Gleb Smirnoff
bf840a1707
Redo r294869. The array of counters for TCP states doesn't belong to
...
struct tcpstat, because the structure can be zeroed out by netstat(1) -z,
and of course running connection counts shouldn't be touched.
Place running connection counts into separate array, and provide
separate read-only sysctl oid for it.
2016-03-15 00:15:10 +00:00
Bjoern A. Zeeb
ce42ce038e
Try to fix a bug introduced in r228623. We started to copy the ifa_msghdr
...
as otherwise platforms with strict alignment would break. It's unclear
to me if there's also a problem with access to the address list following
the structure. However we never copied the address list after the structure
and thus are pointing at random memory. For now just use a pointer to the
original memory for accessing the address list making it at least work on
platforms with weak memory access.
PR: 195445
Reported by: wolfgang lyxys.ka.sub.org
Tested by: wolfgang lyxys.ka.sub.org (x86)
MFC after: 3 days
2016-02-03 11:03:44 +00:00
Gleb Smirnoff
a781766836
Grab value for LEAF_tcpCurrEstab from net.inet.tcp.stats instead of
...
net.inet.tcp.pcblist, which is much cheaper.
2016-01-27 00:50:27 +00:00
Bjoern A. Zeeb
54902c0a6a
Change the variable to a #define in order to make gcc happy which
...
otherwise will complain about "variably modified 'alias' at file scope".
Unbreaks the build on gcc platforms.
2016-01-22 15:03:22 +00:00
Hartmut Brandt
5edd0d3a4d
Fill the ifAlias leaf of the ifXTable with the interface description
...
if there is one available and it fits into the maximum size (64 characters).
2016-01-21 16:11:20 +00:00
Enji Cooper
8cd5a258fb
Staticize several variables that are used exclusively in bsnmpd/main.c and
...
bsnmpd/trap.c
This fixes several -Wmissing-variable-declaration warnings noted by clang
Differential Revision: https://reviews.freebsd.org/D4718
MFC after: 1 week
Reported by: Jenkins
Reviewed by: araujo
Sponsored by: EMC / Isilon Storage Division
2015-12-28 01:51:20 +00:00
Enji Cooper
30dfa264d0
Remove unused function act_getkernstring
...
This fixes a clang -Wunused warning
Differential Revision: https://reviews.freebsd.org/D4697
MFC after: 1 week
Reported by: Jenkins
Reviewed by: araujo, bapt
Sponsored by: EMC / Isilon Storage Division
2015-12-24 22:22:02 +00:00
Marcelo Araujo
fa77157916
Fix variable 'old' is used uninitialized whenever '&&' condition is false.
...
Spotted by clang.
Differential Revision: D2721
Reviewed by: rodrigc, bapt
2015-08-07 06:15:01 +00:00
Enji Cooper
e3ee0494af
Fix the function signatures when MK_CRYPT == no for snmp_get_local_keys and
...
snmp_passwd_to_keys
MFC after: 1 week
Reported by: Beeblebrox <zaphod@berentweb.com>
2014-12-27 20:58:01 +00:00
Shteryana Shopova
ac89bc4f84
Fix a bug in decoding string indexes in snmp_target(3), thus causing
...
bsnmpd(1) to not send v3 notifications properly; while here add two
missing return statements which could lead to abort() in case of a
rollback
2014-10-10 00:26:28 +00:00
Hartmut Brandt
30b5118d51
Fix a problem with OBJECT IDENTIFIER encoding: need to check the
...
second subid to be less than 40, not the first when the first
subid is 0 or 1.
2014-01-21 16:49:54 +00:00
Xin LI
ecd241b619
Fix bsnmpd remote denial of service vulnerability.
...
Reported by: dinoex
Submitted by: harti
Security: FreeBSD-SA-14:01.bsnmpd
Security: CVE-2014-1452
2014-01-14 18:58:57 +00:00
Shteryana Shopova
546401ce54
Fix the -Wconversion warnings produced when compiling the SNMP agent.
2013-10-17 12:03:17 +00:00
Shteryana Shopova
0698344859
Fix SNMP Error response PDUs and properly encode them when using v3 auth/encryption.
...
Reported by: harti@
2013-10-17 11:49:46 +00:00
Mikolaj Golub
b96e78e02c
Register OID for HAST module.
...
MFC after: 2 weeks
2013-05-08 20:04:32 +00:00
Gleb Smirnoff
8cc5fb3d91
Restore the ipNetToMedia MIB, that was broken with new ARP commit
...
in the r186119.
Submitted by: Konstantin Kukushkin <dark rambler-co.ru>
2013-04-25 16:23:22 +00:00
Pedro F. Giffuni
646a7fea0c
Clean some 'svn:executable' properties in the tree.
...
Submitted by: Christoph Mallon
MFC after: 3 days
2013-01-26 22:08:21 +00:00
Gleb Smirnoff
bc17db9558
Looks like support.h is really not needed here.
2012-10-18 13:46:26 +00:00
Maksim Yevmenkin
8651c115b8
put another bandaid on the build until i figure out bsnmp headers
2012-10-18 00:20:02 +00:00
Maksim Yevmenkin
aa21cf7851
fix build
...
MFC after: 1 week
2012-10-17 21:53:38 +00:00
Gleb Smirnoff
23cea7199b
Re-do r240271:
...
- Set IP_RECVDSTADDR sockopt on the socket only in case if
it is INADDR_ANY bound.
- Supply IP_SENDSRCADDR control message only if we did receive
IP_RECVDSTADDR control message.
This fixes operation of snmpd bound to a specific local IP address.
PR: bin/171279
2012-09-20 05:41:20 +00:00
Gleb Smirnoff
f2ddd22eac
For UDP transport set IP_RECVDSTADDR sockopt on the socket, and provide
...
IP_SENDSRCADDR control with datagram message we reply with. This makes
bsnmpd reply from exactly same address that request was sent to, thus
successfully bypassing stateful firewalls or other kinds of strict checking.
PR: bin/171279
2012-09-09 09:46:48 +00:00
Gleb Smirnoff
0cf0d912b7
The first part of check_priv() function, that attempts to obtain creds
...
from the control message, actually never worked. This means check_priv()
didn't work for local dgram sockets.
The SCM_CREDS control messages is received only in two cases:
1) If we did setsockopt(LOCAL_CREDS) on our socket, and in this case
the message is struct sockcred.
2) If sender did supplied SCM_CREDS control message in his sendmsg()
syscall. In this case the message is struct cmsgcred.
We can't rely on 2), so we will use 1) for dgram sockets. For stream
sockets it is more reliable to obtain accept-time credentials, since
SCM_CREDS control message is attached only on first read. Thus:
o Do setsockopt(LOCAL_CREDS) on local dgram sockets.
o Split check_priv() into check_priv_stream() and check_priv_dgram(),
and call them from recv_stream() and recv_dgram() respectively.
o Don't provide space for SCM_CREDS control message in recv_stream().
o Provide space for SCM_CREDS control message in recv_dgram(), but there
is no need to initialize anything in it.
o In recv_dgram() do not blindly expect that first message is SCM_CREDS,
instead use correct search cycle through control messages.
2012-09-08 07:12:00 +00:00
Kevin Lo
31f7ba0295
Fully initialize the stack-allocated "struct sockaddr_in sa" structure.
2012-09-07 08:58:30 +00:00
Joel Dahl
bef04523e3
Remove end of line whitespace.
2012-06-17 11:36:28 +00:00
Joel Dahl
0aa9c2d892
Minor mdoc fixes.
2012-06-17 11:33:55 +00:00
Maksim Yevmenkin
6c9707c3b2
Count both IPv4 and IPv6 TCP connections in tcpCurrEstab
...
Timeout from: current, syrinx
MFC after: 1 week
2012-06-06 18:00:38 +00:00
Glen Barber
a3fb6da9ba
General mdoc(7) and typo fixes.
...
PR: 167734
Submitted by: Nobuyuki Koganemaru (kogane!jp.freebsd.org)
MFC after: 3 days
2012-05-11 20:06:46 +00:00
Hartmut Brandt
9972acaa15
memset() wants the size of the structure to clear, not the size
...
of the pointer to it.
Submitted by: Pawel Worach
2012-03-18 19:28:52 +00:00
Bjoern A. Zeeb
1e629ba90f
Adter r228571 unbreak architectures with strict alignment rules
...
by copying rather than casting.
2011-12-17 11:06:22 +00:00
Mikolaj Golub
b2b91ddf9d
Include sys/queue.h: snmpmod.h uses TAILQ.
...
PR: bin/153153
MFC after: 2 weeks
2011-12-11 17:10:33 +00:00
Ulrich Spörlein
f0720ed5f8
Fix broken mdoc.
...
Found by: manlint
Approved by: re (kib)
2011-08-01 22:21:18 +00:00
Ruslan Ermilov
87a5818245
Properly detect interface's state in the LINK_STATE_UNKNOWN case.
...
MFC after: 1 week
2011-05-03 10:11:44 +00:00
Ruslan Ermilov
81b587f396
Don't spam syslog with "inet_ntop(): Address family not supported
...
by protocol family" when processing requests received from the
UNIX domain socket.
MFC after: 3 days
2011-04-20 08:38:25 +00:00
Hartmut Brandt
5a0bba9007
Bring the list of OIDs up-to-date to prevent conflicts.
2011-02-03 15:19:18 +00:00
Shteryana Shopova
cf90ea94a0
Unbreak the build by temprorarily not using include directives in
...
bsnmpd(1)' def files, until bsd.snmpmod.mk & Makefiles are fixed to
pass proper include path flags to gensnmptree.
2010-12-20 22:56:50 +00:00
Shteryana Shopova
72cd7a520d
Bring in a SNMP module that allows configuration of SNMPv3 Notification targets.
...
Sponsored by: The FreeBSD Foundation
Reviewed by: philip
Approved by: philip
2010-12-20 17:13:14 +00:00
Shteryana Shopova
2b8026620c
Silence the compiler warnings in libbsnmp by removing several (now)
...
unsed parameters.
Sponsored by: The FreeBSD Foundation
Reviewed by: philip@
2010-12-16 11:20:37 +00:00
Shteryana Shopova
e9a4946830
Add a forgotten file from r216294 and unbreak the build.
...
Sponsored by: The FreeBSD Foundation
Reviewed by: philip@ (mostly)
Approved by: philip@
2010-12-08 15:52:06 +00:00
Shteryana Shopova
135f7de5dd
In bsnmpd(1) add support for SNMPv3 message processing model, including message authentication, packet encryption & view-based access control (RFC 3412, 3414, 3415).
...
Sponsored by: The FreeBSD Foundation
Reviewed by: philip@ (mostly)
Approved by: philip@
2010-12-08 13:51:38 +00:00
Ulrich Spörlein
d9962dc588
Remove mention of non-existant -o flag for debugging options.
...
MFC after: 3 days
2010-10-23 12:27:39 +00:00
Ulrich Spörlein
7cc1fde083
mdoc: drop even more redundant .Pp calls
...
No change in rendered output, less mandoc lint warnings.
Tool provided by: Nobuyuki Koganemaru n-kogane at syd.odn.ne.jp
2010-10-19 12:35:40 +00:00
Joel Dahl
54be88c948
Fix two minor typos.
2010-08-16 21:12:26 +00:00
Ulrich Spörlein
f239d44ec1
Bump document date after content changes.
...
Pointy hat to: uqs
2010-08-16 19:05:10 +00:00
Ulrich Spörlein
e5cce4162a
Wordsmithing of bsnmpd.1
...
PR: docs/149157
Submitted by: Warren Block <wblock@wonkity.com>
MFC after: 1 week
2010-08-16 18:47:35 +00:00
Pyun YongHyeon
869ae66dfc
Fix a typo introduced in r210936 which broke build.
2010-08-06 18:44:07 +00:00
John Baldwin
d99d8e2e38
Ethernet vlan(4) interfaces have valid Ethernet link layer addresses but
...
use a different interface type (IFT_L2VLAN vs IFT_ETHER). Treat IFT_L2VLAN
interfaces like IFT_ETHER interfaces when handling link layer addresses.
Reviewed by: syrinx (bsnmpd)
MFC after: 1 week
2010-08-06 15:09:21 +00:00
Ulrich Spörlein
4f13bbb691
mdoc: consistently spell our email addresses <foo@FreeBSD.org>
...
Reviewed by: ru
Approved by: harti
2010-05-24 06:26:38 +00:00
Antoine Brodin
5a64472b2a
(S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument.
...
Fix some wrong usages.
Note: this does not affect generated binaries as this argument is not used.
Approved by: harti@
2010-03-27 13:43:18 +00:00
Ulrich Spörlein
ddedd8277a
Fix typo in macro name and macro usage.
...
Found by: make manlint
Reviewed by: ru
Approved by: harti, philip (mentor)
2010-03-12 11:05:37 +00:00