This allows for more flexible ipfw configuration files using
`variables' to describe frequently used items in the file, like the
local IP address(es), interface names etc. Both m4 and cpp are useful
and supported; with m4 being a little more unusual to the common C
programmer, things like automatic rule numbering can be achieved
fairly easy.
While i was at it, i've also untangled some of the ugly style inside
main(), and fixed a bug or two (like not being able to use blank lines
when running with -q).
A typical call with preprocessor invocation looks like
ipfw -p m4 -Dhostname=$(hostname) /etc/fwrules
Someone should probably add support for this feature to /etc/rc.firewall.
I don't have access to a BSD/OS machine to check the veracity of the
magic number. However, no harm will be done by the commit and since
someone was motivated enough to file a PR, I'm committing the change.
PR: 7629
Submitted by: Jos Backus <jbackus@plex.nl>
unused static inlines in headers without -O.
Fixed missing libraries in DPADD.
Use .PATH instead of a symlink farm.
Removed bogus dependency of util.c on statetext.h (only util.o depends
on it). Removed rule for building statetext.h. The dependency was used
to get statetext.h built, but statetext.h is a non-generated source file
so it doesn't need building. This fixes an annoying message for the null
build and use of `make' instead of ${MAKE} to do the null build.
Fixed some style bugs.
and we don't use the frags info, so why bother? More to the point, it
seems to result in an EXDEV error when the label is written out and we
lose because of it (don't know why though). This is a work-around and
is marked as such.
that any transactions in front of the stop command get flushed to disk
first. This will have no effect on devices that have tagged queueing
turned off, or don't support tagged queueing.
Reviewed by: gibbs
print out a one line description/dump of every SCSI CDB sent to a
particular debugging target or targets.
This is a good bit more useful than the other debugging modes, I think.
Change some things in LINT to note the availability of this new option.
Fix an erroneous argument to scsi_cdb_string() in scsi_all.c
Reviewed by: gibbs
which caused the reference count of a directory to get doubly
decremented.
PR: bin/8030
Reviewed by: nate
Submitted by: Don Lewis <Don.Lewis@tsc.tdk.com>
<= 64 KB. Was able to dump/restore with block sizes of 96, 128 and
200. using systat -vmstat I noticed transfer blocksizes <= 64KB,
so physio's limits aren't touched.
Since this check was originally from me, I feels safe now to back it
out.
===================================
HARP | Host ATM Research Platform
===================================
HARP 3
What is this stuff?
-------------------
The Advanced Networking Group (ANG) at the Minnesota Supercomputer Center,
Inc. (MSCI), as part of its work on the MAGIC Gigabit Testbed, developed
the Host ATM Research Platform (HARP) software, which allows IP hosts to
communicate over ATM networks using standard protocols. It is intended to
be a high-quality platform for IP/ATM research.
HARP provides a way for IP hosts to connect to ATM networks. It supports
standard methods of communication using IP over ATM. A host's standard IP
software sends and receives datagrams via a HARP ATM interface. HARP provides
functionality similar to (and typically replaces) vendor-provided ATM device
driver software.
HARP includes full source code, making it possible for researchers to
experiment with different approaches to running IP over ATM. HARP is
self-contained; it requires no other licenses or commercial software packages.
HARP implements support for the IETF Classical IP model for using IP over ATM
networks, including:
o IETF ATMARP address resolution client
o IETF ATMARP address resolution server
o IETF SCSP/ATMARP server
o UNI 3.1 and 3.0 signalling protocols
o Fore Systems's SPANS signalling protocol
What's supported
----------------
The following are supported by HARP 3:
o ATM Host Interfaces
- FORE Systems, Inc. SBA-200 and SBA-200E ATM SBus Adapters
- FORE Systems, Inc. PCA-200E ATM PCI Adapters
- Efficient Networks, Inc. ENI-155p ATM PCI Adapters
o ATM Signalling Protocols
- The ATM Forum UNI 3.1 signalling protocol
- The ATM Forum UNI 3.0 signalling protocol
- The ATM Forum ILMI address registration
- FORE Systems's proprietary SPANS signalling protocol
- Permanent Virtual Channels (PVCs)
o IETF "Classical IP and ARP over ATM" model
- RFC 1483, "Multiprotocol Encapsulation over ATM Adaptation Layer 5"
- RFC 1577, "Classical IP and ARP over ATM"
- RFC 1626, "Default IP MTU for use over ATM AAL5"
- RFC 1755, "ATM Signaling Support for IP over ATM"
- RFC 2225, "Classical IP and ARP over ATM"
- RFC 2334, "Server Cache Synchronization Protocol (SCSP)"
- Internet Draft draft-ietf-ion-scsp-atmarp-00.txt,
"A Distributed ATMARP Service Using SCSP"
o ATM Sockets interface
- The file atm-sockets.txt contains further information
What's not supported
--------------------
The following major features of the above list are not currently supported:
o UNI point-to-multipoint support
o Driver support for Traffic Control/Quality of Service
o SPANS multicast and MPP support
o SPANS signalling using Efficient adapters
This software was developed under the sponsorship of the Defense Advanced
Research Projects Agency (DARPA).
Reviewed (lightly) by: phk
Submitted by: Network Computing Services, Inc.
Host ATM Research Platform (HARP), Network Computing Services, Inc.
This software was developed with the support of the Defense Advanced
Research Projects Agency (DARPA).
Add -v flag to newfs:
-v Specify that the partition does not contain any slices, and that
newfs should treat the whole partition as the file system. This
option is useful for synthetic disks such as ccd and vinum.
standard places ("/etc/objformat", ${OBJFORMAT}, argv) for an
indication of the user's preferred object file format. This
consolidates some code that was starting to be duplicated in more
and more places.
Use the new function in ldconfig.
Note: I don't think that gcc should use getobjformat(), even though
it could. The compiler should limit itself to functions that are
widespread, to ease porting and cross-compilation.
MAP_FAILED.
Don't try to extend the mapping in place if it is too short.
There's no guarantee it will be possible. Remap the file instead.
Put in a few style fixes.
Submitted by: Bruce Evans <bde>
a different file than the a.out hints, namely, "/var/run/ld-elf.so.hints".
These hints consist only of the directory search path. There is
no hash table as in the a.out hints, because ELF doesn't have to
search for the file with the highest minor version number. (It
doesn't have minor version numbers at all.)
A single run of ldconfig updates either the a.out hints or the ELF
hints, but not both. The set of hints to process is selected in
the usual way, via /etc/objformat, or ${OBJFORMAT}, or the "-aout"
or "-elf" command line option. The rationale is that you probably
want to search different directories for ELF than for a.out.
"ldconfig -r" is faked up to produce output like we are used to,
except that for ELF there are no minor version numbers. This should
enable "ldconfig -r" to be used for checking LIB_DEPENDS in ports
even for ELF.
I implemented the ELF functionality in a new source file, with an
eye toward eliminating the a.out code entirely at some point in
the future.
extremely useful for networking testing. Other options secured from
user-level D.O.S. attacks. -f, -s now root-only. -i wait times < 1.0
root-only. -c count limited to 100 and defaults to 16 when ping run
by non-root user.
bug was the cause of the 'freeing free frag' panics that people have been
seeing with FreeBSD/alpha. I have a similar patch to newfs but I've not
finished testing it.
support, which need a final "\n". I only observed one line of
mangled output, but I think there is another one which suffers
from the same problem, and thus I provide a patch that covers
both.
PR: 7483
Reviewed by: phk
Submitted by: Stefan Esser <se@FreeBSD.org>
Convert 1000000 usec to 1 sec 0 usec.
Use provided safe malloc (rtmalloc()) instead of malloc(): exit on allocation
failure.
Correct use of .Nm
Add usage() and use errx().
- nonstandard sector sizes didn't work because the sector size in the
ASCII label was not read before a (default, wrong) sector size was used.
- the exit status was 0 after exiting early due to an invalid ASCII label.
Abort `disklabel -B...' if the secondary bootstrap doesn't fit.
contain code that compare a char pointer with a char. As this
doesn't make much sense, it looks very much as if a '*' has been
dropped by mistake. I have made no analysis of the possible
consequences of the problem.
PR: 7319
Reviewed by: phk
Submitted by: Anders Thulin <Anders.X.Thulin@telia.se>
in rev.1.9). fsck uses the per-partition ffs-related information
in the label to find alternate superblocks when the main superblock
is hosed. Rev.1.9 broke this by deleting the code that wrote the
label.
PR: 2537
xref: fsck/setup.c rev.1.8
d_packname in in-core labels, so they are garbage if d_packname is
initialized in the dummy label for the whole disk. dsopen() will soon
initialize d_packname to "fictitious" if it is not already initialized.
Fixed nearby error handling. Rev.1.7 apparently confused Perror()
with perror().
them as ints. Among other bugs, doing so at best caused benign
overflow followed by fatal sign extension on machines with 32-bit
ints and 64-bit longs.
Any packet that can be matched by a ipfw rule can be redirected
transparently to another port or machine. Redirection to another port
mostly makes sense with tcp, where a session can be set up
between a proxy and an unsuspecting client. Redirection to another machine
requires that the other machine also be expecting to receive the forwarded
packets, as their headers will not have been modified.
/sbin/ipfw must be recompiled!!!
Reviewed by: Peter Wemm <peter@freebsd.org>
Submitted by: Chrisy Luke <chrisy@flix.net>
a "negative" option. This makes it equivalent to /not/ specifying "-c".
The compile time default is /not/ to have the NFSMNT_NOCONN flag set, so
"-o conn" should never be needed---truly a deprecated option :-).
PR: 6905.
with export lines where the same hostname was specified more than once
(this happens a lot with netgroups sometimes). Recently I discovered
that it needs to be hacked to deal with multiple instances of the
same IP address too.
I've been using this modification locally for several months with no
hassles.
(a) Note that the default securelevel value is -1, in -current and -stable.
(b) Mention kernel sysctl variable that controls securelevel.
(c) Add warning the `fsck' will fail if securelevel >= 2.
(d) Suggest end of /etc/rc as the right place to raise securelevel.
and one spelling fix.
PR: 2850
for filesystems with almost the maximum number of sectors. The maxiumum
is 2^31, but overflow is common for that size, and overflow normally
occurred here at size (2^31 - 4096).
Move a.out libraries to /usr/lib/aout to make space for ELF libs.
Make rtld usr /usr/lib/aout as default library path.
Make ldconfig reject /usr/lib as an a.out library path.
Fix various Makefiles for LIBDIR!=/usr/lib breakage.
This will after a make world & reboot give a system that no
longer uses /usr/lib/*, infact one could remove all the old
libraries there, they are not used anymore.
We are getting close to an ELF make world, but I'll let this
all settle for a week or two...
Fixes bin/6649 and removes the last abusive signal handler.
Use SO_TIMESTAMP to get the kernel to timestamp packets on reception.
Fixes bin/5658 and provides slightly better accuracy.
Explicitly zero and terminate the IP options when using -R.
PR: bin/5658
PR: bin/6649
syndrome avoidance. The combination of SWS avoidance and ack-every-other
causes low throughput if the block size divided by the MSS is odd (which
is true with the default block size and MSS).
Turning on TCP_NODELAY disables the Nagle algorithm and sender SWS avoidance.
The rdump request/response protocol can not invoke Nagle and cannot cause
SWS, so this has no negative effects.
are unaligned for access by the alpha, so copy the value to a variable
that is aligned.
When checking the returned data, be careful to avoid confusing the
size of the icmp header with the size of a timeval. On i386 these
are both 8, but on alpha, a timeval is 16 bytes. This means that
a packet sent from an alpha contains 48 bytes of data, not 56 like
on i386.
umount() was trying to stat() the mountpoint, this would fail if the
mountpoint was a NFS mountpoint, and the fallback code would try and pass
a hostname:/dir path as the mountpoint to unmount(2), which would fail.
This whole stat() of the name supplied on the command line business is
trouble as it'll wedge on a hung NFS mount.
I'm not entirely sure why we are not simply looking up both arguments
in the mount table and doing the right thing without accessing the
filesystem. It seems that we're going to a lot of trouble to allow
mountpoints on symlinks and other wierd things.
PR: 1607
not reinitialized to 1 after calling getopt. This results in parsing
errors on all but the first rule. An added patch also allows '#'
comments at the end of a line.
PR: 6379
Reviewed by: phk
Submitted by: Neal Fachan <kneel@ishiboo.com>
routed discards the first character of the network address.
Example: "subnet=10.0.0.0/24,1"
The network address is interpreted as 0.0.0.0/24,1.
PR: 4825
Reviewed by: phk
Submitted by: Mike E. Matsnev <mike@azog.cs.msu.su>