- check for encryption/authentication key together with algorithm.
- warned if a deprecated encryption algorithm (that includes "simple")
is specified.
- changed the syntax how to define a policy of a ICMPv6 type and/or a
code, like spdadd ::/0 ::/0 icmp6 134,0 -P out none;
- random cleanup in parser.
- use yyfatal, or return -1 after yyerror.
- deal with strdup() failure.
- permit scope notation in policy string (-P
esp/tunnel/foo%scope-bar%scope/use)
- simplify /prefix and [port].
- g/c some unused symbols.
Obtained from: KAME
no matter where in the directory structure it may be. Use this and the "-k"
flag in the generated gdbinit files so that the "getsyms" function in gdb
requires no user intervention to run and will find every module if they're
in the kernel build's module directory. This is still quite useful for
cases where gdb knows that the path for some modules is /boot/kernel and
others are in the object directory for /usr/src/sys/$ARCH/compile/kernel.
Approved by: grog
a partition size on ia64. It's not true.
o Ask for a mountpoint for EFI partitions as well and check that it
isn't "/".
o On ia64 we may need to add EFI partitions. Make sure we pass the
right arguments to Create_Chunk_DWIM() in that case.
to better deal with the fact that we need an EFI partition and
that we need to have a mountpoint for it.
o When creating a new partition, add EFI to the list of types
the user can select from. This makes it easy to create an EFI.
o Do not include wizard.c on ia64.
o The user cannot create a partition on ia64 that's a multiple of
the cylinder size. We don't have a notion of cyclinders.
o Also allow swap and filesystem partitions outside a freebsd slice.
This is typically the case for GPT.
o Allow chunks of type "whole" to be displayed at the top. This is
to allow a GPT disk to be labeled. We need a slice out of which we
can make partitions, but a GPT disk doesn't have slices. For GPT
disks a chunk of type "whole" can then be used as a placeholder.
depending on namespace pollution in <sys/stat.h> for the declarations of
struct timeval and utimes().
Fixed some style bugs in rev.1.30 and some nearby style bugs (mainly
unsorting and missing or extra blank lines).
Removed a wrong comment that was obtained from NetBSD in rev.1.14. It said
that chflags() reset the times that were set "above" by utimes(), but
utimes wasn't "above" in FreeBSD until rev.1.30, and chflags() does't
actually reset the times.
if_xname, if_dname, and if_dunit. if_xname is the name of the interface
and if_dname/unit are the driver name and instance.
This change paves the way for interface renaming and enhanced pseudo
device creation and configuration symantics.
Approved By: re (in principle)
Reviewed By: njl, imp
Tested On: i386, amd64, sparc64
Obtained From: NetBSD (if_xname)
names containing glob(3) expressions would appear verbatim in the
output.
If such an mtree file were used by mtree in update mode, wrong things
would happen.
(aka RFC2292bis). Though I believe this commit doesn't break
backward compatibility againt existing binaries, it breaks
backward compatibility of API.
Now, the applications which use Advanced Sockets API such as
telnet, ping6, mld6query and traceroute6 use RFC3542 API.
Obtained from: KAME
dcons(4): very simple console and gdb port driver
dcons_crom(4): FireWire attachment
dconschat(8): User interface to dcons
Tested with: i386, i386-PAE, and sparc64.
stdin and stdout instead of relaying the data. Now it is possible
to say:
nghook -e path: hook /usr/local/bin/foo arg1 arg2
and foo will have the hook to path: at file descriptors 0 and 1.
Add an option to specify control messages to be send to the node before
either executing the program or entering the data relay loop.
character 1 byte past the end of cmdline[] when libedit is being used for
input, and avoid writing a null pointer 1 element past the end of margv[].
Reviewed by: gad
(1) Don't modify the configuration of the NFS server as a result of
selecting a profile. We already explicitly prompt for the NFS
server configuration during install, and the user may not get
much advance notice that we're turning it off again. Instead,
use profiles (for better or for worse) only for security tuning.
(2) Don't modify the sendmail setting as part of the security profile:
use the default from /etc/defaults/rc.conf rather than explicitly
specifying. Note that the default in /etc/defaults/rc.conf is
more conservative than the explicit rc.conf entry added by
sysinstall during install, as it does not permit SMTP delivery.
(3) Update "congratulations on your profile" text to reflect these
changes.
Note that security profiles now affect only the securelevel and sshd
settings. My leaning would be to make sshd an explicit configuration
option, move securelevels to the security menu, and drop security
profiles entirely. However, that requires more plumbing of sendmail
than I'm currently willing to invest.
We may want to add a "permit SMTP delivery" question to the install
process.
Skinny is the protocol used by Cisco IP phones to talk to Cisco Call
Managers. With this code, one can use a Cisco IP phone behind a FreeBSD
NAT gateway.
Currently, having the Call Manager behind the NAT gateway is not supported.
More information on enabling Skinny support in libalias, natd, and ppp
can be found in those applications' manpages.
PR: 55843
Reviewed by: ru
Approved by: ru
MFC after: 30 days
"will trim at" message printed when the user requests '-v'. The
previous code would often print the wrong time, such as:
On Sept 22, run: newsyslog -nv /var/log/wtmp
And see: will trim at Mon Sep 1 05:00:00 2003
correct msg: will trim at Wed Oct 1 05:00:00 2003
MFC after: 20 days
archaic at this point in time. Pretend nobody runs FreeBSD 1.x anymore
in order to not confuse people needlessly.
Laplink support probably doesn't even work at this point in time anyway...
