Commit Graph

4167 Commits

Author SHA1 Message Date
Hajimu UMEMOTO
8b205f5e0a check if the null encryption is supported or not.
Requested by:	bms
Obtained from:	KAME
2004-05-13 15:46:28 +00:00
Ruslan Ermilov
5660800632 Polish the mdoc(7) markup. 2004-05-12 07:34:05 +00:00
Hiten Pandya
e53f7998da Use strlcpy(3) instead of strcpy(3).
PR:          	46761

Philipp Mergenthaler <philipp.mergenthaler@stud.uni-karlsruhe.de>
2004-05-10 22:33:12 +00:00
Christian S.J. Peron
19d4beceb2 Remove redundant sanity check before add_mac() when adding
mac ipfw rules. The exact same sanity check is performed as
the first operation of add_mac(), so there is no sense
in doing it twice.

Approved by:	bmilekic (mentor)
PR:		bin/55981
2004-05-09 01:53:31 +00:00
Christian S.J. Peron
9251dd77ca Teach route(8) how to deal with root being in a prison. If prison
root is allowed to create raw sockets, then they will be able to create
routing sockets, too.  However prison-root is not able to manipulate
routing tables.  So when route(8) attempts to write to a routing
socket and recieves EPERM from the kernel, exit rather than moving
on with execution.

Approved by:    bmilekic (mentor)
2004-05-07 15:33:17 +00:00
Joerg Wunsch
53d4cdeb82 When editing a Sun label, make the search for a valid partition line
violate POLA a little less by not requiring exactly two spaces in front
of the entry (and silently discarding any non-matching entry).  We now
recognize anything starting with a letter followed by a colon as the
first non-space chars as a partition entry.
2004-05-04 09:50:41 +00:00
Bruce Evans
b34d2de031 Include <sys/time.h> for the declaration of struct bintime instead of
depending on namespace pollution in <sys/stat.h>.  struct bintime is
only needed to satisfy leakage of kernel interfaces to userland and
namespace bugs in those interfaces...
2004-05-04 07:08:04 +00:00
Pawel Jakub Dawidek
9db1cbd1cf Add missing command. 2004-05-03 21:31:19 +00:00
Pawel Jakub Dawidek
881a65c479 Add missing commands. 2004-05-03 21:29:22 +00:00
Pawel Jakub Dawidek
39080a7d0e Connect ggatec(8), ggated(8) and ggatel(8) to the build. 2004-05-03 21:14:03 +00:00
Pawel Jakub Dawidek
b42b646004 Don't repeat handshake.
This little thing can cause a deadlock, because taste mechanism start
to work after creation of ggate provider and I/O requests are sent from
other classes from the g_event thread, so number of pending events isn't 0.
Now ggatec(8) start second handshake and ggated(8) is trying to open
GEOM provider (for example md(4)) and it can't, because it hangs on
g_waitidle() in g_dev_open(). g_waitidle() cannot finish because
there is a pending read on event queue, and this read can't be
finished, because ggated(8) can't open target device.
GEOM Gate will recover from this deadlock, because requests will
timeout, but it of course isn't the best solution and I don't know
better one for now, so we should avoid opening GEOM providers while
there are pending requests in event queue.
2004-05-03 18:24:41 +00:00
Andre Oppermann
9063f422e2 Link state change notification of ethernet media to the routing socket.
o Print the link state for interface messages in monitor mode.

No objections by:	sam, wpaul, ru, bms
Brucification by:	bde
2004-05-03 16:30:32 +00:00
Pawel Jakub Dawidek
7ee7f482a7 Paths correction.
Pointed out by:	ache, make buildworld
2004-05-03 07:21:59 +00:00
Pawel Jakub Dawidek
12c7908f85 We don't need this any more, while we have /usr/include/geom/concat/. 2004-05-03 07:20:27 +00:00
Pawel Jakub Dawidek
86bfa45446 Fix compiling on 64-bit architectures. 2004-05-02 17:59:49 +00:00
Marcel Moolenaar
226d45b5f8 Build gpt(8) on all platforms, except sparc64. Currently gpt(8) is
not endian agnostic and thus will create big-endian GPTs on sparc64.
This we don't support. So, before gpt(8) can be used on a big-endian
machine, it has to deal with the endianness.
2004-05-01 18:17:23 +00:00
Doug Ambrisko
41b0ee744a For both ifconfig and route if we didn't get enough memory from the
prior sysctl due to the structure growing between calls try again.

Also try again for deleting routes if things fail.  We've seen
route -f fail this way which does not actually flush all routes.
This fixes it.  It will whine but it will do the work.

PR:		56732
Obtained from:	IronPort
2004-04-30 22:34:12 +00:00
Pawel Jakub Dawidek
d1d669bd76 GEOM Gate network daemon. 2004-04-30 16:19:50 +00:00
Pawel Jakub Dawidek
2041034c3d GEOM Gate network client and control utility. 2004-04-30 16:18:01 +00:00
Pawel Jakub Dawidek
72a840f9a6 GEOM Gate local control utility. 2004-04-30 16:15:13 +00:00
Pawel Jakub Dawidek
6ac5fe4854 Stuff shared between ggate utilities. 2004-04-30 16:13:45 +00:00
Pawel Jakub Dawidek
af4f788a94 Makefile for building ggate utilities: ggatel(8), ggatec(8), ggated(8). 2004-04-30 16:12:20 +00:00
Guy Helmer
d5ac36eda7 Invoke tzset(3) within the main loop to catch changes to /etc/localtime
when running as a daemon in the hope that it will fix situations
where the CMOS clock was apparently set using the stale TZ offset.
2004-04-27 14:43:03 +00:00
Bosko Milekic
2aebb586db The previous change to mount(8) to report ufs or ufs2 used
libufs, which only works for Charlie root.

This change reverts the introduction of libufs and moves the
check into the kernel.  Since the f_fstypename is the same
for both ufs and ufs2, we check fs_magic for presence of
ufs2 and copy "ufs2" explicitly instead.

Submitted by: Christian S.J. Peron <maneo@bsdpro.com>
2004-04-26 15:13:46 +00:00
Andre Oppermann
22b5770b99 Add the option versrcreach to verify that a valid route to the
source address of a packet exists in the routing table.  The
default route is ignored because it would match everything and
render the check pointless.

This option is very useful for routers with a complete view of
the Internet (BGP) in the routing table to reject packets with
spoofed or unrouteable source addresses.

Example:

 ipfw add 1000 deny ip from any to any not versrcreach

also known in Cisco-speak as:

  ip verify unicast source reachable-via any

Reviewed by:	luigi
2004-04-23 14:28:38 +00:00
Tim J. Robbins
4029695dbf Only compare the interesting part of the bootblock with its backup.
Allow check to proceed with bad backup boot block if we're doing a
readonly check. Various typos in comments.

Obtained from:	NetBSD
2004-04-20 11:41:57 +00:00
Jim Rees
d13851aa7a use %zu instead of %zd
Requested by:	Bruce Evans
2004-04-15 16:12:12 +00:00
Luigi Rizzo
0b46c08590 Replace ROUNDUP/ADVANCE with SA_SIZE 2004-04-13 11:24:43 +00:00
Brian Feldman
c51d70c690 Add -P arguments for dump(8) and restore(8) which allow the user to
use backup methods other than files and tapes.  The -P argument is
a normal sh(1) pipeline with either $DUMP_VOLUME or $RESTORE_VOLUME
defined in the environment, respectively.

For example, I can back up my home to three DVD+R[W]s as so:
Filesystem  1K-blocks     Used    Avail Capacity  Mounted on
/dev/ad0s2e  40028550 10093140 26733126    27%    /home
green# dump -0 -L -C16 -B4589840 -P 'growisofs -Z /dev/cd0=/dev/fd/0' /home
2004-04-13 02:58:06 +00:00
Brian Feldman
f7c7b87fbd Improve the warnings for dump -L and do not bother doing the snapshot if
it is specified for read-only filesystems.

Submitted by:   Jason Young <jyoung8607@hotmail.com>
PR:     46672
2004-04-12 20:19:32 +00:00
Ruslan Ermilov
fc2814036c Document that -m also causes the capability list to be displayed. 2004-04-11 13:44:57 +00:00
Ruslan Ermilov
3a3b019aeb Added the new interface capability option for drivers that implement
user-configurable polling(4) support.  Make ifconfig(8) aware of it.

Suggested by:	luigi
2004-04-11 13:36:52 +00:00
Bruce Evans
85f5fe4183 Fixed unformatting of copyright clause 4 in previous commit. 2004-04-10 02:22:35 +00:00
Mark Murray
4c723140a4 Remove advertising clause from University of California Regent's license,
per letter dated July 22, 1999.

Approved by: core, imp
2004-04-09 19:58:40 +00:00
Maxim Konovalov
14533a98b9 o Fix an incorrect parsing of 0.0.0.0/0 expression.
PR:		kern/64778
MFC after:	6 weeks
2004-04-09 17:26:01 +00:00
Ian Dowse
a8616db8fd Don't turn off the regular SIGINFO status information. The use of
the NOKERNINFO flag only marginally de-clutters the output and
has a number of unwanted side effects:
  o The kernel info might be what you want to see
  o ^T is left non-functional if ping is killed non-cleanly
  o "ping -q foo &" gets suspended on tty output

Encouraged by:	bde
2004-04-07 18:48:11 +00:00
Pawel Jakub Dawidek
e8438cad1d Add a workaround.
Now, if we have for example: ad0s1 ad0s1c ad2s1 ad2s1c and we will try
to do: gconcat label foo /dev/ad0s1 /dev/ad2s1 we'll get a panic:
panic: spoiled but dcr = 1
for inside of geom_slice class, backtrace shows:
g_access()
g_slice_access()
g_access()
g_concat_read_metadata()
We need to get a proper fix for this race before geom(8) will be committed.
2004-04-04 13:32:00 +00:00
Poul-Henning Kamp
d2aeb9ccaa Fix an off-by-one error in the function used to input the ascii/hex strings.
Be a little bit more helpful in error messages.
2004-04-04 07:28:58 +00:00
Bruce Evans
35cf80de36 Include <time.h> instead of depending on namespace pollution in <sys/stat.h>
for the declaration of time().
2004-04-04 04:17:07 +00:00
Maxime Henrion
176c41d556 It seems growfs(8) is now WARNS?=6 safe.
Tested on:	alpha, i386, ia64, sparc64
2004-04-03 23:56:24 +00:00
Maxime Henrion
b1fddb236f Fix the remaining warnings of growfs(8) on my sparc64 box with
WARNS=6.  I don't change the WARNS level in the Makefile because I
didn't tested this on other archs.

The fs.h fix was suggested by:	marcel
Reviewed by:	md5(1)
2004-04-03 23:30:59 +00:00
Maxime Henrion
760ea1fa63 - Don't abuse caddr_t when what we really want is a void *.
- Use the %jd format and a cast to intmax_t to print an int64_t.
- The return type of getopt() is an int, not a char.

This fixes some warnings but there's still much more work to do here.
2004-04-03 22:56:54 +00:00
Lukas Ertl
66648dfcfb Temporarily go back to WARNS=0 until I can figure out what's breaking
the {powerpc, sparc64, ia64} tinderboxes.

Sorry for the noise. :-(
2004-04-03 22:26:43 +00:00
Lukas Ertl
75d1ec91df Make growfs WARNS=6 clean.
Approved by:	grog (mentor)
2004-04-03 17:40:19 +00:00
Johan Karlsson
72673aaaa2 Remove these MAINTAINER lines since the maintainers has had their
commit bits retired for safe keeping.
2004-04-01 20:31:49 +00:00
Bruce M Simpson
1ba19fe8ce Fix regression in setkey whereby parser would fail to recognise tcp as
both a security protocol and an upper level protocol for encapsulation.

PR:		bin/63616
Submitted by:	ume@
2004-03-31 18:38:02 +00:00
Luigi Rizzo
7747c959fa Implement a '-f' flag to teach bsdlabel to work on files instead of
disk partitions.
2004-03-30 23:15:03 +00:00
Sam Leffler
a6b03f428a add support for setting 802.11 rtsthreshold, transmit power,
and 11g protection mode

Reviewed by:	imp (just code)
2004-03-30 22:59:22 +00:00
David Malone
77d9382114 Remove a stray \n from a setproctitle.
Submitted by:	Niki Denev <nike_d@cytexbg.com>
2004-03-30 20:01:25 +00:00
Ceri Davies
a155540f4b Backout revision 1.140; it seems that the previous version is clear
enough.

Requested by:	ru
2004-03-27 14:13:53 +00:00