is required into rc.network.
Person failed to use a real name so both email addresses from PR included
(Sent was different to From).
PR: 22998
Submitted by: dl@leo.org/spock@empire.trek.org
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.
TODO:
- The definitions of SADB_* in sys/net/pfkeyv2.h are still different
from RFC2407/IANA assignment because of binary compatibility
issue. It should be fixed under 5-CURRENT.
- ip6po_m member of struct ip6_pktopts is no longer used. But, it
is still there because of binary compatibility issue. It should
be removed under 5-CURRENT.
Reviewed by: itojun
Obtained from: KAME
MFC after: 3 weeks
very specific scenarios, and now that we have had net.inet.tcp.blackhole for
quite some time there is really no reason to use it any more.
(second of three commits)
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
* Put quotes around each line
* Single quotes for lines with no variable interpolation
* Double quotes if there is
* Capitalize each word that begins a line
* Make echo -n 'Doing foo:' ... echo '.' more of a standard
No functionality changes
the appropriate documentation added to rc.conf(5). If all goes well
with this over the next few weeks, the PR will be closed with the
pullup of patches back to 4-STABLE.
PR: 20202
Submitted by: Gerhard Sittig <Gerhard.Sittig@gmx.net>
Reviewed by: Darren Reed <darrenr@freebsd.org>
Approved by: Darren Reed <darrenr@freebsd.org>
Obtained from: Gerhard Sittig <Gerhard.Sittig@gmx.net>
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback
functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch:
. getgrent, getgrnam, getgrgid
. getpwent, getpwnam, getpwuid
. getusershell
. getaddrinfo
. gethostbyname, gethostbyname2, gethostbyaddr
. getnetbyname, getnetbyaddr
. getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified
to warn that host.conf is no longer used at boot time. In addition, if
there is a host.conf but no nsswitch.conf, the latter is created at boot
time from the former.
Obtained from: NetBSD
options. This allows you to set the standard dynamic port
assignment range prior to any network daemons (like named) starting
up, necessary if you are also using a firewall to restrict lower ports.
will be MFC'd in a few days
reserve, in maximal NFS packets. Originally only 2 packets worth of
space was reserved. The default is now 4, which appears to greatly
improve performance for slow to mid-speed machines on gigabit networks.
Add documentation and correct some prior documentation.
Problem Researched by: Andrew Gallatin <gallatin@cs.duke.edu>
Approved by: jkh
Reviewed by: joerg
The isdnd is able to listen on a socket for isdnmonitor to connect to
it to remotely control it (similar to ppp and pppctl). When this is
enabled in the isdnd config file, it will fail currently because isdnd
is started before the network interfaces are configured.
It is necessary to move the isdnd start after the ifconfig of the network
interfaces, then this problem will not occur.
Changes are:
- rpc.umntall is called at the right places now in /etc/rc*
- rpc.umntall timeout has been lowered from two days (too high) to one
- verbose messages in rpc.umntall have been clarified
- kill double entries in /var/db/mounttab when rpc.umntall is invoked
- ${early_nfs_mounts} has been removed from /etc/rc
- patched mount(8) -p to print different pass/dump values for ufs filesystems.
(last patch recieved from dan <bugg@bugg.strangled.net>)
Submitted by: Martin Blapp <mbr@imp.ch>, dan <bugg@bugg.strangled.net>
Currently we have a problem in that `dhclient' bails when configuring the
second interface as port 68 is already in use (by the `dhclient' started
for the first interface).
PR: 14810
Submitted by: n_hibma
daemons started. Move log_in_vain option there. It is needed to avoid
lot of connections to port 80 logged on production WWW server prior
Apache started from /usr/local/etc/rc.d
case instead of test where appropriate, since case allows case is a sh
builtin and (as a side-effect) allows case-insensitivity.
Changes discussed on freebsd-hackers.
Submitted by: Doug Barton <Doug@gorean.org>
* All variables are now embraced: ${foo}
* All comparisons against some value now take the form:
[ "${foo}" ? "value" ]
where ? is a comparison operator
* All empty string tests now take the form:
[ -z "${foo}" ]
* All non-empty string tests now take the form:
[ -n "${foo}" ]
Submitted by: jkh
respectively logging and dropping ICMP REDIRECT packets.
Note that there is no rate limiting on the log messages, so log_redirect
should be used with caution (preferrably only for debugging purposes).
Originally submitted by: Wayne Self <wself@cdrom.com>
Allow a ppp startup option in rc.conf.
Adjust sysinstall so that it appends to the end of ppp.conf
and uses the generated profile to start ppp in auto mode on
boot.
Submitted by: Josef L. Karthauser <joe@uk.FreeBSD.org>
get a list of interfaces, and then automatically configure them if
${ifconfig_${ifn}} or /etc/start_if.${ifn} exists.
This makes it a lot easier to deal with machines that constantly change
their network configuration as you can leave ifconfig settings for all
the possible cards - just the ones that are present will be configured.
Do discard standard output from the sysctl for approxy_all, and echo
what this sysctl is doing in the usual way. This fix is probably
backwards. We should probably just use the standard sysctl output
in all cases (it needs to have a newline filtered out).
Echo what the sysctls for nfs_reserved_port_only and nfs_access_cache
are doing.
default.
Despite their name it doesn't keep TCP sessions alive, it kills
them if the other end has gone AWOL. This happens a lot with
clients which use NAT, dynamic IP assignment or which has a 2^32
* 10^-3 seconds upper bound on their uptime.
There is no detectable increase in network trafic because of this:
two minimal TCP packets every two hours for a live TCP connection.
Many servers already enable keepalives themselves.
The host requirements RFC is 10 years old, and doesn't know about
the loosing clients of todays InterNet.
log_in_vain:
log_in_vain turns on logging for packets to ports for which
there is no listener.
rc.sysctl:
A generic way to set sysctl values. It reads /etc/syslog.conf
and sets values based on that. No /etc/syslog.conf has been
checked in yet, and I've not added this to the makefile yet
until I get more feedback.
Reviewed by: -current, -hackers and bde especially
suitable defaults pointing to the FreeBSD-shipped versions. This will allow
for easier integration of third-party replacements for these daemons.
Reviewed by: Several members of -committers
normal ifconfig stuff, one might need to pass down authentication
parameters for them.
This is closely tied to Hellmuth's impending rc patches for ISDN, but
sppp can also be used separately (thus it doesn't go directly into the
planned ISDN section of rc.conf).
Reviewed by: hm
addresses by default.
Add a knob "icmp_bmcastecho" to "rc.network" to allow this
behaviour to be controlled from "rc.conf".
Document the controlling sysctl variable "net.inet.icmp.bmcastecho"
in sysctl(3).
Reviewed by: dg, jkh
Reminded on -hackers by: Steinar Haug <sthaug@nethelp.no>
variable "stash_flag" is set. A few lines later, it is evaluated
as "stash_flags" with a trailing "s", and then a bit later the
singular version is unset.
PR: 7609
Reviewed by: phk
Submitted by: Walt Howard <howard@ee.utah.edu>
the rc.conf variable ``natd_interface''. rc.network will
determine whether it is an IP address or an interface name,
and invoke natd with the -a or -n flag as appropriate.
PR: 6947
Reviewed by: jkh@FreeBSD.ORG
against the "master map" to get the list of mount point/amd map
correspondences, and using that list as command-line arguments to start
amd.
When I tried to do this with the existing /etc/rc* scripts, I found that
I couldn't do this by modifying only /etc/rc.conf: that file gets
sourced very early by /etc/rc, well before any networking functionality
is present, let alone NIS. Further, I wasn't able to figure out a way
to use various levels & types of quoting to defer evaluation of the
string to a point subsequent to NIS initialization.
As a result, I resorted to hacking /etc/rc.network -- but I did it in a
way that ought to be reasonably general, and avoid breakage for anyone
else.
PR: 6387
Reviewed by: phk
Submitted by: David Wolfskill <dhw@whistle.com>