Commit Graph

138 Commits

Author SHA1 Message Date
Gleb Smirnoff
d6d3f01e0a Merge the projects/pf/head branch, that was worked on for last six months,
into head. The most significant achievements in the new code:

 o Fine grained locking, thus much better performance.
 o Fixes to many problems in pf, that were specific to FreeBSD port.

New code doesn't have that many ifdefs and much less OpenBSDisms, thus
is more attractive to our developers.

  Those interested in details, can browse through SVN log of the
projects/pf/head branch. And for reference, here is exact list of
revisions merged:

r232043, r232044, r232062, r232148, r232149, r232150, r232298, r232330,
r232332, r232340, r232386, r232390, r232391, r232605, r232655, r232656,
r232661, r232662, r232663, r232664, r232673, r232691, r233309, r233782,
r233829, r233830, r233834, r233835, r233836, r233865, r233866, r233868,
r233873, r234056, r234096, r234100, r234108, r234175, r234187, r234223,
r234271, r234272, r234282, r234307, r234309, r234382, r234384, r234456,
r234486, r234606, r234640, r234641, r234642, r234644, r234651, r235505,
r235506, r235535, r235605, r235606, r235826, r235991, r235993, r236168,
r236173, r236179, r236180, r236181, r236186, r236223, r236227, r236230,
r236252, r236254, r236298, r236299, r236300, r236301, r236397, r236398,
r236399, r236499, r236512, r236513, r236525, r236526, r236545, r236548,
r236553, r236554, r236556, r236557, r236561, r236570, r236630, r236672,
r236673, r236679, r236706, r236710, r236718, r237154, r237155, r237169,
r237314, r237363, r237364, r237368, r237369, r237376, r237440, r237442,
r237751, r237783, r237784, r237785, r237788, r237791, r238421, r238522,
r238523, r238524, r238525, r239173, r239186, r239644, r239652, r239661,
r239773, r240125, r240130, r240131, r240136, r240186, r240196, r240212.

I'd like to thank people who participated in early testing:

Tested by:	Florian Smeets <flo freebsd.org>
Tested by:	Chekaluk Vitaly <artemrts ukr.net>
Tested by:	Ben Wilber <ben desync.com>
Tested by:	Ian FREISLICH <ianf cloudseed.co.za>
2012-09-08 06:41:54 +00:00
Dimitry Andric
7ae0e2c9f0 Upgrade our copy of llvm/clang to trunk r162107. With thanks to
Benjamin Kramer and Joerg Sonnenberger for their input and fixes.
2012-08-20 18:33:03 +00:00
Glen Barber
a3fb6da9ba General mdoc(7) and typo fixes.
PR:		167734
Submitted by:	Nobuyuki Koganemaru (kogane!jp.freebsd.org)
MFC after:	3 days
2012-05-11 20:06:46 +00:00
Eitan Adler
50d675f7a9 Remove trailing whitespace per mdoc lint warning
Disussed with:	gavin
No objection from:	doc
Approved by:	joel
MFC after:	3 days
2012-03-29 05:02:12 +00:00
Joel Dahl
c2965cd185 mdoc: terminate quoted strings.
Reviewed by:	brueffer
2012-03-26 15:18:14 +00:00
Joel Dahl
c0cbd1c6f1 Remove superfluous paragraph macro. 2012-03-25 09:18:34 +00:00
Ed Schouten
6b99842ada Globally replace u_int*_t from (non-contributed) man pages.
The reasoning behind this, is that if we are consistent in our
documentation about the uint*_t stuff, people will be less tempted to
write new code that uses the non-standard types.

I am not going to bump the man page dates, as these changes can be
considered style nits. The meaning of the man pages is unaffected.

MFC after:	1 month
2012-02-12 18:29:56 +00:00
Shteryana Shopova
b9288caaf6 Implement an option to execute SNMP walks using GETBULK requests in bsnmpwalk(1)
retrieving multiple values with a Single PDU.

Reviewed by:	philip@
Tested by:	tsanand129 (at) gmail (dot) com
2012-01-10 15:29:03 +00:00
Ulrich Spörlein
b81da4450d Partial backout of r228990, restore original MIB object name.
It's too late to change this in 9.0 -- so we have a release with the
misspelling in the wild and should not break users that depend on it.

Deprecating/replacing it because of a one-char typo seems excessive.
2012-01-05 21:36:28 +00:00
Ed Schouten
b589816c74 Fix subtle typo: compare against idx -- not index.
In this contest, index refers to the index(3) function. In this case it
doesn't really harm, as this function is never called with idx == NULL.

MFC after:	2 weeks
2012-01-03 11:10:15 +00:00
Ulrich Spörlein
3df5ecac8c Spelling fixes for usr.sbin/ 2011-12-30 10:58:14 +00:00
Dimitry Andric
1605515d77 In usr.sbin/bsnmpd/modules/snmp_wlan/wlan_snmp.h, use the correct
enumeration types for the mesh_peering and mesh_forwarding members of
struct wlan_iface, to fix enum conversion warnings.

MFC after:	1 week
2011-12-17 19:53:08 +00:00
Ivan Voras
1c4edd12cd Apparently, "ada" drives are better treated similarly to "da" drives. 2011-10-24 12:59:39 +00:00
Ivan Voras
9601613ecd It seems that the warning is much less severe than its message says. The
device is certainly added to the list after the first pass.
2011-10-24 12:43:20 +00:00
Ivan Voras
e9e42921af Fix typo
MFC after:	1 month
2011-10-24 12:21:58 +00:00
Ulrich Spörlein
f0720ed5f8 Fix broken mdoc.
Found by:	manlint
Approved by:	re (kib)
2011-08-01 22:21:18 +00:00
Andrey V. Elsukov
8f64015c0e Use full buffer size in read(2) call, there is no need to preserve the
last byte of the buffer.

Since we call refresh_device_tbl() for any devctl event types - no need
to check the first byte of buffer. Remove these checks.

Also remove logging for the case of unknown devd message. It incorrectly
triggers when all devctl events are not fit into one buffer and part of
unread data will be read in the next pass.

When length of data readed from devctl is equal to sizeof(buf), then try
to read from socket again, to read full data.

MFC after:	2 weeks
2011-07-11 12:51:35 +00:00
Ed Schouten
48a16a34d8 Remove redundant assignments to WARNS.
For these directories, WARNS is already implied to be 6.
2011-06-06 20:24:17 +00:00
Ruslan Ermilov
a6d11f7139 [mdoc] Fixed .Dt call. 2011-05-25 14:13:53 +00:00
Shteryana Shopova
cf90ea94a0 Unbreak the build by temprorarily not using include directives in
bsnmpd(1)' def files, until bsd.snmpmod.mk & Makefiles are fixed to
pass proper include path flags to gensnmptree.
2010-12-20 22:56:50 +00:00
Shteryana Shopova
72cd7a520d Bring in a SNMP module that allows configuration of SNMPv3 Notification targets.
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip
Approved by:	philip
2010-12-20 17:13:14 +00:00
Shteryana Shopova
1c706be073 Pass proper -Wl,-export-dynamic to ld. Thus bsnmpd(1) compiled with clang
properly exports its symbols to the modules.

Submitted by:	dim
2010-12-16 15:18:53 +00:00
Shteryana Shopova
695239e2c7 Remove unnecessary debug/error CFLAGS.
Reported by	: pawel.worach (at) gmail (dot) com
2010-12-11 13:24:01 +00:00
Shteryana Shopova
836993f5cf Unbreak "make installworld" w/ DESTDIR specified
PR	:	kern/152939
2010-12-09 12:25:45 +00:00
Shteryana Shopova
a739872374 Add bsnmpd(1)'s SNMP client tools (including SNMPv3 support) to the base system.
Sponsored by:   The FreeBSD Foundation (the SNMPv3 bits), Google Summer of Code 2005
Reviewed by:    philip@ (mostly), bz@ (earlier version based on p4 ch124545)
Approved by:    philip@
2010-12-08 14:30:25 +00:00
Shteryana Shopova
135f7de5dd In bsnmpd(1) add support for SNMPv3 message processing model, including message authentication, packet encryption & view-based access control (RFC 3412, 3414, 3415).
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@ (mostly)
Approved by:	philip@
2010-12-08 13:51:38 +00:00
Ulrich Spörlein
ac203a768d Fix CPU load reporting independent of scheduler used.
- Sample CPU usage data from kern.cp_times, this makes for a far more
  accurate and scheduler independent algorithm.
- Rip out the process list scraping that is no longer required.
- Don't update CPU usage sampling on every request, but every 15s
  instead. This makes it impossible for an attacker to hide the CPU load
  by triggering 4 samplings in short succession when the system is idle.
- After reaching the steady-state, the system will always report the
  average CPU load of the last 60 sampled seconds.
- Untangling of call graph.

PR:		kern/130222
Tested by:	Julian Dunn <jdunn@aquezada.com>
		Gustau Pérez <gperez@entel.upc.edu>
		Jürgen Weiß <weiss@uni-mainz.de>
MFC after:	2 weeks

I'm unsure if some MIB standard states this must be the load average
for, eg. 300s, it looks like net-snmp isn't even bothering to implement
the CPU load reporting at all.
2010-10-28 20:18:26 +00:00
Joel Dahl
c2025a7660 Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while
translating these manual pages.  Minor corrections by me.

Submitted by:	Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
2010-08-16 15:18:30 +00:00
Joel Dahl
f6ac23919b Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
Shteryana Shopova
5593fdda18 Connect the snmp_wlan(3) module to the build.
Sponsored by:	The FreeBSD Foundation
2010-07-26 16:26:26 +00:00
Shteryana Shopova
09cbe818f0 Bring in a SNMP module to support monitoring cloned wireless interfaces
via bsnmpd(1). The module implements a private BEGEMOT-WIRELESS-MIB.

Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@
Approved by:	philip@
2010-07-26 16:16:39 +00:00
Simon L. B. Nielsen
12b052b9e0 Make failed open of /dev/mdctl in the bsnmpd hostres module non-fatal.
This makes it possible to use the hostres module when bsnmpd is not
running as root.

MFC after:	1 week
2010-07-24 10:04:35 +00:00
Ulrich Spörlein
62486687ed mdoc: consistently spell our email addresses <foo@FreeBSD.org>
Reviewed by:	ru
2010-05-19 08:57:53 +00:00
Shteryana Shopova
438be77d54 Now actually implement reading/refreshing/returning data from the pfTablesAddrTable
and modify the BEGEMOT-PF-MIB to add support for IPV6 address' statistics in the PF
tables via pfTablesAddrNetType and pfTablesAddrNet. While here, upgrade the
pf_tree.def file to the new format that includes enumerated values. Also make sure
to return SNMP_ERR_NOSUCHNAME for ALTQ objects, if ALTQ is disabled, so that the agent
will know to skip the pfAltq subtree when servicing GETNEXT requests from SNMP clients
(otherwise snmpwalk on begemotPf would stop at the pfAltq subtree with bsnmpd returning
SNMP_ERR_GENERR).
2010-03-24 16:07:33 +00:00
Shteryana Shopova
9315567023 Make sure the snmp_pf module will first refresh its entires if necessary,
then find a specific entry, and get the requested value. So far, it found
the specific entry, refreshed the entry list if necessary, and got the
requested value from the found entry. The problem is that refreshing nukes
all old entries and replaces them with new ones and the obtained entry
pointer was no longer valid after the refresh.

Reviewed by:		bz, philip
MFC after:		1 week
2010-03-19 09:53:25 +00:00
Shteryana Shopova
72d420c708 Add support for retrieving labeled pf filter rule counters.
PR:		bin/132847
Submitted by:	Szalai Andras <szalai (dot) bandi (at) gmail.com>
2010-03-18 14:54:31 +00:00
Ulrich Spörlein
7729e3ba40 Remove redundant WARNS?=6 overrides and inherit the WARNS setting from
the toplevel directory.

This does not change any WARNS level and survives a make universe.

Approved by:        ed (co-mentor)
2010-03-02 18:44:08 +00:00
Ed Schouten
b5810e9449 Port all applications in usr.sbin/ from libulog to utmpx. 2010-01-13 18:17:53 +00:00
Ed Schouten
71ccf09269 The last big commit: let usr.sbin/ use WARNS=6 by default. 2010-01-02 11:07:44 +00:00
Ed Schouten
71713ba2e1 Let the snmp_hostres module use utmpx.
Approved by:	harti
2009-12-24 17:55:47 +00:00
Shteryana Shopova
1753369083 Make sure enough memory is allocated for a struct pft_entry when
refreshing the list of pf tables.

OKed by:	philip
MFC after:	1 week
2009-12-05 13:45:21 +00:00
Attilio Rao
1262810177 Collapse devinfo_state_t with device_state_t in order to avoid a
structure replication and improve manteneability.

Reviewed by:	jhb, imp
Tested by:	Riccardo Torrini <riccardo at torrini dot org>
2009-11-15 16:44:43 +00:00
Ken Smith
3ca3047aee Bump the version of all non-symbol-versioned shared libraries in
preparation for 8.0-RELEASE.  Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.

Reviewed by:    kib
Approved by:    re (rwatson)
2009-07-19 17:25:24 +00:00
Kip Macy
a9eb07938f add zfs oid to bsnmpd
PR: bin/129360
Submitted by:	Ulrich Spoerlein
2009-05-17 05:54:25 +00:00
Bruce M Simpson
7a02aaee75 Only build the bsnmpd netgraph module if MK_NETGRAPH_SUPPORT is set. 2008-10-02 14:26:56 +00:00
Philip Paeps
0fecb888b2 Use INSERT_OBJECT_INT_LINK_INDEX macro instead of TAILQ_INSERT_TAIL when
filling the table of ALTQ queues retrieved from the kernel.

It is possible for the kernel to return the queues not by pa.altq.qid order.
When this happens, pf_snmp would only partially fill its table.

PR:		bin/120974
Submitted by:	Mykola Dzham <i -at- levsha.org.ua>
MFC after:	3 days
2008-06-01 14:09:54 +00:00
Shteryana Shopova
24988ed32d Keep the snmp_bridge(3) module up to date with if_bridge(4) and add an
object to control the value of the new 'PRIVATE' bridge members' flag.
While here, remove stale '__unused' compiler directives.

Reviewed by:	bz
Approved by:	re (bmah), bz (mentor)
2007-08-08 19:27:50 +00:00
Max Laier
60ee384760 Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
Rong-En Fan
27cfc42fc5 - Bump share library version which were missed in last bump
Reported by: 	     jhb
Discussed with:	     deischen, des, doubg, harti
Approved by:	     re (kensmith)
2007-06-18 18:47:54 +00:00
Pawel Jakub Dawidek
6b3d6017e8 s/destory/destroy/ (except for the code in contrib/). 2007-04-16 12:31:35 +00:00