libexec/ftp-proxy - ftp proxy for pf
sbin/pfctl - equivalent to sbin/ipf
sbin/pflogd - deamon logging packets via if_pflog in pcap format
usr.sbin/authpf - authentification shell to modify pf rulesets
Bring along some altq headers used to satisfy pfctl/authpf compile. This
helps to keep the diff down and will make it easy to have a altq-patchset
use the full powers of pf.
Also make sure that the pf headers are installed.
This does not link anything to the build. There will be a NO_PF switch for
make.conf once pf userland is linked.
Approved by: bms(mentor)
generic watchdoc(9) interface.
Make watchdogd(8) perform as watchdog(8) as well, and make it
possible to specify a check command to run, timeout and sleep
periods.
Update watchdog(4) to talk about the generic interface and add
new watchdog(8) page.
nologin(8), this causes a considerable (100K) increase in the binary size,
so I've added a NO_LOGIN_LOG option which disables this.
While I'm here, s/sizeof(MESSAGE)/sizeof(MESSAGE) - 1/, in order to
avoid writing the string-terminating zero byte.
No complaints from: -current
Approved by: rwatson (mentor)
This is the second of two commits; bring in the userland support to finish.
Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.
Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.
Sponsored by: sentex.net
hostname rather than an IP. The code was copying the pointer to the
IP address instead of the IP address itself. The bug has existed
ever since ypset was first imported in 1994.
PR: bin/62550
Submitted by: aardvark@saintaardvarkthecarpeted.com
MFC after: 1 week
loading on a particular version of Windows. For example, a .INF file
for a Windows 2000 driver may have an empty [foo.NT.5.1] section which
will be ingored on Win2K (whose .INF parser won't look for sections
decorated with .NT.5.1) in favor of a [foo] section. Likewise, a
WinXP file will have an empty [foo] section which will be ignored in
favor of [foo.NT.5.1].
The problem is, we can handle both Win2K and WinXP drivers, and we
don't want to exclude either one.
As a workaround, we try to pretend we are WinXP by default and search
for sections decorated with .NT.5.1, but if we don't turn up any records,
we assume that maybe we're being fooled by a sabotaged .INF file and
make one more pass looking for undecorated sections instead.
This allows us to parse the .INF files for both the Win2K and the WinXP
Centrino wireless drivers.
I'd give anything for 5 minutes alone in a room with whoever wrote
Microsoft's .INF file parser. Just 5 minutes. That's all.
for storing the "diff -n" output. Some files (eg ports/INDEX,v) are too
big nowadays to fit on the stack.
Submitted by: Stephen Montgomery-Smith <stephen@math.missouri.edu>
if the line doesn't match ^<%d>, then treat it as a regular kernel
printf line. Previously if a kernel printf message started with "<"
it would be interpreted as a log message, often with LOG_EMERG
level. This was triggered by some printfs in sys/dev/aic7xxx/, and
can also happen with the partial lines that result if syslogd cannot
keep up with the rate of arrival of kernel messages.
Reviewed by: dwmalone
MFC after: 1 week
their lines.
Properly discard PCMCIA device declarations. I plan to support
PCMCIA cards, but they don't work yet, and it appears some .INF files
declare both PCI and PCMCIA device instances.
instead of creating them by hand and storing them in the CVS tree. Add
gensnmptree to the bootstrap tools (it is used to generated these files).
This simplifies the update procedure.
Submitted by: ru
return for getopt() and comparing to -1, ditto with fgetc() and EOF,
and using the kg_nice value from <sys/user.h>
Submitted by: Stefan Farfeleder <stefan@fafoe.narf.at>
Reviewed by: obrien, bde (a while back)
Tested lightly on: ppc, i386, make universe
life easier" patch: I doubt this will affect anyone else, but the FreeBSD
Update build code was getting very confused by this.
Approved by: rwatson (mentor)
PR: bin/61087
Extend libsdp(3) API to allow service registration and removal.
Fix uninitialized variable bug in sdpcontrol(8).
Reviewed by: imp (mentor)
No objection: ru
- Unify the conditional assignments section so that architectural
exclusions come first, then options and !options, sorted by the
option name, also in directory order, then architecture specific
sections, sorted by the architecture name, with i386 being a
traditional exception.
Prodded by: bde
keys, don't just do a substring match on "Ndi\Params". Instead, check
explicitly for strings that begin with "Ndi\Params". Why? Because it's
possible to create your own keys with different paths, like
"PROSetNdi\NdiExt\Params" which is what Intel does in their PRO/1000
driver's .INF file.
SRCS to teach make(1) that many .c sources are dependent on it.
This fixes parallel (-j) builds and makes it possible to build
individual .o files separately.
While here, removed PROG from CLEANFILES -- it's taken care of
already by bsd.prog.mk.
When an NFS server is port-scanned nfsd sometimes exits. This has
happened 3 times the last few weeks.
Nfsd has been written to exit when accept(2) fails. Unfortunately
accept can sometimes make a "normal" return with errno ECONNABORTED
and in this case nfsd exits prematurely.
Solution:
Check for ECONNABORTED (and also EINTR, since nfsd uses signals)
and continue.
Submitted by: Bjoern Groenvall <bg@sics.se>
PR: 61084
sequence when machine is started without attached USB mouse. Only do
repeated attempts to re-open device if the usb module has been actually
loaded. Also fix broken logic in doing delays between open attempts - do
delays between attempts, not after each attempt.
Due to previous behaviour being very annoying for notebook owners this
is a good 5.2 MFC candidate.
MFC after: 2 days
very useful .dot files of your netgraph(4) to quickly visualize the
nodes, hooks and edges. An example of this can be found here:
http://people.freebsd.org/~green/sample-netgraph-dot.ps
If anyone would like to refine the output further, please do so.
In fdformat.c a closing parenthesis is at the wrong place. Instead of
adding sizeof _PATH_DEV + 1 to the length of argv[optind], the length of the
string starting (sizeof _PATH_DEV + 1) characters after argv[optind]'s
beginning (accessing junk memory if we jump over the terminating null
character) is passed to malloc().
PR: bin/60026
Submitted by: Stefan Farfeleder <stefan@fafoe.narf.at>
the NTx86 section decoration).
subr_ndis.c: correct the behavior of ndis_query_resources(): if the
caller doesn't provide enough space to return the resources, tell it
how much it needs to provide and return an error.
subr_hal.c & subr_ntoskrnl.c: implement/stub a bunch of new routines;
ntoskrnl:
KefAcquireSpinLockAtDpcLevel
KefReleaseSpinLockFromDpcLevel
MmMapLockedPages
InterlockedDecrement
InterlockedIncrement
IoFreeMdl
KeInitializeSpinLock
HAL:
KfReleaseSpinLock
KeGetCurrentIrql
KfAcquireSpinLock
Lastly, correct spelling of "_aullshr" in the ntoskrnl functable.
copyrights to the inf parser files.
Add a -n flag to ndiscvt to allow the user to override the default
device name of NDIS devices. Instead of "ndis0, ndis1, etc..."
you can have "foo0, foo1, etc..." This allows you to have more than
one kind of NDIS device in the kernel at the same time.
Convert from printf() to device_printf() in if_ndis.c, kern_ndis.c
and subr_ndis.c.
Create UMA zones for ndis_packet and ndis_buffer structs allocated
on transmit. The zones are created and destroyed in the modevent
handler in kern_ndis.c.
printf() and UMA changes submitted by green@freebsd.org
and list_verbose(), so don't open /dev/pci read-write. This allows
pciconf -l[v] to work for non-root users, assuming the securelevel is
0 or -1.
Problem experienced by: William Michael Grim <wgrim@siue.edu>
case so that if devices need different initialization, we can key off
this in the rc scripts (currently unused). Also update the man page
which is a 100% duplicate of the rc scripts.
snprintf (buf, size, fmt, buf, etc). This only works by chance with our
libc, but fails (with a truncated string) on e.g. glibc.
Okayed by: sobomax
MFC after: 1 week
/libexec to /mnt2/libexec, and execute /mnt2/rescue/ldconfig to add
the /mnt2/lib and /mnt2/usr/lib library directories. Thanks to John Baldwin
for working to track this down.
Submitted by: jhb
than a char array. Emitting the data as a big char array works fine in
the typical case, where a .sys file may be ~50K in size. Unfortunately,
some .sys files can be several hundred Kbytes in size, or even several
megabytes in size. One extreme case is the Intel centrino wireless
driver, which is 2.4MB. This causes us to emit an ndis_driver_data.h
file that's on the order of 15MB in size, and gcc consumes enormous
amounts of virtual memory while trying to compile it. On my laptop,
with 128MB of RAM and 256MB of swap space, gcc consumed all available
VM and crashed without being able to compile if_ndis.o.
By emitting the array as assembler, we bypass the C compiler and consume
much less memory. I was able to easily test compile if_ndis.ko with the
centrino driver on my laptop after this change.
This is merely a convenience, and should not have any operational effect
on the NDISulator itself.
definitions for more than one device (usually differentiated by
the PCI subvendor/subdevice ID). Each device also has its own tree
of registry keys. In some cases, each device has the same keys, but
sometimes each device has a unique tree but with overlap. Originally,
I just had ndiscvt(8) dump out all the keys it could find, and we
would try to apply them to every device we could find. Now, each key
has an index number that matches it to a device in the device ID list.
This lets us create just the keys that apply to a particular device.
I also added an extra field to the device list to hold the subvendor
and subdevice ID.
Some devices are generic, i.e. there is no subsystem definition. If
we have a device that doesn't match a specific subsystem value and
we have a generic entry, we use the generic entry.
mostly used on 80x25 displays, and the actual window is about ten
characters narrower than that, resulting in the need for horizontal
scrolling. No functional change.
RELENG_5_2 candidate.
needed to be statically populated with device nodes. The first two are no
longer true, which makes the third pretty moot. In fact, we don't seem to
put device node bits into the distribution archives at all anymore.
So..... remove the god-aweful nasty hack that force unmounted devfs during
installation so that static device nodes could land in /dev. Now that the
vnode cleaner handles this case better this isn't strictly needed, but
axeing code in sysinstall is almost always benficial. Thanks to Don Lewis
for pointing out this attribute of sysinstall.
the case where there's an entry in the manufacturer's device list but
no corresponding installation section (and hence no AddReg assignments),
i.e. if dev = find_assign(sname, "AddReg"); returns NULL, then
don't try to dereference dev.
There is a fundamental problem with the handling of .INF files that
contain definitions for multiple devices: right now we dump all the
AddReg sections that we find, but don't distinguish what device they
belong to. This often results in duplicate keys.
Yes, it's what you think it is. Yes, you should run away now.
This is a special compatibility module for allowing Windows NDIS
miniport network drivers to be used with FreeBSD/x86. This provides
_binary_ NDIS compatibility (not source): you can run NDIS driver
code, but you can't build it. There are three main parts:
sys/compat/ndis: the NDIS compat API, which provides binary
compatibility functions for many routines in NDIS.SYS, HAL.dll
and ntoskrnl.exe in Windows (these are the three modules that
most NDIS miniport drivers use). The compat module also contains
a small PE relocator/dynalinker which relocates the Windows .SYS
image and then patches in our native routines.
sys/dev/if_ndis: the if_ndis driver wrapper. This module makes
use of the ndis compat API and can be compiled with a specially
prepared binary image file (ndis_driver_data.h) containing the
Windows .SYS image and registry key information parsed out of the
accompanying .INF file. Once if_ndis.ko is built, it can be loaded
and unloaded just like a native FreeBSD kenrel module.
usr.sbin/ndiscvt: a special utility that converts foo.sys and foo.inf
into an ndis_driver_data.h file that can be compiled into if_ndis.o.
Contains an .inf file parser graciously provided by Matt Dodd (and
mercilessly hacked upon by me) that strips out device ID info and
registry key info from a .INF file and packages it up with a binary
image array. The ndiscvt(8) utility also does some manipulation of
the segments within the .sys file to make life easier for the kernel
loader. (Doing the manipulation here saves the kernel code from having
to move things around later, which would waste memory.)
ndiscvt is only built for the i386 arch. Only files.i386 has been
updated, and none of this is turned on in GENERIC. It should probably
work on pc98. I have no idea about amd64 or ia64 at this point.
This is still a work in progress. I estimate it's about %85 done, but
I want it under CVS control so I can track subsequent changes. It has
been tested with exactly three drivers: the LinkSys LNE100TX v4 driver
(Lne100v4.sys), the sample Intel 82559 driver from the Windows DDK
(e100bex.sys) and the Broadcom BCM43xx wireless driver (bcmwl5.sys). It
still needs to have a net80211 stuff added to it. To use it, you would
do something like this:
# cd /sys/modules/ndis
# make; make load
# cd /sys/modules/if_ndis
# ndiscvt -i /path/to/foo.inf -s /path/to/foo.sys -o ndis_driver_data.h
# make; make load
# sysctl -a | grep ndis
All registry keys are mapped to sysctl nodes. Sometimes drivers refer
to registry keys that aren't mentioned in foo.inf. If this happens,
the NDIS API module creates sysctl nodes for these keys on the fly so
you can tweak them.
An example usage of the Broadcom wireless driver would be:
# sysctl hw.ndis0.EnableAutoConnect=1
# sysctl hw.ndis0.SSID="MY_SSID"
# sysctl hw.ndis0.NetworkType=0 (0 for bss, 1 for adhoc)
# ifconfig ndis0 <my ipaddr> netmask 0xffffff00 up
Things to be done:
- get rid of debug messages
- add in ndis80211 support
- defer transmissions until after a status update with
NDIS_STATUS_CONNECTED occurs
- Create smarter lookaside list support
- Split off if_ndis_pci.c and if_ndis_pccard.c attachments
- Make sure PCMCIA support works
- Fix ndiscvt to properly parse PCMCIA device IDs from INF files
- write ndisapi.9 man page
PR:
Submitted by:
Reviewed by:
Approved by:
Obtained from:
MFC after:
such that 'ispcvt' can build. Unforunately 'ispcvt' is needed in order for
/etc/rc.d/syscons to run. This fixes the bug where I could not get my
keymap effective at boot.
it returns. This allows it to connect to the server side again, which
has been listening on IPv6 addresses exclusively for more than 2 years.
PR: 59369
