119 Commits

Author SHA1 Message Date
Shteryana Shopova
cf90ea94a0 Unbreak the build by temprorarily not using include directives in
bsnmpd(1)' def files, until bsd.snmpmod.mk & Makefiles are fixed to
pass proper include path flags to gensnmptree.
2010-12-20 22:56:50 +00:00
Shteryana Shopova
72cd7a520d Bring in a SNMP module that allows configuration of SNMPv3 Notification targets.
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip
Approved by:	philip
2010-12-20 17:13:14 +00:00
Shteryana Shopova
1c706be073 Pass proper -Wl,-export-dynamic to ld. Thus bsnmpd(1) compiled with clang
properly exports its symbols to the modules.

Submitted by:	dim
2010-12-16 15:18:53 +00:00
Shteryana Shopova
695239e2c7 Remove unnecessary debug/error CFLAGS.
Reported by	: pawel.worach (at) gmail (dot) com
2010-12-11 13:24:01 +00:00
Shteryana Shopova
836993f5cf Unbreak "make installworld" w/ DESTDIR specified
PR	:	kern/152939
2010-12-09 12:25:45 +00:00
Shteryana Shopova
a739872374 Add bsnmpd(1)'s SNMP client tools (including SNMPv3 support) to the base system.
Sponsored by:   The FreeBSD Foundation (the SNMPv3 bits), Google Summer of Code 2005
Reviewed by:    philip@ (mostly), bz@ (earlier version based on p4 ch124545)
Approved by:    philip@
2010-12-08 14:30:25 +00:00
Shteryana Shopova
135f7de5dd In bsnmpd(1) add support for SNMPv3 message processing model, including message authentication, packet encryption & view-based access control (RFC 3412, 3414, 3415).
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@ (mostly)
Approved by:	philip@
2010-12-08 13:51:38 +00:00
Ulrich Spörlein
ac203a768d Fix CPU load reporting independent of scheduler used.
- Sample CPU usage data from kern.cp_times, this makes for a far more
  accurate and scheduler independent algorithm.
- Rip out the process list scraping that is no longer required.
- Don't update CPU usage sampling on every request, but every 15s
  instead. This makes it impossible for an attacker to hide the CPU load
  by triggering 4 samplings in short succession when the system is idle.
- After reaching the steady-state, the system will always report the
  average CPU load of the last 60 sampled seconds.
- Untangling of call graph.

PR:		kern/130222
Tested by:	Julian Dunn <jdunn@aquezada.com>
		Gustau Pérez <gperez@entel.upc.edu>
		Jürgen Weiß <weiss@uni-mainz.de>
MFC after:	2 weeks

I'm unsure if some MIB standard states this must be the load average
for, eg. 300s, it looks like net-snmp isn't even bothering to implement
the CPU load reporting at all.
2010-10-28 20:18:26 +00:00
Joel Dahl
c2025a7660 Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while
translating these manual pages.  Minor corrections by me.

Submitted by:	Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
2010-08-16 15:18:30 +00:00
Joel Dahl
f6ac23919b Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
Shteryana Shopova
5593fdda18 Connect the snmp_wlan(3) module to the build.
Sponsored by:	The FreeBSD Foundation
2010-07-26 16:26:26 +00:00
Shteryana Shopova
09cbe818f0 Bring in a SNMP module to support monitoring cloned wireless interfaces
via bsnmpd(1). The module implements a private BEGEMOT-WIRELESS-MIB.

Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@
Approved by:	philip@
2010-07-26 16:16:39 +00:00
Simon L. B. Nielsen
12b052b9e0 Make failed open of /dev/mdctl in the bsnmpd hostres module non-fatal.
This makes it possible to use the hostres module when bsnmpd is not
running as root.

MFC after:	1 week
2010-07-24 10:04:35 +00:00
Ulrich Spörlein
62486687ed mdoc: consistently spell our email addresses <foo@FreeBSD.org>
Reviewed by:	ru
2010-05-19 08:57:53 +00:00
Shteryana Shopova
438be77d54 Now actually implement reading/refreshing/returning data from the pfTablesAddrTable
and modify the BEGEMOT-PF-MIB to add support for IPV6 address' statistics in the PF
tables via pfTablesAddrNetType and pfTablesAddrNet. While here, upgrade the
pf_tree.def file to the new format that includes enumerated values. Also make sure
to return SNMP_ERR_NOSUCHNAME for ALTQ objects, if ALTQ is disabled, so that the agent
will know to skip the pfAltq subtree when servicing GETNEXT requests from SNMP clients
(otherwise snmpwalk on begemotPf would stop at the pfAltq subtree with bsnmpd returning
SNMP_ERR_GENERR).
2010-03-24 16:07:33 +00:00
Shteryana Shopova
9315567023 Make sure the snmp_pf module will first refresh its entires if necessary,
then find a specific entry, and get the requested value. So far, it found
the specific entry, refreshed the entry list if necessary, and got the
requested value from the found entry. The problem is that refreshing nukes
all old entries and replaces them with new ones and the obtained entry
pointer was no longer valid after the refresh.

Reviewed by:		bz, philip
MFC after:		1 week
2010-03-19 09:53:25 +00:00
Shteryana Shopova
72d420c708 Add support for retrieving labeled pf filter rule counters.
PR:		bin/132847
Submitted by:	Szalai Andras <szalai (dot) bandi (at) gmail.com>
2010-03-18 14:54:31 +00:00
Ulrich Spörlein
7729e3ba40 Remove redundant WARNS?=6 overrides and inherit the WARNS setting from
the toplevel directory.

This does not change any WARNS level and survives a make universe.

Approved by:        ed (co-mentor)
2010-03-02 18:44:08 +00:00
Ed Schouten
b5810e9449 Port all applications in usr.sbin/ from libulog to utmpx. 2010-01-13 18:17:53 +00:00
Ed Schouten
71ccf09269 The last big commit: let usr.sbin/ use WARNS=6 by default. 2010-01-02 11:07:44 +00:00
Ed Schouten
71713ba2e1 Let the snmp_hostres module use utmpx.
Approved by:	harti
2009-12-24 17:55:47 +00:00
Shteryana Shopova
1753369083 Make sure enough memory is allocated for a struct pft_entry when
refreshing the list of pf tables.

OKed by:	philip
MFC after:	1 week
2009-12-05 13:45:21 +00:00
Attilio Rao
1262810177 Collapse devinfo_state_t with device_state_t in order to avoid a
structure replication and improve manteneability.

Reviewed by:	jhb, imp
Tested by:	Riccardo Torrini <riccardo at torrini dot org>
2009-11-15 16:44:43 +00:00
Ken Smith
3ca3047aee Bump the version of all non-symbol-versioned shared libraries in
preparation for 8.0-RELEASE.  Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.

Reviewed by:    kib
Approved by:    re (rwatson)
2009-07-19 17:25:24 +00:00
Kip Macy
a9eb07938f add zfs oid to bsnmpd
PR: bin/129360
Submitted by:	Ulrich Spoerlein
2009-05-17 05:54:25 +00:00
Bruce M Simpson
7a02aaee75 Only build the bsnmpd netgraph module if MK_NETGRAPH_SUPPORT is set. 2008-10-02 14:26:56 +00:00
Philip Paeps
0fecb888b2 Use INSERT_OBJECT_INT_LINK_INDEX macro instead of TAILQ_INSERT_TAIL when
filling the table of ALTQ queues retrieved from the kernel.

It is possible for the kernel to return the queues not by pa.altq.qid order.
When this happens, pf_snmp would only partially fill its table.

PR:		bin/120974
Submitted by:	Mykola Dzham <i -at- levsha.org.ua>
MFC after:	3 days
2008-06-01 14:09:54 +00:00
Shteryana Shopova
24988ed32d Keep the snmp_bridge(3) module up to date with if_bridge(4) and add an
object to control the value of the new 'PRIVATE' bridge members' flag.
While here, remove stale '__unused' compiler directives.

Reviewed by:	bz
Approved by:	re (bmah), bz (mentor)
2007-08-08 19:27:50 +00:00
Max Laier
60ee384760 Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
Rong-En Fan
27cfc42fc5 - Bump share library version which were missed in last bump
Reported by: 	     jhb
Discussed with:	     deischen, des, doubg, harti
Approved by:	     re (kensmith)
2007-06-18 18:47:54 +00:00
Pawel Jakub Dawidek
6b3d6017e8 s/destory/destroy/ (except for the code in contrib/). 2007-04-16 12:31:35 +00:00
Soeren Straarup
7b8287fb85 ! is a generic info message
Reviewed by:	harti
Approved by:	harti
MFC after:	2 weeks
2007-03-09 16:29:15 +00:00
Shteryana Shopova
ffdddc92b4 Remove all #if __FreeBSD_version checks now that RSTP support has been
MFCed to RELENG_6. We no longer need that to compile the bridge module
under both RELENG_6 and CURRENT.

Approved by:	bz (mentor)
2007-02-04 13:31:05 +00:00
Bjoern A. Zeeb
61644918e3 Re-connect snmp_bridge to the build. It survived a make universe
(apart from powerpc where the build broke earlier).
2006-12-29 19:24:51 +00:00
Bjoern A. Zeeb
a245531a29 bridge_snmp.h
* Change the API of bridge_get_basemac to take a maximum buffer length.

bridge_if.c
* Adopt to new API.
* In bridge_attach_newif() remove an additional pointer to the buffer
  by shuffling the code a bit. Also makes the code more readable.

bridge_sys.c
* bridge_get_basemac():
  - Adopt to the new API.
  - Change check for error code of getifaddrs().
  - First check for sa_family != AF_LINK.
  - Copy sockaddr_dl * to get around alignment constraints on some
    platforms.
  - Use strcmp instead of strncmp so that "foo11" != "foo1".
* other functions:
  - Allocate n times of the struct we need instead of arbitrary len,
    cast to the type we want it to be and pass around struct *s instead
    of char *s. This gets us around alignment restrictions on some
    platforms and in addition it is more clear what data is passed around.
  - Name variables for same types consistently.

Reviewed by:    syrinx
2006-12-29 19:23:38 +00:00
Bjoern A. Zeeb
6f3914bcf4 ia64 is nit-picking according to tinderbox so temporary disconnect
the bridge module from the build until this is fixed.
2006-12-21 01:58:22 +00:00
Shteryana Shopova
814c25f3ad Connect the snmp_bridge(3) module to the build.
Approved by:	bz (mentor)
2006-12-20 22:08:35 +00:00
Shteryana Shopova
3c6bf05583 Keep in sync with the if_bridge(4) module (rev. 1.20 if_bridgevar.h,
1.12 bridgestp.h) and rename all PointToPoint related variables
from P2P to PTP (s/P2P/PTP/g s/p2p/ptp/g).

Approved by:	bz (mentor)
2006-12-20 22:02:45 +00:00
Shteryana Shopova
42910bde6c Remove an unused variable.
Approved by:	bz (mentor)
2006-12-20 21:31:28 +00:00
Shteryana Shopova
f02a1e5794 Do not add 'default:' cases inside a switch() on an enum like the
SNMP option argument. That way the compiler will give a warning in
case of a missing or an extra but unknown 'case:'.
Do the same for SNMP LEAF objects to be prepared once gensnmptree will
auto-generate enums for those too.
Add an abort() after the switch() instead of the 'default:' to catch
any errors. The nice side effect is that the compiler will correctly
track supposed to be 'uninitialized' variables with that.

When trying to set a value sanity check it before calling the OS
dependent API of snmp_bridge to tell whether it is an attempt to
set a bad value or a general error.

Suggested by:	harti (first part)
Approved by:	bz (mentor)
2006-12-15 20:01:57 +00:00
Shteryana Shopova
5b6598a8c2 Instead of explicitly initializing variables to avoid compiler warnings,
add a default case to handle the situation when the variables are not
initialized.
Furthermore, abort() if the snmp agent passes an invalid option to the
bridge module. As the option (SET, GET, GETNEXT, COMMIT, ROLLBACK) is
determined by the snmp agent based on the operation requested by user,
this behaviour is unlikely to be abused as a source for a DoS, but if
ever hit will likely reveal a problem in the snmp agent or bridge
module.

Approved by:    bz (mentor)
2006-12-09 20:58:26 +00:00
Shteryana Shopova
b5906f8eed Add support for RSTP (RFC4318) to the SNMP bridge monitoring module.
Approved by:	bz (mentor)
2006-12-07 22:36:17 +00:00
Shteryana Shopova
7850265edd Bring in a SNMP module to support monitoring if_bridge(4) interfaces
via bsnmpd(1). The module implements IETF BRIDGE-MIB as defined in
RFC4188 and a private BEGEMOT-BRIDGE-MIB.

Sponsored by:  Google Summer of Code 2006
Reviewed by:   bz
Approved by:   bz (mentor)
2006-11-19 15:42:48 +00:00
Hartmut Brandt
1e1c4c13fb Make the generated oid.h dependend on the Makefile. The Makefile defines
the symbols to be extracted from the MIB and if that list of symbols is
changed, oid.h should be re-generated.
2006-11-08 10:36:57 +00:00
Gleb Smirnoff
99eebd2a7c Fix buildworld. 2006-10-31 21:44:46 +00:00
Ruslan Ermilov
66f6e0e5df Revise markup. 2006-09-30 19:07:03 +00:00
Hartmut Brandt
e55adffce7 Reduce the memory requirements for the tables by (1) using malloced strings
instead of maximum sized arrays embedded in the table structures and (2)
using pointers to constant oids instead of copying the oid into each
table structure. This also fixes indexing in the case when a string used
for indexing is longer than the maximum size allowed in the MIB.

Submitted by:	Victor Cruceru <soc-victor@>
2006-07-14 09:07:56 +00:00
Ruslan Ermilov
e4a9274404 Add missing library dependencies. 2006-04-13 12:49:24 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Hartmut Brandt
7a775b30e9 Silence some warnings by defining configuration preprocessor symbols. 2006-03-13 09:23:51 +00:00