits 72 Branches 135 Tags 3.2 GiB
3581f2e766
Commit Graph

90 Commits

Author SHA1 Message Date
ru
8f6c4c0f03 can not -> cannot. 2002-08-13 14:10:36 +00:00
ru
2b3fc3cfff mdoc(7) police: canonize FreeBSD in e-mail address. 2002-08-13 12:07:40 +00:00
charnier
548d38d27c The .Nm utility 2002-07-06 19:34:18 +00:00
archie
6a67da7f9a Update my email address. 2002-07-03 20:50:32 +00:00
ru
b46cf1e859 I don't know what the MAINTAINER means in src/ part of FreeBSD. 
I'll still be overseeing the changes that go into natd(8) and
will maintain it the way I see it, non-preventing for the rest
of developers.

I will re-ask for the MAINTAINER bit if the ${MAINTAINER} gets
defined.
 2002-04-12 19:11:09 +00:00
ru
355d5a7bfe Back out part of the revision 1.2 changes -- sendto(2) can 
not return ENOBUFS for unreliable protocols like divert.

This should fix an issue when natd(8) keeps spamming already
full dummynet(4) queues with the same packet forever.

Spotted by:	chkno@dork.com
Explained by:	luigi
Reviewed by:	Ari Suutari <ari.suutari@syncrontech.com>
MFC after:	2 weeks
 2002-01-15 17:07:56 +00:00
ru
185a7f456d s/sysctl -w/sysctl/ 2001-12-11 08:29:10 +00:00
obrien
a537f22ad4 Default to WARNS=2. 
Binary builds that cannot handle this must explicitly set WARNS=0.

Reviewed by:	mike
 2001-12-04 02:19:58 +00:00
ru
f630347cc2 Make -log_ipfw_denied active by default with -verbose. 
Discussed with:	phk
 2001-11-27 11:06:02 +00:00
ru
ce511dbe39 Fixed (local) style bugs in previous revision. 2001-11-27 11:00:16 +00:00
phk
69ad4610c4 Do not uselessly whine in syslog about packets denied by ipfw rules. 
Set 'log_ipfw_denied' option if you want the old behaviour.

PR:	30255
Submitted by:	Flemming "F3" Jacobsen <fj@batmule.dk>
Reviewed by:	phk
MFC after:	4 weeks
 2001-10-31 16:08:49 +00:00
ru
09d142dfd5 mdoc(7) police: 
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
 2001-08-07 15:48:51 +00:00
ru
cb3283b5da mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 11:04:34 +00:00
joe
ce9a6c8de1 Revert the previous commit on objection from the maintainer. I 
missed that natd has a -v option that will give similar functionality.

Requested by:	ru
 2001-06-21 12:32:36 +00:00
joe
dcbb32a317 When reporting that a packet can't be written back, usually because 
of a restrictive firewall rule, also report detail on the packet
that caused the failure.

MFC after:	3 days
 2001-06-21 10:28:40 +00:00
ru
1db489053b mdoc(7) police: normalize .Nd. 2001-04-18 15:54:10 +00:00
ru
e7c03cd6b0 - Backout botched attempt to introduce MANSECT feature. 
- MAN[1-9] -> MAN.
 2001-03-26 14:33:27 +00:00
ru
e2a472a47a Set the default manual section for sbin/ to 8. 2001-03-20 18:13:31 +00:00
ru
b1c3961564 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
ru
d16dd614f6 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 16:52:27 +00:00
ru
b9140212f2 Describe -deny_incoming better, highlight some keywords, 
add myself to the AUTHORS section.
 2000-11-16 12:20:54 +00:00
ben
6f0ff396c7 more removal of trailing periods from SEE ALSO. 2000-11-15 16:44:24 +00:00
ru
ebb3d17f41 Suggest looking at rc.conf(5) on how to start natd(8) during boot. 
Submitted by:	dcs
 2000-07-17 10:06:54 +00:00
kris
df586766ed Don't call warn() with no format string. 2000-07-10 08:14:18 +00:00
ru
9a969be497 "Ease understanding" of how -punch_fw works. 
Reviewed by:	sheldonh
 2000-06-29 09:52:14 +00:00
ru
e64c6de102 Added new option (-punch_fw) which allows to `punch holes' 
in the ipfirewall(4) for incoming FTP/IRC DCC connections.

Submitted by:	Rene de Vries <rene@canyon.demon.nl>
Rewritten by:	ru
 2000-06-27 15:26:24 +00:00
ru
4c99e0d01f - mdoc(7) style cleanup 
- new version of security note from alex.
 2000-06-27 11:39:36 +00:00
alex
0d49483c6e Back out both previous commits. 
The first one got screwed up by me because of rev 1.33, which was
incorrectly merged into my patches by myself, and so Ruslan (maintainer)
asked me to back them out.

Ruslan was ok with the second one, but since it needs rework, it'll be
readded later, when it doesn't conflict with the backout of the first one.

Pointy hat:		alex
Beer on next meeting:	ru
 2000-06-26 17:18:34 +00:00
alex
0a892f4a8a Add note about security concerns w/o a firewall but other machines 
on your LAN to the "RUNNING NATD" introduction.

In a different way requested by:
PR:		18802
Submitted by:	Zachary K Drew <drew0054@tc.umn.edu>
 2000-06-26 14:52:39 +00:00
alex
c57ce365c0 mdoc style cleanup. 
Reviewed by:	sheldonh
 2000-06-26 14:44:31 +00:00
ru
88883ae776 Remove ``pptpalias'' since this is now done transparently by libalias(3). 2000-06-20 12:52:27 +00:00
ru
0abf72a516 Remove unused parameter. 2000-06-16 09:41:57 +00:00
sheldonh
81dd124aeb Fix a small grammar nit, with the maintainer's implicit approval. 2000-05-22 08:41:57 +00:00
ru
e18cc21c76 Add new option (-target_addr) to control how to deal with incoming packets 
not associated with any pre-existing link.

Submitted by:	brian
 2000-05-18 10:31:10 +00:00
ru
20c0349981 New option: -redirect_proto. 2000-05-03 15:06:45 +00:00
joe
bac5045cd6 Fixes a potential buffer overflow with the command line arguments. 
Submitted by:   Mike Heffner <spock@techfour.net>
Submitted on:   audit@freebsd.org
 2000-04-30 20:53:54 +00:00
ru
35ea13cc5f Load Sharing using IP Network Address Translation (RFC 2391, LSNAT). 2000-04-27 17:55:17 +00:00
brian
2577c085b5 Correct Charles Mott's email address 
Requested by: cmott@scientech.com
 2000-04-02 20:23:34 +00:00
sheldonh
ad4c77c29e Remove single-space hard sentence breaks. These degrade the quality 
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
 2000-03-01 11:27:47 +00:00
brian
669d0cd733 Suggest ppp -nat, not ppp -alias 2000-02-26 13:13:16 +00:00
ru
b678ac021d Remove the config file line length restriction. 
PR:		16900
Reviewed by:	"Crist J. Clark" <cjclark@home.com>, jkh
Approved by:	jkh
 2000-02-25 11:34:38 +00:00
ru
5f276b7f68 Now that kernel is capable of notifying user processes about 
the interface MTU change (src/sys/net/if_sl.c,v 1.83), track
interface MTU with -dynamic option as well.

PR:		15494
 2000-01-25 12:24:06 +00:00
mpp
da4c7a74d4 Minor grammar fix. 1999-10-30 19:33:41 +00:00
ru
930183a04c ioctl -> sysctl for interface address changes. 
PR:		14169
Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
 1999-10-13 09:00:16 +00:00
ru
47f5fade12 Fixed the description of how packets re-enter IP firewall filter. 
Suggested by:	Ari Suutari <ari@suutari.iki.fi>
 1999-10-06 09:26:39 +00:00
ru
276330363e Do not defer setting of the aliasing address from 
interface name if not operating in dynamic mode.

Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
 1999-09-28 08:01:46 +00:00
ru
f85cd584ed `permanent_link' is obsolete; update examples. 1999-09-13 18:18:33 +00:00
ru
5a32c0e595 Add Ari Suutari as a maintainer. 
Approved by:	Ari Suutari <ari@suutari.iki.fi>
 1999-09-13 18:16:38 +00:00
ru
63c1c1de6f Config file parser changes: 
- Trailing spaces and empty lines are ignored.
- A `#' sign will mark the remaining of the line as a comment.

Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
 1999-09-07 15:34:12 +00:00
ru
d5c1ddac6f Allow signals to interrupt system calls. 
Remove redundant signal() call.

PR:		6676
Submitted by:	luoqi
Reviewed by:	Ari Suutari <ari@suutari.iki.fi>
 1999-09-02 15:17:25 +00:00