Before:
$ ipfw -n add 100 count icmp from any to any mac-type 0x01
00100 count icmp 0x0001
$ ipfw -n add 100 count icmp from any to any mac any any
00100 count icmp MAC any any any
After:
$ ipfw -n add 100 count icmp from any to any mac-type 0x01
00100 count icmp from any to any mac-type 0x0001
$ ipfw -n add 100 count icmp from any to any mac any any
00100 count icmp from any to any MAC any any
PR: bin/112244
Submitted by: Andrey V. Elsukov
MFC after: 1 month
Rationale:
We are interested in the current (last) element of the argv array
there, not in its first element. The if construct is there because
we want to avoid adding empty (zero-length) arguments to argv, so
we just don't advance argvp if the current argument is empty, and
it gets overwritten at the next iteration. Note that strsep(3)
doesn't treat consecutive delim characters as a single separator,
it returns empty fields between such characters, and it's up to the
caller to handle them this or that way.
Also add a comment that the argv array ends up null-terminated in
any case (it's due to the design of the for loop) as an answer to
a possible question why the whole argv isn't zero-filled.
Submitted by: yongari
Tested by: yongari
MFC after: 3 days
vs 4), supress all unused partition output unless -v is specified.
This makes operating on a 'typical' disk with one partition less
painful. The 30 lines needed for the empty partitions no longer
scroll the useful information off the screen. When the user requests
a specific partition, the unused information is not suppressed.
Also add the partition name to the -s output.
Initialize the partition name to 'FreeBSD' when -I is specified.
1. The static buffer that ping6(8) uses to hold the control data
it gets from recvmsg(2) is too small in some cases.
2. When it prints the extra header information it doesn't do
any checking to make sure the data it's printing is within
the bounds of the supplied buffer.
Fix this by:
o Increasing the buffer to hold extra headers to 10240 bytes (the minimum
according to RFC3542 sec. 20.1) and allocate it dynamically.
o In verbose mode, specify a warning if any control data from recvmsg(2)
was truncated because the buffer was too small.
o When printing the extra headers make sure not to overrun the buffer
boundaries.
Reviewed By: mlaier
PR: kern/99425
MFC After: 1 month
The name trunk is misused as the networking term trunk means carrying multiple
VLANs over a single connection. The IEEE standard for link aggregation (802.3
section 3) does not talk about 'trunk' at all while it is used throughout IEEE
802.1Q in describing vlans.
The lagg(4) driver provides link aggregation, failover and fault tolerance.
Discussed on: current@
tolerance. This driver allows aggregation of multiple network interfaces as
one virtual interface using a number of different protocols/algorithms.
failover - Sends traffic through the secondary port if the master becomes
inactive.
fec - Supports Cisco Fast EtherChannel.
lacp - Supports the IEEE 802.3ad Link Aggregation Control Protocol
(LACP) and the Marker Protocol.
loadbalance - Static loadbalancing using an outgoing hash.
roundrobin - Distributes outgoing traffic using a round-robin scheduler
through all active ports.
This code was obtained from OpenBSD and this also includes 802.3ad LACP support
from agr(4) in NetBSD.
which size is not multiple of sector size.
Reported by: Eric Anderson <anderson@centtech.com>
- Improve wording in error message. I'm sorry, I don't remember who
submitted this one.
hardware drivers. Unlike pseudo-device drivers, which just attach
to the cloning framework and wait for "ifconfig create", h/w drivers
create interfaces for installed cards as soon as loaded. The issue
of devd(8) involuntarily reloading modules should be dealt with in a
different way.
new interface. In other cases loading the module is unwanted and
can lead to ill side effects. One such effect found is as follows:
"kldunload if_foo" tells the module to kill all its interfaces,
which results in messages sent to devd; the module unloads. Then
devd starts processing the messages, which ends up in a etc script
running ifconfig fooX, which reloads the module.
unit w/o suffix is specified. It had better be an empty
string as it will be passed to a printf-like function that
builds the command line to run.
PR: kern/109863
MFC after: 1 week
<sys/extattr.h> to <ufs/ufs/extattr.h>. Move description
of extended attributes in UFS from man9/extattr.9 to
man5/fs.5.
Note that restore will not compile until <sys/extattr.h>
and <ufs/ufs/extattr.h> have been updated.
Suggested by: Robert Watson
This is for better compatibility with other environments (Linux, Solaris,
HP-UX, AIX and Tru64 support these options).
PR: bin/109924
MFC after: 1 week
to problems when the geli device is used with file system or as a swap.
Hopefully will prevent problems like kern/98742 in the future.
MFC after: 1 week
arrangement that has no intrinsic internal knowledge of whether devices
it is given are truly multipath devices. As such, this is a simplistic
approach, but still a useful one.
The basic approach is to (at present- this will change soon) use camcontrol
to find likely identical devices and and label the trailing sector of the
first one. This label contains both a full UUID and a name. The name is
what is presented in /dev/multipath, but the UUID is used as a true
distinguishor at g_taste time, thus making sure we don't have chaos
on a shared SAN where everyone names their data multipath as "Fred".
The first of N identical devices (and N *may* be 1!) becomes the active
path until a BIO request is failed with EIO or ENXIO. When this occurs,
the active disk is ripped away and the next in a list is picked to
(retry and) continue with.
During g_taste events new disks that meet the match criteria for existing
multipath geoms get added to the tail end of the list.
Thus, this active/passive setup actually does work for devices which
go away and come back, as do (now) mpt(4) and isp(4) SAN based disks.
There is still a lot to do to improve this- like about 5 of the 12
recommendations I've received about it, but it's been functional enough
for a while that it deserves a broader test base.
Reviewed by: pjd
Sponsored by: IronPort Systems
MFC: 2 months
the restore program to restore all dumped extended attributes.
If the restore is running as root, it will always be able
to restore all extended attributes. If it is not running
as root, it makes a best effort to set them. Using the -v
command line flag or the `verbose' command in interactive
mode will display all the extended attributes being set on
files (and at the end on directories) that are being restored.
It will note any extended attributes that could not be set.
The extended attributes are placed on the dump image immediately
following each file's data. Older versions of restore can work
with the newer dump images. Old versions of restore will
correctly restore the file data and then (silently) skip
over the extended attribute data and proceed to the next file.
This resolves PR 93085 which will be closed once the code
has been MFC'ed.
Note that this code will not compile until these header
files have been updated: <protocols/dumprestore.h> and
<sys/extattr.h>.
PR: bin/93085
Comments from: Poul-Henning Kamp and Robert Watson
MFC after: 3 weeks
The original DHCP specification includes a route option but it supports
only class-based routes. RFC3442 adds support for specifying the netmask
width for each static route. A variable length encoding is used to minimize
the size of this option.
PR: bin/99534
Submitted by: Andrey V. Elsukov <bu7cher@yandex.ru>
Reviewed by: brooks
"-t msdosfs". The conversion has been happening since 1.43, but
no equivalent conversion happens in "umount -t", which led to some
confusion with some users.
PR: 79296
Submitted by: Nobuhiro Yasutomi <nobuhiro yasutomi nifty ne jp>
'-alias', and that 'add' and 'delete are in fact synonyms for these
in the ifconfig(8) grammar.
Use network prefixes explicitly specified in IETF RFCs for
documentation purposes. (bz)
PR: 102701
MFC after: 1 day
See also: RFC 3330, RFC 3849
Submitted by: bz
in fstab and they are normally mounted as /a/b, if /b is not mounted,
the various quota utilities will incorrectly operate with the quotas on
/a (silently) when operations are attemted on /b.
Sync up all the hasquota() routines between all the different
quota utilities and change it to detect if the file system we are
attempting to perform quota operations on is not currently mounted
and warn the user accordingly.
PR: bin/38918
This includes support for running a script to setup that directory.
The kenv variables init_chroot and init_script control this behavior,
and are documented in loader(8) that's about to be committed (along
with the other variables like init_path...).
Submitted by: Oliver Fromme
Reviewed by: myself, jhb (earlier versions)
negative are now ignored by the quota system and that extremely
large ids may make quotacheck run for a very long time.
Also mention that "options QUOTA" is required for the kernel
to provide quota support.
- First configured key is based only on keyfile (no passphrase).
- Device is attached.
- User changes first key (setkey) from keyfile to passphrase and doesn't
specify number of iterations (with -i option).
...geli(8) won't store calculated number of iterations in metadata.
This result in device beeing unaccesable after detach.
One can recover from this situation by guessing number of iterations
generated, storing it in metadata and trying to attach device.
Recovery procedure isn't nice, but one's data is not lost.
Reported by: Thomas Nickl <T.Nickl@gmx.net>
MFC after: 1 week
If argv[0] == "mount_nfs4", then default to mounting NFSv4,
otherwise if argv[0] == "mount_nfs", default to the old mount_nfs behavior.
- Add a -4 option.
- Add the University of Michigan copyright from mount_nfs4.c, for the
code merged from mount_nfs4.c.
Reviewed by: rees
1) Do not account for uids/gids that appear negative to prevent
the creation of 131GB+ quota files. This is the same as the kernel
now determines which files to provide quota accounting for.
Related to PR kern/38156. This should also prevent boots from
hanging if a negative uid appears in the file systems.
2) Do not count system files in the usage counts. These currently are
file system snapshot and quota data files. This is how the kernel
now handles those files.
3) Correctly generate new quota data files if the current files
do not exist or are zero length in size. PR kern/30958.
It should now be possible to newfs / mount / touch quota.{user,group}
and quotaon a file system and have everything work.
4) Change some diagnostics to report the file system and type of
id (uid or gid) that is being reported.
5) Truncate the quota data files if possible, instead of letting
them grow to a big enough size to hold the largest UID/GID on
the system (typically "nobody"). The kernel should now be able to
grow the files as needed without deadlocking the system.
PR: kern/30958, kern/38156
one. This is based on NetBSD but unlike NetBSD this implementation prints
the instance number for all media instances and doesn't skip it for the
first one as I don't see a reason to suppress it except for the vague
reason to preserve the output for single-instance configurations.
- Fix some whitespace nits.
