Commit Graph

5928 Commits

Author SHA1 Message Date
Luigi Rizzo
fbcb16efdf remove unused argument to print_s0()
Submitted by:	Christoph Mallon
MFC after:	3 days
2009-01-14 20:53:46 +00:00
Luigi Rizzo
c4898ccb7c Some small fixes submitted by Christoph Mallon, specifically:
+ Remove a dead field of a struct. It serves no purpose anymore.
+ Remove a \n at the end of the format string of err(); the err()
  function already adds a \n ;
+ remove many unnecessary casts which obfuscate the code.

This file has a huge number of indentation bugs, but I'd rather fix
them when/if we happen to modify the relevant parts of the code.

Submitted by:	Christoph Mallon
MFC after:	3 days
2009-01-13 23:36:38 +00:00
David E. O'Brien
0e969ed7e0 r187093 failed to keep the lifetime of the pointer suitable for reentrancy.
Fix that.  Also move the current buffer size into the 'cpa' structure.
2009-01-13 06:08:37 +00:00
David E. O'Brien
0035611858 Use a dynamically grown buffer for building the argv for the sub-mounts.
Also fix RCSid spamage.

Inspired by patch from:	Christoph Mallon <christoph.mallon@gmx.de>
2009-01-12 08:22:36 +00:00
Xin LI
07580acce5 Fix typo.
Submitted by:	Ben Kaduk <minimarmot gmail com>
MFC after:	3 days
2009-01-12 03:33:48 +00:00
Daniel Gerzo
7f220ecf72 - improve readability
Reviewed by:	trhodes, keramida
MFC after:	3 days
2009-01-11 22:36:45 +00:00
David E. O'Brien
a86de99566 Explicitly check each mount argv building assignment for buffer over flowing.
Reviewed by:	imp (earlier version of patch)
2009-01-10 20:54:47 +00:00
Edward Tomasz Napierala
a9ebb31183 Add the possibility to specify "-o force" with "mdconfig -du".
Reviewed by:	scottl
Approved by:	rwatson (mentor)
Sponsored by:	FreeBSD Foundation
2009-01-10 17:17:18 +00:00
Sam Leffler
10ad9a77f3 TDMA support for long distance point-to-point links using ath devices:
o add net80211 support for a tdma vap that is built on top of the
  existing adhoc-demo support
o add tdma scheduling of frame transmission to the ath driver; it's
  conceivable other devices might be capable of this too in which case
  they can make use of the 802.11 protocol additions etc.
o add minor bits to user tools that need to know: ifconfig to setup and
  configure, new statistics in athstats, and new debug mask bits

While the architecture can support >2 slots in a TDMA BSS the current
design is intended (and tested) for only 2 slots.

Sponsored by:	Intel
2009-01-08 17:12:47 +00:00
Daniel Gerzo
0c868e9061 - rename the RETURN VALUES section to EXIT STATUS
- not bumping a date as this is not a real content change

Approved by:	ru
MFC after:	3 days
2009-01-07 00:51:41 +00:00
Simon L. B. Nielsen
0211d3b61c Minor markup fix for the r186836 update. 2009-01-06 21:16:42 +00:00
Colin Percival
4c55b9e02e Strengthen some of the language concerning attacks on MD5, in light of the
recent demonstration of a forged SSL certificate.  Add text pointing out
that SHA-1 is at least theoretically broken.  Add a recommendation that
new applications use SHA-256.

MFC after:	1 month
2009-01-06 19:25:24 +00:00
Tom Rhodes
c6b34b2563 Add missing qualifier which was missed in the previous commit.
Noticed by:	brooks
2009-01-05 12:10:22 +00:00
Daniel Gerzo
c419baec28 - grammar and language fixes
- hard sentence breaks
- trim EXIT STATUS section and move it to DIAGNOSTICS as well as use .Er
  macro
- sort SEE ALSO

MFC after:	7 days
2009-01-04 15:41:01 +00:00
Ivan Voras
2b67c28a09 Several significant updates:
* Better wording of sections dealing with physical storage
* A new section on assumptions gvirstor has on its consumer devices
  (components) and its interaction  with file systems
* Improved markup (by hrs@)

Reviewed by:	hrs
Approved by:	gnn (mentor)
2009-01-04 11:31:03 +00:00
Ulf Lilleengen
db2bf4b016 - Back out r186038. Rather than changing the intent of the caller, the problem
should be handled internally in gvinum.

Suggested by:	pjd
2008-12-27 14:24:24 +00:00
David E. O'Brien
c9c6feb62c style(9) 2008-12-26 22:55:38 +00:00
David E. O'Brien
76c4621653 Make the sub-'argc' static to make it harder to overwrite thru a buffer
overflow.
2008-12-26 22:54:53 +00:00
Tom Rhodes
138f7e4b30 Apply various fixes:
Silence mdoc(7) warnings;
Xref correct manual pages;
Point user to the ddb.8 manual page.

PR:		129398
Submitted by:	gavin
2008-12-24 11:12:21 +00:00
David E. O'Brien
defc9d504b Garbage collect 'fflags'. 2008-12-24 03:07:19 +00:00
Tom Rhodes
1aa26f525e Note that when shutdown is run without options, it will place
the system into single user mode at the time specified.

PR:		129765
2008-12-23 15:00:03 +00:00
Tom Rhodes
9ffd02d312 Document the "-o large" option.
PR:		129792
2008-12-23 13:35:26 +00:00
Andrew Thompson
97a7a5698b Only show the pathname in verbose output as intended in the last commit (r172862). 2008-12-22 19:52:21 +00:00
Paolo Pisati
a21e097b2e Update the ipfw man page to reflect last change (-q option with nat option).
MFC after:	3 days
2008-12-18 21:46:18 +00:00
Paolo Pisati
3fc7bd58bc Honor the quiet (-q) option while adding a nat rule.
Submitted by:	Andrey V. Elsukov<bu7cher@yandex.ru>
MFC after:	3 days
2008-12-18 21:37:31 +00:00
David E. O'Brien
fce5f960ba Be a little bit more pestimistic in argument handling - check if we've
overflown our internal buffer (though after the fact), and s/strncpy/strlcpy/

Reviewed by:	rodrigc
Obtained from:	Juniper Networks
2008-12-18 18:44:46 +00:00
Qing Li
6e6b3f7cbc This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
Sam Leffler
67207b6994 back out unintended change 2008-12-15 01:44:23 +00:00
Sam Leffler
ddd244ecff move channel parsing to a getchannel routine so it can be reused to check
the channel argument supplied to chanswitch
2008-12-15 01:15:15 +00:00
Sam Leffler
746b34ace7 fix handling of sku codes like country codes 2008-12-15 01:10:52 +00:00
Sam Leffler
76f0b9bff1 fix handling of unknown country codes; atoi doesn't return -1
for an invalid string as I thought; so use strtol instead
2008-12-15 01:10:08 +00:00
Sam Leffler
b6130d380f 0 is a potential ISO CC; use new NO_COUNTRY #define to identify
when the CC is not set.  Note NO_COUNTRY is set to 0xffff for now
(must be 16 bits as ieee80211_regdomain struct defines sku's and
cc's as uint16_t which may need fixing).
2008-12-15 01:09:01 +00:00
Sam Leffler
27c1a6f490 o distinguish between adhoc and ahdemo modes
o do not require 1/2 and 1/4 rate channels be present in the
  calibration list when doing a gsm regulatory change; the
  existing 900MHz cards are not self-identifying so there is
  no way (using the calibration channel list) to check
2008-12-15 01:06:49 +00:00
Sam Leffler
cf0d500765 Improve regdomain.xml parser:
o store XML_Parser in the state block so we can report line numbers for errors
o complain about netband w/o mode
o complain about unknown modes
o complain about band w/o enclosing netband
o complain about duplicate freqband
o complain about unknown channel flags
o complain about band w/o freqband's
o complain about band w/o maxpower
o complain about country w/o ISO cc
o complain about country w/o regdomain reference
2008-12-15 01:00:18 +00:00
Ruslan Ermilov
a794372087 Fix the fallouts from r146267:
- Add the forgotten "mode" argument to the "mode" command.
- Move the description of "info" to where it belongs.
2008-12-14 12:56:56 +00:00
Poul-Henning Kamp
0f3311c56f Send all debug to stderr. 2008-12-14 11:48:51 +00:00
Poul-Henning Kamp
877ed37a0d Clarify that configuration files must be named '*.conf' 2008-12-14 11:47:39 +00:00
Ulf Lilleengen
a468c003ef - When writing metadata to a geom provider, open the it as read-write since it
might do subsequent reads from other providers. This stopped geli (and
  probably other classes using g_metadata_store as well) from being put on top
  of gvinum raid5 volumes.

Note:
The reason it fails in the gvinum raid5 case is that gvinum will read back the
old parity stripe before calculating the new parity stripe to be written out
again.  The write will then fail because the underlying disk to be read is
opened write only.

MFC after:	1 week
2008-12-13 14:14:56 +00:00
Luigi Rizzo
59cf6deb68 Move the check for the ending char in the partition name where
it was before -- the check is only made when getdisklabel()
returns valid info.
On passing, use MAXPARTITIONS to identify the max partition number,
instead of the hardwired 'h'

MFC after:	4 weeks
2008-12-12 15:56:38 +00:00
Max Laier
d3adc65594 Fix build - cast off_t to (intmax_t) for printing. 2008-12-03 23:00:57 +00:00
Luigi Rizzo
64c8fef580 Enable operation of newfs on plain files, which is useful when you
want to prepare disk images for emulators (though 'makefs' in port
can do something similar).

This relies on:
+ minor changes to pass the consistency checks even when working on a file;

+ an additional option, '-p partition' , to specify the disk partition to
  initialize;

+ some changes on the I/O routines to deal with partition offsets.

The latter was a bit tricky to implement, see the details in newfs.h:
in newfs, I/O is done through libufs which assumes that the file
descriptor refers to the whole partition. Introducing support for
the offset in libufs would require a non-backward compatible change
in the library, to be dealt with a version bump or with symbol
versioning.

I felt both approaches to be overkill for this specific application,
especially because there might be other changes to libufs that might
become necessary in the near future.

So I used the following trick:
- read access is always done by calling bread() directly, so we just add
  the offset in the (few) places that call bread();
- write access is done through bwrite() and sbwrite(), which in turn
  calls bwrite(). To avoid rewriting sbwrite(), we supply our own version
  of bwrite() here, which takes precedence over the version in libufs.

MFC after:	4 weeks
2008-12-03 18:36:59 +00:00
Luigi Rizzo
b87d1601b6 Some useful operational extensions to newfs_msdos, especially
when preparing images for emulators or flash devices:

+ option '-C size' to create the underlying image file with given size.
  Saves doing a 'dd' before, and especially it creates a sparse file

+ option '-@ offset' to build the FAT image at the specified offset
  in the image file or device;

+ make the cluster size adaptive on the filesystem size.
  Previously the default was 4k which is really unconvenient with
  large media; now it goes from 512 bytes to 32k depending on
  filesystem size (i still need to check whether it makes sense
  to go further up, to 64k or above);

+ fix default geometry when not specified on the command line,
  use 63 sectors/255 heads by default.
  Also trim the size so it exactly a multiple of a track, to avoid
  complaints in some filesystem code.

+ document all the above, plus some manual page clarifications.

MFC after:	4 weeks
2008-12-03 18:22:36 +00:00
Marcel Moolenaar
08b6360ca3 Print error messages as-is, when they don't conform to
<errno> [<parameter> 'value']
These are error messages from (lib)geom itself.
2008-11-30 23:46:31 +00:00
Marcel Moolenaar
e419ba879f Call gctl_free() after we processed the error string.
It's being freed as part of the request.
2008-11-30 23:38:44 +00:00
Marcel Moolenaar
39bd58723a Parse the error string returned by the kernel. The format is:
<errno> [<parameter> <value>]
So, rather than printing the error:
	gpart: 22 scheme 'gpt'
gpart(8) now prints:
	gpart: scheme 'gpt': invalid argument
2008-11-29 21:20:07 +00:00
Warner Losh
44e6d7240a Noticed the following error message:
mount_msdosfs: /dev/cf0s1: : Operation not supported by device

and thought I'd fix it to be:

mount_msdosfs: /dev/cf0s1: Operation not supported by device

Not sure why errmsg isn't getting filled in, or why this error is even
happening at all... (fsck_msdosfs is clean, and I can mount this same
CF elsewhere).
2008-11-29 02:28:05 +00:00
Luigi Rizzo
045651ec1e Create a fake geometry (16 heads, 64 sectors) when dealing with
a plain file and a geometry is not explicitly supplied through
command line or disktab entry.

This way you can a FAT image on a file as simply as this:

	newfs_msdos ./some/file

(right now you need a much longer command

	newfs_msdos -h 32 -u 64 -S 512 -s $total_blocks -o 0 ./some/file

Will be merged after 7.1 and 6.4 are released.
See also the related PR which suggests a similar change.

PR:		bin/121182
MFC after:	4 weeks
2008-11-26 21:05:03 +00:00
Scott Long
3f3137fee5 Big update to the iSCSI initiator code. Highlights include IPv6 support,
many bugs fixes, many more performance improvements.

Submitted by:	Danny Braniss

M    sbin/iscontrol/iscsi.conf.5
M    sbin/iscontrol/iscontrol.8
M    sbin/iscontrol/iscontrol.h
M    sbin/iscontrol/config.c
M    sbin/iscontrol/fsm.c
M    sbin/iscontrol/login.c
M    sbin/iscontrol/pdu.c
M    sbin/iscontrol/misc.c
M    sbin/iscontrol/auth_subr.c
M    sbin/iscontrol/iscontrol.c
M    sys/dev/iscsi/initiator/isc_cam.c
M    sys/dev/iscsi/initiator/iscsi.h
M    sys/dev/iscsi/initiator/isc_soc.c
M    sys/dev/iscsi/initiator/iscsi_subr.c
M    sys/dev/iscsi/initiator/iscsivar.h
M    sys/dev/iscsi/initiator/isc_subr.c
M    sys/dev/iscsi/initiator/iscsi.c
M    sys/dev/iscsi/initiator/isc_sm.c
2008-11-25 07:17:11 +00:00
Xin LI
b652d3a3dc Grammar improvements.
Submitted by:	kensmith
2008-11-18 20:38:07 +00:00
Marcel Moolenaar
7f792cd758 Use humanize_number(), rather than a home-grown algorithm for
formatting a number in a human-friendly way.

Note that with this commit a megabyte changed from 1000000 to
1048576 and a 80G disk is now printed as being 75G in size.
This is deliberate. It's consistent with the core of geom(8).
However, the original choice for a megabyte being 1000000 was
on purpose and matches what disk vendors put on the box. The
consistency is considered more important.

Submitted by:	delphij
2008-11-18 04:04:01 +00:00
Marcel Moolenaar
567bc443e8 Sort includes
Submitted by:	delphij
2008-11-18 03:43:02 +00:00
Marcel Moolenaar
0a4acb2e3d Pad the bootcode we write to the partition to a multiple of the
sector size.

Submitted by:	Alexey Shuvaev <shuvaev@physik.uni-wuerzburg.de>
Prompted by: 	delphij
MFC after:	3 days
2008-11-18 00:03:30 +00:00
Maxim Konovalov
69573e862d o One more s/gpt/gpart/. 2008-11-05 09:28:30 +00:00
Maxim Konovalov
7922d6f987 o Replace Xr to gpt(8) which is gone by gpart(8). 2008-11-05 09:27:13 +00:00
Doug Rabson
a9148abd9d Implement support for RPCSEC_GSS authentication to both the NFS client
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager.  I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.

The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.

To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.

As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.

Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.

The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.

Sponsored by:	Isilon Systems
MFC after:	1 month
2008-11-03 10:38:00 +00:00
Marcel Moolenaar
1eecfda454 Add support for multiple attributes. This is required for the
PC98 scheme.
2008-10-20 05:12:50 +00:00
Giorgos Keramidas
4f1fb109f9 Tiny wording nits.
MFC after:	1 week
2008-10-19 09:45:29 +00:00
Brooks Davis
38e755fd40 Support the remaining options listed in dhcp-options(5) and RFC 2132.
PR:		bin/127076
Submitted by:	jkim
MFC after:	1 week
2008-10-17 13:28:53 +00:00
Maxim Konovalov
20e58023f4 o Remove a debug code and restore an accidentally deleted code
in a previous commit.
2008-10-14 17:59:39 +00:00
Maxim Konovalov
92531c02e6 o Do nothing in show_nat() for a test mode (-n). This prevents
show_nat() from endless loop and makes work ipfw -n nat <...>.

PR:		bin/128064
Submitted by:	sem
MFC after:	1 month
2008-10-14 17:53:26 +00:00
Konstantin Belousov
e6e1a3a875 Background fsck applies twice some summary totals changes. The next
background fsck on the same file system might then print negative
numbers for reclaimed directories/files/fragments.

Address the issue in a limited degree, by using old summary data for
cg when bgfsck is performed.

Submitted by:	tegge
MFC after:	1 week
2008-10-13 14:01:05 +00:00
Konstantin Belousov
717902b613 check_maps() in /usr/src/sbin/fsck_ffs/pass5.c seems to be limited to file
systems less than 1 TB, due to using 32-bits integers for file system block
numbers. This also causes incorrect error reporting for foreground fsck.

Convert it to use ufs2_daddr_t for block numbers.

PR:	kern/127951
Submitted by:	tegge
MFC after:	1 week
2008-10-13 13:56:23 +00:00
Xin LI
30223a3203 Add some examples to demostrate gpart(8).
--此行及以下内容将会被忽略--
2008-10-09 06:23:04 +00:00
Maxim Konovalov
116c00fb0b o Typo fixes.
PR:		docs/127866
Submitted by:	Marius Korsmo
2008-10-05 05:12:48 +00:00
Sam Leffler
24994b364c add duplicate cmd entries for vlan and vlandev that are marked !clone
so they can be used when not doing a create operation

Reviewed by:	ed
2008-10-02 20:03:41 +00:00
Ulf Lilleengen
9d8ce07800 - A call to close(2) might overwrite errno and thus give a wrong error message
on g_providername failure.

Suggested by:	pjd
Approved by:	pjd (mentor)
2008-09-30 11:46:14 +00:00
Ulf Lilleengen
bd5add5884 - Improve error message given on g_providername call failure.
- While there, make error messages consistent with the rest.

Approved by:	kib (mentor)
2008-09-30 07:18:49 +00:00
Sam Leffler
39669258d7 Distinguish between cmd/parameters used for clone operations and
all others.  Use this to disambiguate cmd line arguments that can
be either clone params or regular parameters so, in particular,
"bssid" again works as a regular parameter.

While here leverage the above to improve the logic for flushing
clone operations on the first !clone cmd line parameter.

Reviewed by:	jhay
2008-09-29 16:27:32 +00:00
Maxim Konovalov
19d35886ef o Add missed dot. 2008-09-29 05:31:27 +00:00
Roman Kurakin
e7ef3e9494 Fix the build.
Noted by: ganbold@
2008-09-27 15:58:54 +00:00
Roman Kurakin
e927c2b2e6 * add all keyword for table list & flush actions.
* add tables_max sysctl.
* add default_rule sysctl.

PR:		127058 (partially)
2008-09-27 15:09:00 +00:00
Roman Kurakin
c15c249000 Add keyword all in addtion to the table number for the 'list' and the
'flush' actions on tables.  Part of PR: 127058.

PR:		127058 (based on)
MFC after:	1 month
2008-09-27 14:30:34 +00:00
Xin LI
45cfb1dc53 Static-ify procedures in init(8). 2008-09-27 00:09:10 +00:00
Ruslan Ermilov
0a4b670e07 Add missing library dependencies.
PR:		bin/127573
Submitted by:	Eygene Ryabinkin
2008-09-23 13:12:51 +00:00
Giorgos Keramidas
7bf717b721 Unbreak the build. 2008-09-22 04:12:27 +00:00
Sam Leffler
51947cb625 MIMO power save and RIFS; while here also update per-node state/flags for ampdu 2008-09-22 00:30:26 +00:00
Sam Leffler
8db67fd293 "ampdudensity -" is too subtle; use "NA" for any and accept it as a parameter 2008-09-22 00:24:47 +00:00
Sam Leffler
40808af3aa check for undefined identifiers 2008-09-21 22:16:03 +00:00
Sam Leffler
690f477d75 add new build knobs and jigger some existing controls to improve
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd

Reviewed by:	various (posted to arch)
MFC after:	1 month
2008-09-21 22:02:26 +00:00
Roman Kurakin
eba1dd2124 Add the check of the table number. 2008-09-21 21:46:56 +00:00
Roman Kurakin
5ec36cd651 Move table list to a separate function. 2008-09-21 12:54:09 +00:00
Roman Kurakin
b0000a98c4 Free allocated memory. 2008-09-20 19:25:02 +00:00
Roman Kurakin
015002df0d Remove some unused variables. 2008-09-20 16:46:19 +00:00
Roman Kurakin
b88a2fe170 Style(9) the show_nat() function. 2008-09-20 16:17:49 +00:00
Roman Kurakin
03d4b38d9e Do not do the useless job for an empty table.
MFC after:	1 month
2008-09-20 15:54:22 +00:00
Craig Rodrigues
049307ba00 Use the version of the kernel returned by getosreldate()
to determine whether to call the fallback_mount() backwards
compatibility function or not.

Reviewed by:	dfr
2008-09-19 11:59:10 +00:00
Ulf Lilleengen
7a4b0bb24a - Make bsdlabel use libgeom to determine provider name, device path, the media
size and the sector size.
- Fix a bug where bsdlabel would try to read a regular file using the geom_bsd
  class.

Quick review by:	phk
Approved by:	pjd (mentor)
2008-09-18 14:04:02 +00:00
Remko Lodder
6f5c443661 Document the -F 's return statement.
If the application returns succesfully
the return code is 7 (which means the
filesystem is clean).

PR:		127432
Submitted by:	edwin
MFC after:	3 days
2008-09-17 06:56:27 +00:00
Craig Rodrigues
4b5bc28358 Instead of building up a "struct nfs_args" to pass to the kernel
via nmount(), build up an iovec where each iovec member is an NFS mount
option, and pass the iovec down to the kernel via nmount().  These options
are then parsed in the kernel.
This should make it easier to add new NFS mount options in future.

Many, many thanks to Doug Rabson for taking my initial patches,
and cleaning them up.  In addition, Doug added a fallback_mount()
function so that the newer mount_nfs program will work against older
kernels, to facilitate upgrading/downgrading scenarios.
Doug also re-wrote the mount_nfs.8 man page.

Reviewed by:	dfr
2008-09-13 20:22:46 +00:00
Tom Rhodes
8156052b20 Bring a paragraph in this manual page a bit closer to the present date.
Discussed with:	des
2008-09-07 15:19:34 +00:00
Ulf Lilleengen
b31e5ae243 - Make use of the new and g_device_path utility function in libgeom to avoid
duplication of code in fdisk and boot0cfg. Also make use of g_providername to
  fix an issue with fdisk and boot0cfg not using the correct provider when
  writing the MBR.

Reviewed by:	phk
Approved by:	pjd (mentor)
2008-09-07 13:58:35 +00:00
Roman Kurakin
d53fe7108b Check rule numbers against maximum value to avoid rules cleanup due
to overflow.

MFC after:	5 days.
2008-09-06 17:26:52 +00:00
Roman Kurakin
759dd6f7f7 Use IPFW_DEFAULT_RULE instead of hardcoded value since now it is
available.

MFC after:	5 days.
2008-09-06 17:23:37 +00:00
Kevin Lo
1f0e597d5a Use RUSAGE_SELF for the current process instead of hardcoded value 2008-09-02 02:59:13 +00:00
Matteo Riondato
bbe9d7da79 Don't return always 0. Return what we get from exec_mountprog or
mount_fs.

PR:		bin/125154
MFC after:	1 day
2008-08-31 20:08:05 +00:00
Pawel Jakub Dawidek
ba196edbd2 By default backup geli metadata to a file. It is quite critical 512 bytes,
once it is lost, all data is gone.

Option '-B none' can by used to prevent backup. Option '-B path' can be
used to backup metadata to a different file than the default, which is
/var/backups/<prov>.eli.

The 'geli init' command also prints backup file location and gives short
procedure how to restore metadata.

The 'geli setkey' command now warns that even after passphrase change or keys
update there could be version of the master key encrypted with old
keys/passphrase in the backup file.

Add regression tests to verify that new functionality works as expected.

Update other regression tests so they don't create backup files.

Reviewed by:	keramida, rink
Dedicated to:	a friend who lost 400GB of his live by accidentally overwritting geli metadata
MFC after:	2 weeks
2008-08-29 18:10:18 +00:00
Pawel Jakub Dawidek
785c7ba6a1 - Give algorithms recommendation.
- Keep options in alphabetical order.
2008-08-29 17:13:07 +00:00
Jack F Vogel
eafbb00d24 Add support in ifconfig to control the vlan hardware filter feature.
Reviewed by: EvilSam and moi
MFC after:1 week
2008-08-28 22:13:44 +00:00
Ivan Voras
0d6ff382c3 Trivial typo fix.
Approved by:	gnn (mentor)
2008-08-27 15:30:09 +00:00
Matteo Riondato
865bdc6208 Implement -R support, similar to ping(8)'s -A.
ping(8)'s -a was mapped to -e, but -E was already taken in ping6 (old
option) so rename -e to -r.
Now:
ping -a => ping6 -r
ping -A => ping6 -R

MFC after:	2 days
2008-08-27 15:01:23 +00:00
Matteo Riondato
248e5e18af Add -e to usage()
MFC after:	2 days
2008-08-27 13:29:43 +00:00
Rui Paulo
b3c9746474 Fix typo. 2008-08-27 12:54:29 +00:00
Matteo Riondato
155dac2fdc Implement audible support similar to ping(8) -a option. Since -a was already taken, I chose -e (no real argument for this) but I'm willing to change to a different character if needed/desired.
PR:	bin/123752 (inspired by)
MFC after:	2 days
2008-08-26 14:34:09 +00:00
Craig Rodrigues
6910e995d9 Instead of passing MNT_UPDATE, MNT_SNAPSHOT, MNT_RELOAD from
userspace to kernel via nmount(), pass in the strings
"update", "snapshot", "reload".

We want to move away from passing MNT_ flags from userspace -> kernel
via nmount(), and instead favor passing the string options.
2008-08-23 01:21:10 +00:00
Andrew Thompson
5c43e5f42d Fix channel parsing which was broken in r179958, the channel number may be
suffixed with :flag and /width.
2008-08-14 03:49:14 +00:00
Pawel Jakub Dawidek
4c5739d8f7 geli onetime command can take only one GEOM provider at a time. 2008-08-12 19:42:03 +00:00
Ivan Voras
970a8ddc44 Clean up of dead code and possible unassigned variable usage.
Found by:	LLVM/Clang Static Checker
Approved by:	gnn (mentor)
2008-08-09 16:47:30 +00:00
Dag-Erling Smørgrav
2616144e43 Add sbuf_new_auto as a shortcut for the very common case of creating a
completely dynamic sbuf.

Obtained from:	Varnish
MFC after:	2 weeks
2008-08-09 11:14:05 +00:00
Sam Leffler
ed8b5a9370 recognize WPS ie's
Submitted by:	"Chuck Tuffli" <chuck@tuffli.net>
MFC after:	1 week
2008-08-09 05:37:22 +00:00
Antoine Brodin
5718b3f2c0 Make atacontrol(8) rebuild work when /usr is not mounted or from /rescue
PR:		bin/125680
MFC after:	1 month
Tested by:	Stef Walter
2008-08-06 18:08:02 +00:00
Robert Watson
1492a26084 DDB scripting, textdumps, output capture, etc, all will appear in
FreeBSD 7.1 before 8.0 ships.

Spotted by:	Ulrich Spoerlein <uspoerlein at gmail dot com>
MFC after:	3 days
2008-08-03 14:27:06 +00:00
Andrew Thompson
3b0edf7dd0 Move the grekey to its own file, ifconfig.c does not have interface specific
code.

Submitted by:	sam
2008-08-03 03:36:12 +00:00
Sam Leffler
87a8e294f5 change list wme to only print the channel parameters; to
get channel+bss use -v
2008-08-02 18:10:14 +00:00
Sam Leffler
7842b6be31 don't silently exit if the regdomain.xml file is missing 2008-08-02 18:06:27 +00:00
Julian Elischer
2cc8ab2a83 Slight wordsmithing. prompted by danger@ 2008-08-01 23:31:28 +00:00
Julian Elischer
bc20b62b0e Document the use of the tablearg keyword together with the skipto command. 2008-08-01 22:34:01 +00:00
Sam Leffler
c0f198ca9b add missing capability bits 2008-08-01 01:27:52 +00:00
David E. O'Brien
a61d918656 Add a -q[uiet] flag for scripts. 2008-07-31 00:55:29 +00:00
Sam Leffler
4a5184dc80 correct description of how to clear a desired channel
Pointed out by:	Chris Buechler
MFC after:	1 week
2008-07-30 16:22:52 +00:00
Poul-Henning Kamp
68b22388a0 Update routed to use the RFC 3678 protocol-independent multicast API. Use
IP_MULTICAST_IF with struct ip_mreqn (obtained from Linux) to tell the
stack which interface index to use for sending IPv4 datagrams.

Submitted by:	bms
Tested by:	phk
2008-07-30 11:56:15 +00:00
Poul-Henning Kamp
2a6d272c10 Clarify which route property routed(8) looks at. 2008-07-29 23:22:06 +00:00
Konstantin Belousov
89aa52d4db Note that snapshots may cause a panic on the full UFS filesystem.
Submitted by:	pho
MFC after:	3 days
2008-07-26 13:18:33 +00:00
Julian Elischer
c7d1bf0bd9 Note that setfib is not a terminal rule. 2008-07-24 18:39:36 +00:00
Kris Kennaway
bf005f321e Fix -o mntudp after the conversion to default TCP mounts
Submitted by:	danfe
MFC after:	1 week
2008-07-10 17:53:10 +00:00
Marcel Moolenaar
c4c9b9f50c Obsolete bsdlabel(8) on powerpc. Use gpart(8) instead. 2008-07-06 20:57:35 +00:00
Marcel Moolenaar
773c9287f5 Make sunlabel specific to sparc64. This is mostly for backward
compatibility reasons. Sun labels, with VTOC8, are handled by
gpart(8).
2008-07-04 04:33:33 +00:00
Marcel Moolenaar
d7f5bced19 Stop building bsdlabel(8) and fdisk(8) on ia64. Both tools are
obsoleted by gpart(8). This avoids the following bugs in fdisk:
-  initializing a disk without MBR bogusly emits the error:
	fdisk: invalid fdisk partition table found
-  initializing a disk with or without MBR bogusly emits either:
	fdisk: Class not found
   or
	fdisk: Geom not found: "XXX"
-  the default geometry for non-ATA and non-SCSI disks is either
   invalid or sub-optimizal.
2008-07-03 20:53:15 +00:00
Marcel Moolenaar
b1b657e6b5 Add NO_MAN for the static variant of geom(8). Both the RESCUE and the
RELEASE_CRUNCH builds use NO_MAN anyway, so this change is primarily
to avoid that developers have to set NO_MAN manually when they build
the static variant.
2008-07-03 19:40:59 +00:00
Dag-Erling Smørgrav
8f518424d9 Drag this code kicking and screaming into the twenty-first century. 2008-07-02 15:51:59 +00:00
Roman Kurakin
259edd2800 Do not set IFF_DEBUG directly from the driver.
MFC after:	1 month.
2008-06-30 21:18:27 +00:00
Ed Schouten
708925463e Run the privileged dhclient process in its own session.
In the MPSAFE TTY branch, I noticed PTY's to be leaked, because
dhclient's privileged process was run inside the session of, say, the
login shell. Make sure we call setsid() here.

Approved by:	philip (mentor), brooks
2008-06-30 20:23:49 +00:00
Mike Makonnen
d5e7eb7e92 Support for filtering on major device number was removed in rev. 1.7 or
rule.c. Update man page example accordingly.

Submitted by:	Mateusz Guzik <mjguzik@gmail.com>
PR:		docs/124892
2008-06-27 09:09:50 +00:00
Mike Makonnen
186f2eea49 The signature for a pthread function requires that it
return a pointer to a void. The send_thread() and disk_thread()
funtions; however, do not have a return value because they run for
the duration of the daemon's lifetime. This causes gcc to barf when
running with -O3. Make these functions return a null pointer to quiet it.

PR:	bin/124342
Submitted by:	Garrett Cooper <gcooper@FreeBSD.org> (minus his comments)
MFC after:	1 week
2008-06-26 07:05:35 +00:00
Bjoern A. Zeeb
9a8398173d Document spindown constraints as given in the original commit
message[1] and later clarification provided by phk.

[1] http://docs.freebsd.org/cgi/mid.cgi?200803171033.m2HAXOeN055116

Reviewed by:	brueffer, phk, ed
2008-06-25 18:11:22 +00:00
Mike Makonnen
45a5dc937d Add a -q flag to swapon(8) to suppress informational messages. Use it in
rc.d.
Note: errors are not affected by this flag.
2008-06-23 22:17:08 +00:00
Mike Makonnen
d9fcd86c3a The sysctl(8) program exits on some errors and only emits warnings on
others. In the case where it displayed warnings it would still return
succesfully. Modify it so that it returns the number of sysctls that
it was not able to set.

Make use of this in rc.d to display only *unsuccessfull* attempts to
set sysctls.
2008-06-23 22:06:28 +00:00
Andrew Thompson
cd610d1cb9 Ensure the channel is a number and not a range, the 'channel' command can be
easily mixed up with 'chanlist' and would give unexpected results by fixing the
channel on the first number in the range.
2008-06-23 16:08:40 +00:00
Alexander Motin
72cbe4adf3 Add exit_delay parameter to control daemon exit delay after signal.
PR:		bin/58696
Submitted by:	sp@alkor.ru
2008-06-22 22:14:02 +00:00
Alexander Motin
b6365f959c Use strdup() instead of static buffer allocation to avoid 128 bytes limit
on -redirect_XXX arguments length.

PR:		bin/86647
Submitted by:	Stephen Hurd <shurd@sasktel.net>
2008-06-22 21:22:25 +00:00
Dmitry Morozovsky
c94b8307db Add -v (verbose) option to -l command, to show size and backing store
of all md devices at one time.

Approved by:	phk
MFC after:	2 weeks
2008-06-21 15:04:42 +00:00
Oleksandr Tymoshenko
032de3f930 Fix spelling
PR:	kern/124723
Event:	Bugathon#5
2008-06-20 21:41:44 +00:00
Andrew Thompson
131c55bc5b Add support for the optional key in the GRE header.
PR:		kern/114714
Submitted by:	Cristian KLEIN
2008-06-20 17:26:34 +00:00
Marcel Moolenaar
7a4a5cc0f4 Implement the set and unset verbs. While here, have the manpage
catch up with various changes.
2008-06-18 01:46:32 +00:00
Marcel Moolenaar
5a96f8396d Implement the -l and -r options for gpart show.
The -l option changes the output to show the partition label, if applicable
and when present. The -r option changes the output to show the raw (i.e.
scheme-specific) partition types.
2008-06-13 00:04:10 +00:00
Marcel Moolenaar
577bc11be5 Remove gpt(8). It's replaced by gpart(8). 2008-06-09 21:30:40 +00:00
Brooks Davis
9761cdd839 Use the -n flag to route(8) when calling "route get". Otherwise we hang
for a long time if we get a lease, but DNS isn't working.

MFC after:	1 week
2008-06-09 20:03:35 +00:00
Marcel Moolenaar
1e67a3e2cc Disconnect gpt(8) from the build. gpt(8) is replaced by gpart(8). 2008-06-09 16:42:55 +00:00
Mike Makonnen
e911e766b1 Document the misleading nature of the REQUIRE line. The patch in
the PR has been heavily edited for style(9) and clarity. Mistakes are
mine.

PR: bin/124251
2008-06-09 09:07:58 +00:00
Stanislav Sedov
4f38796595 - Display '-C' option in usage().
Approved by:	kib
2008-06-08 19:48:41 +00:00
Marcel Moolenaar
c0b5f33d45 Document the new -p and -i options for writing bootstrap code into
a partition. Make it clear that the -b option embeds boot code in
the meta-data.
2008-06-07 00:14:06 +00:00
Marcel Moolenaar
3022de951b Enhance the bootcode command to also allow bootcode to be written
to a partition. This avoids that users need to use dd(1) to install
boot code (as is needed for VTOC8 and booting GPT on PCs).
2008-06-06 23:58:29 +00:00
Marcel Moolenaar
59458baf2b Add two support functions:
o  gctl_delete_param() -- intended for parameters that are consumed
   by geom(8) itself and which should not be passed to the kernel.
o  gctl_has_param() -- intended to check if optional parameters are
   present.

Both are needed by gpart(8) to process the optional parameter for
writing bootcode to a partition (as part of the bootcode verb).
However, the kernel is itself not involved in this matter and the
parameter needs to be removed from the request destined for the
kernel.
2008-06-06 22:44:03 +00:00
Brian Somers
ec95e4c235 Don't abend if we get ENOMEM from sysctl(3). The data returned
is sufficient

MFC after:	2 weeks
2008-06-06 08:59:55 +00:00
Marcel Moolenaar
8c39fe86af Update the manpage to reflect reality:
o  The BSD, PC98 and VTOC8 schemes are supported.
o  The bootcode command was added to allow installing bootstrap code
   into the scheme's metadata.
2008-06-06 05:14:16 +00:00
Marcel Moolenaar
db300278f8 Allow building a static geom(8) for release related crunched
binaries. In particular, this allows geom to be added to the
boot_crunch binary on ia64.
2008-06-05 15:24:10 +00:00
Marcel Moolenaar
14bf405be4 Replace checks for RESCUE in sources with checks for STATIC_GEOM_CLASSES
and define STATIC_GEOM_CLASSES when building the rescue binary. This way
geom can more easily be part of other crunched binaries, as it requires
only a Makefile change.
2008-06-04 20:07:59 +00:00
Ruslan Ermilov
ac14190e39 Fix markup. 2008-06-03 09:43:28 +00:00
Konstantin Belousov
6d29a0b6d5 Add note about a reason to use mount(8) instead of mount_somefs.
Reported and proof-readed by:	pho
Discussed with:	rodrigc
MFC after:	3 days
2008-06-03 09:05:04 +00:00
Bjoern A. Zeeb
115737b173 Change the exit status for 0 and 2 to be the same as with ping(1)
and be usable in scripts, etc.

This also changes the semantics in case when we lose one of n packets.
In that case, before we exited by SIG, now we exit with return(0).

Submitted by:	Gert Doering (gert space.net)
MFC after:	10 days
2008-05-27 10:51:19 +00:00
Robert Watson
e4372ceba0 Remove netatm from HEAD as it is not MPSAFE and relies on the now removed
NET_NEEDS_GIANT.  netatm has been disconnected from the build for ten
months in HEAD/RELENG_7.  Specifics:

- netatm include files
- netatm command line management tools
- libatm
- ATM parts in rescue and sysinstall
- sample configuration files and documents
- kernel support as a module or in NOTES
- netgraph wrapper nodes for netatm
- ctags data for netatm.
- netatm-specific device drivers.

MFC after:	3 weeks
Reviewed by:	bz
Discussed with:	bms, bz, harti
2008-05-25 22:11:40 +00:00
Kirk McKusick
f72ab79315 Expand dump to allow MAX_INT dump levels.
PR:           bin/100732
Submitted by: Matthew Vincenz <msvincen@midway.uchicago.edu>
2008-05-24 05:20:46 +00:00
Kirk McKusick
693c40a39a When using dump to generate level 0 dumps which are then rsync'ed
to a remote machine, the fact that the dump date is stored with
each header (inode) record makes rsync significantly less efficient
than necessary. This also applies to inode access times when they
are not important data to retain. When implementing an offsite
backup solution of this type, these dates in particular are not
important, especially if it prevents effective offsite backups.

PR:           bin/91049
Submitted by: Forrest W Christian <fwc@mt.net>
2008-05-23 23:13:14 +00:00
Kirk McKusick
a73665b028 Fix nits pointed out in PR bin/39905 that have not already been
corrected since it was filed. With this change the PR will be closed.

PR:     bin/39905
2008-05-23 19:17:08 +00:00
Kirk McKusick
4e5867d27e This fixes the "getfile: lost data" panic when restoring dumps
on a 7.0 or later system that were created on a pre-5.0 system.
We must ensure that restore zeros out the previously undefined
birthtime and external attribute size fields when reading dump
tapes made by the UFS1 dump program.

The problem is that UFS2 dump carefully zeros out the unused
birthtime and external attribute size fields in the dump header
when dumping UFS1 filesystems, but the UFS1 dump didn't know about
those fields (they were spares) so just left whatever random junk
was in them. So, when restoring one of these pre-UFS2 dumps,
the new restore would eventually trip across a header that had
a non-zero external attribute size and try to extract it. That
consumed several tape blocks which left it totally out of sync
and very unhappy (i.e., the panic). The fix is in the gethead()
function which modernizes old headers by copying old fields to
their new location (and with this fix) zeroing out previously
undefined fields.

PR:		bin/120881
Review by:	David Malone & Scott Lambert
MFC after:	1 week
2008-05-22 22:19:33 +00:00
Kirk McKusick
67dafe43c1 Follow on to fix 1.51 for "Header with wrong dumpdate" message.
Must ensure that dump tapes from UFS1 filesystems properly copy
old fields of dump headers to new locations. Move check of dumpdate
to follow the code which ensures that the appropriate fields have
been copied.

PR:		bin/118087
Help from:	David Malone, Scott Lambert, Javier Martín Rueda
MFC after:	2 weeks
2008-05-22 22:18:38 +00:00
Pawel Jakub Dawidek
2e64768c87 - Change the meaning of -h flag from giving the output in megabytes to
giving the output in a human-readable form. This behaviour is consistent
  with most of system tools.
- Add -m and -g options to give output in megabytes and gigabytes
  respectively.
2008-05-20 12:24:31 +00:00
Poul-Henning Kamp
8680fabaa8 Fix for a bug I introduced when I cleaned up atacontrol: Don't terminate
if we are listing devices, a controller might legitimately not be there.

Submitted by:	"Andrey V. Elsukov" <bu7cher@yandex.ru>
2008-05-15 01:25:29 +00:00
Julian Elischer
05b0fdac8c Change two variables to size_t to improve portability.
Submitted by:	Xin Li
2008-05-10 15:02:56 +00:00
Julian Elischer
8b07e49a00 Add code to allow the system to handle multiple routing tables.
This particular implementation is designed to be fully backwards compatible
and to be MFC-able to 7.x (and 6.x)

Currently the only protocol that can make use of the multiple tables is IPv4
Similar functionality exists in OpenBSD and Linux.

From my notes:

-----

  One thing where FreeBSD has been falling behind, and which by chance I
  have some time to work on is "policy based routing", which allows
  different
  packet streams to be routed by more than just the destination address.

  Constraints:
  ------------

  I want to make some form of this available in the 6.x tree
  (and by extension 7.x) , but FreeBSD in general needs it so I might as
  well do it in -current and back port the portions I need.

  One of the ways that this can be done is to have the ability to
  instantiate multiple kernel routing tables (which I will now
  refer to as "Forwarding Information Bases" or "FIBs" for political
  correctness reasons). Which FIB a particular packet uses to make
  the next hop decision can be decided by a number of mechanisms.
  The policies these mechanisms implement are the "Policies" referred
  to in "Policy based routing".

  One of the constraints I have if I try to back port this work to
  6.x is that it must be implemented as a EXTENSION to the existing
  ABIs in 6.x so that third party applications do not need to be
  recompiled in timespan of the branch.

  This first version will not have some of the bells and whistles that
  will come with later versions. It will, for example, be limited to 16
  tables in the first commit.
  Implementation method, Compatible version. (part 1)
  -------------------------------
  For this reason I have implemented a "sufficient subset" of a
  multiple routing table solution in Perforce, and back-ported it
  to 6.x. (also in Perforce though not  always caught up with what I
  have done in -current/P4). The subset allows a number of FIBs
  to be defined at compile time (8 is sufficient for my purposes in 6.x)
  and implements the changes needed to allow IPV4 to use them. I have not
  done the changes for ipv6 simply because I do not need it, and I do not
  have enough knowledge of ipv6 (e.g. neighbor discovery) needed to do it.

  Other protocol families are left untouched and should there be
  users with proprietary protocol families, they should continue to work
  and be oblivious to the existence of the extra FIBs.

  To understand how this is done, one must know that the current FIB
  code starts everything off with a single dimensional array of
  pointers to FIB head structures (One per protocol family), each of
  which in turn points to the trie of routes available to that family.

  The basic change in the ABI compatible version of the change is to
  extent that array to be a 2 dimensional array, so that
  instead of protocol family X looking at rt_tables[X] for the
  table it needs, it looks at rt_tables[Y][X] when for all
  protocol families except ipv4 Y is always 0.
  Code that is unaware of the change always just sees the first row
  of the table, which of course looks just like the one dimensional
  array that existed before.

  The entry points rtrequest(), rtalloc(), rtalloc1(), rtalloc_ign()
  are all maintained, but refer only to the first row of the array,
  so that existing callers in proprietary protocols can continue to
  do the "right thing".
  Some new entry points are added, for the exclusive use of ipv4 code
  called in_rtrequest(), in_rtalloc(), in_rtalloc1() and in_rtalloc_ign(),
  which have an extra argument which refers the code to the correct row.

  In addition, there are some new entry points (currently called
  rtalloc_fib() and friends) that check the Address family being
  looked up and call either rtalloc() (and friends) if the protocol
  is not IPv4 forcing the action to row 0 or to the appropriate row
  if it IS IPv4 (and that info is available). These are for calling
  from code that is not specific to any particular protocol. The way
  these are implemented would change in the non ABI preserving code
  to be added later.

  One feature of the first version of the code is that for ipv4,
  the interface routes show up automatically on all the FIBs, so
  that no matter what FIB you select you always have the basic
  direct attached hosts available to you. (rtinit() does this
  automatically).

  You CAN delete an interface route from one FIB should you want
  to but by default it's there. ARP information is also available
  in each FIB. It's assumed that the same machine would have the
  same MAC address, regardless of which FIB you are using to get
  to it.

  This brings us as to how the correct FIB is selected for an outgoing
  IPV4 packet.

  Firstly, all packets have a FIB associated with them. if nothing
  has been done to change it, it will be FIB 0. The FIB is changed
  in the following ways.

  Packets fall into one of a number of classes.

  1/ locally generated packets, coming from a socket/PCB.
     Such packets select a FIB from a number associated with the
     socket/PCB. This in turn is inherited from the process,
     but can be changed by a socket option. The process in turn
     inherits it on fork. I have written a utility call setfib
     that acts a bit like nice..

         setfib -3 ping target.example.com # will use fib 3 for ping.

     It is an obvious extension to make it a property of a jail
     but I have not done so. It can be achieved by combining the setfib and
     jail commands.

  2/ packets received on an interface for forwarding.
     By default these packets would use table 0,
     (or possibly a number settable in a sysctl(not yet)).
     but prior to routing the firewall can inspect them (see below).
     (possibly in the future you may be able to associate a FIB
     with packets received on an interface..  An ifconfig arg, but not yet.)

  3/ packets inspected by a packet classifier, which can arbitrarily
     associate a fib with it on a packet by packet basis.
     A fib assigned to a packet by a packet classifier
     (such as ipfw) would over-ride a fib associated by
     a more default source. (such as cases 1 or 2).

  4/ a tcp listen socket associated with a fib will generate
     accept sockets that are associated with that same fib.

  5/ Packets generated in response to some other packet (e.g. reset
     or icmp packets). These should use the FIB associated with the
     packet being reponded to.

  6/ Packets generated during encapsulation.
     gif, tun and other tunnel interfaces will encapsulate using the FIB
     that was in effect withthe proces that set up the tunnel.
     thus setfib 1 ifconfig gif0 [tunnel instructions]
     will set the fib for the tunnel to use to be fib 1.

  Routing messages would be associated with their
  process, and thus select one FIB or another.
  messages from the kernel would be associated with the fib they
  refer to and would only be received by a routing socket associated
  with that fib. (not yet implemented)

  In addition Netstat has been edited to be able to cope with the
  fact that the array is now 2 dimensional. (It looks in system
  memory using libkvm (!)). Old versions of netstat see only the first FIB.

  In addition two sysctls are added to give:
  a) the number of FIBs compiled in (active)
  b) the default FIB of the calling process.

  Early testing experience:
  -------------------------

  Basically our (IronPort's) appliance does this functionality already
  using ipfw fwd but that method has some drawbacks.

  For example,
  It can't fully simulate a routing table because it can't influence the
  socket's choice of local address when a connect() is done.

  Testing during the generating of these changes has been
  remarkably smooth so far. Multiple tables have co-existed
  with no notable side effects, and packets have been routes
  accordingly.

  ipfw has grown 2 new keywords:

  setfib N ip from anay to any
  count ip from any to any fib N

  In pf there seems to be a requirement to be able to give symbolic names to the
  fibs but I do not have that capacity. I am not sure if it is required.

  SCTP has interestingly enough built in support for this, called VRFs
  in Cisco parlance. it will be interesting to see how that handles it
  when it suddenly actually does something.

  Where to next:
  --------------------

  After committing the ABI compatible version and MFCing it, I'd
  like to proceed in a forward direction in -current. this will
  result in some roto-tilling in the routing code.

  Firstly: the current code's idea of having a separate tree per
  protocol family, all of the same format, and pointed to by the
  1 dimensional array is a bit silly. Especially when one considers that
  there is code that makes assumptions about every protocol having the
  same internal structures there. Some protocols don't WANT that
  sort of structure. (for example the whole idea of a netmask is foreign
  to appletalk). This needs to be made opaque to the external code.

  My suggested first change is to add routing method pointers to the
  'domain' structure, along with information pointing the data.
  instead of having an array of pointers to uniform structures,
  there would be an array pointing to the 'domain' structures
  for each protocol address domain (protocol family),
  and the methods this reached would be called. The methods would have
  an argument that gives FIB number, but the protocol would be free
  to ignore it.

  When the ABI can be changed it raises the possibilty of the
  addition of a fib entry into the "struct route". Currently,
  the structure contains the sockaddr of the desination, and the resulting
  fib entry. To make this work fully, one could add a fib number
  so that given an address and a fib, one can find the third element, the
  fib entry.

  Interaction with the ARP layer/ LL layer would need to be
  revisited as well. Qing Li has been working on this already.

  This work was sponsored by Ironport Systems/Cisco

Reviewed by:    several including rwatson, bz and mlair (parts each)
Obtained from:  Ironport systems/Cisco
2008-05-09 23:03:00 +00:00
Coleman Kane
c4ca06b9b3 Update the lib/expat tree for the new v2.0.1 expat import. The bsdxml.h
header is now in two parts: bsdxml.h and bsdxml_external.h, representing
the expat.h and expat_external.h headers. Updated the info on the man
page as well. Also, fixed a type-error in a printf in
sbin/ifconfig/regdomain.c that would cause a compiler warning.

Approved by:	sam, phk
2008-05-08 14:01:42 +00:00
Robert Watson
0693424576 Add "ddb capture print" and "ddb capture status" commands do ddb(8),
alowing the DDB output capture buffer to be easily extracted from
user space.  Both of these commands include -M/-N arguments, allowing
them to be used with kernel crash dumps (or /dev/mem).

This makes it easier to use DDB scripting and output capture with
minidumps or full dumps rather than with text dumps, allowing DDB
output (scripted or otherwise) to be easily extracted from a crash
dump.

MFC after:	1 week
Discussed with:	brooks, jhb
2008-04-25 17:34:09 +00:00
Sam Leffler
b032f27c36 Multi-bss (aka vap) support for 802.11 devices.
Note this includes changes to all drivers and moves some device firmware
loading to use firmware(9) and a separate module (e.g. ral).  Also there
no longer are separate wlan_scan* modules; this functionality is now
bundled into the wlan module.

Supported by:	Hobnob and Marvell
Reviewed by:	many
Obtained from:	Atheros (some bits)
2008-04-20 20:35:46 +00:00
Brooks Davis
8ca3089abc When sending packets directly to the DHCP server, use a socket and send
directly rather than bogusly sending it out as a link layer broadcast
(which fails to be received on some networks).

PR:		bin/96018
MFC after:	2 weeks
2008-04-15 22:48:56 +00:00
Kirk McKusick
aed3576d26 restore(8) does not check for write failure while building two temp
files containing directory and ownership data. If /tmp fills, the
console is blasted with zillions of "file system full" errors, and
restore continues on, even though directory and/or ownership data
has been lost. This is particularly likely to happen when running
from the live CD, which has little /tmp space.

PR:         bin/93603, also probably bin/107213
Fix from:   Ken Lalonde
2008-04-14 20:15:53 +00:00
Marcel Moolenaar
4d32fcb42b Add the bootcode verb for installing boot code. Boot code
is supported for the MBR, GPT and PC98 schemes, where GPT
installs boot code into the PMBR.
2008-04-13 19:54:54 +00:00
Remko Lodder
afa09cae88 I keep taking timemachines to get back in time. Update the
year to 2008.

Noticed by:	ceri
2008-04-13 11:05:59 +00:00
Remko Lodder
722bb56802 Add missing device in tunefs entry.
PR:		docs/122702
Submitted by:	Yoshihiro Ota <ota@j.email.ne.jp>
MFC After:	3 days
2008-04-13 07:48:05 +00:00
Kirk McKusick
cfbb5cdd50 Avoid printing spurious ``Header with wrong dumpdate.'' message. 2008-04-11 21:51:53 +00:00
Kirk McKusick
c028393d70 Correctly set file group when restore is run by a user other than root. 2008-04-11 21:48:14 +00:00
Xin LI
14320f1e7f Add a new flag, '-C' which enables a special mode that is intended for
catastrophic recovery.  Currently, this mode only validates whether a
cylindergroup has good signature data, and prompts the user to decide
whether to clear it as a whole.

This mode is useful when there is data damage on a disk and you are
working on copy of the original disk, as fsck_ffs(8) tends to abnormally
exit in such case, as a last resort to recover data from the disk.
2008-04-10 23:49:23 +00:00
Ruslan Ermilov
d4f2098b47 Fix printing of sockaddr prefixes in verbose mode.
PR:		bin/122403
Submitted by:	az
MFC after:	3 days
2008-04-10 12:16:20 +00:00
John Baldwin
dc4ee2cf88 Add 'zfs' as an alias for the FreeBSD ZFS UUID.
MFC after:	3 days
PR:		bin/119976
Submitted by:	Cian Hughes  Ci of nhugh.es
2008-04-07 18:23:28 +00:00
Ruslan Ermilov
85018ba57b - Normalize usage(), add "ddb pathname" syntax.
- Revise the manpage.
2008-04-04 07:31:43 +00:00
Craig Rodrigues
205e074f2c Add comment about specifying "ro" mount option when
doing an update mount on a read-only file system.

Requested by:	yar
2008-04-04 01:50:58 +00:00
Warner Losh
52b370fe8e Use safer string handling.
Reviewed by: security-team
2008-04-03 20:37:38 +00:00
Sam Leffler
2fa02c5fb7 Fix handling of create operation together with setting other parameters:
o mark cmds/parameters to indicate they are potential arguments to a clone
  operation (e.g. vlantag)
o when handling a create/clone operation do the callback on seeing the first
  non-clone cmd line argument so the new device is created and can be used;
  and re-setup operating state to reflect the newly created device

Reviewed by:	Eugene Grosbein
MFC after:	2 weeks
2008-03-31 15:38:07 +00:00
Brooks Davis
d5354256b6 Add a new function is_default_interface() which determines if this
interface is one with the default route (or there isn't one).  Use it to
decide if we should adjust the default route and /etc/resolv.conf.

Fix the delete of the default route.  The if statement was totally bogus
and the delete only worked due to a typo. [1]

Reported by:	Jordan Coleman <jordan at JordanColeman dot com> [1]
MFC after:	1 week
2008-03-30 02:42:39 +00:00
Ruslan Ermilov
dbdb679c6f Remove options MK_LIBKSE and DEFAULT_THREAD_LIB now that we no longer
build libkse.  This should fix WITHOUT_LIBTHR builds as a side effect.
2008-03-29 17:44:40 +00:00
Craig Rodrigues
67361fdf2d Remove comment about "-r" flag from readlabel. "-r" is a no-op.
The is comment is left over from the old disklabel command.

Reviewed by:	phk
2008-03-23 03:01:10 +00:00
Sam Leffler
61063e478a Defer state change on disassociate to avoid unnecessarily dropping the
lease: track the current bssid and if it changes (as reported in an
assoc/reassoc) event only then kick the state machine.  This gives us
immediate response when roaming but otherwise causes us to fallback on
the normal state machine.

Reviewed by:	brooks, jhb
MFC after:	3 weeks
2008-03-22 16:24:02 +00:00
Sam Leffler
043f1935e0 correct syslog mask so LOG_DEBUG msgs are not lost
MFC after:	2 weeks
2008-03-22 16:18:07 +00:00
Remko Lodder
6764f54349 In route.c in newroute() there's a call to exit(0) if the command was
'get'. Since rtmsg() always gets called and returns 0 on success and -1
on failure, it's possible to exit with a suitable exit code by calling
exit(ret != 0) instead, as is done at the end of newroute().

PR:		bin/112303
Submitted by:	bruce@cran.org.uk
MFC after:	1 week
2008-03-22 12:50:43 +00:00
Warner Losh
d6aed19dfb No need to be gratuitously style(9) non-compliant here, even though
C++ lets me get away with it.
2008-03-21 20:38:28 +00:00
Remko Lodder
eba8219e9b Replace reference from vinum.8 to gvinum.8, it was advised in the PR to
replace this with vinum.4, but that's the kernel interface manual, which
is not appropriate in my understanding.  I think that gvinum is a suitable
replacement for this.

PR:		docs/121938
Submitted by:	"Federico" <federicogalvezdurand at yahoo dot com>
MFC after:	3 days
2008-03-21 20:16:25 +00:00
Poul-Henning Kamp
72d945abcc Add a "spindown" facility to ata-disks: If no requests have been received
for a configurable number of seconds, spin the disk down.  Spin it back
up on the next request.

Notice that the timeout is only armed by a request, so to spin down a
disk you may have to do:

	atacontrol spindown ad10 5
	dd if=/dev/ad10 of=/dev/null count=1

To disable spindown, set timeout to zero:

	atacontrol spindown ad10 0

In order to debug any trouble caused, this code is somewhat noisy on the
console.

Enabling spindown on a disk containing / or /var/log/messages is not
going to do anything sensible.

Spinning a disk up and down all the time will wear it out, use sensibly.

Approved by:	sos
2008-03-17 10:33:23 +00:00
Poul-Henning Kamp
f64275189c Un-cut&paste argument processing, fix things lint found. 2008-03-16 17:54:55 +00:00
Christian Brueffer
51b6df2d16 - Use an uppercase provider name in the example, to make the name change
after labeling the provider more obvious. (1)
- Correct nomenclature usage

PR:		121487 (1)
Submitted by:	Anatoly Borodin <anatoly.borodin@gmail.com>
MFC after:	3 days
2008-03-13 15:37:02 +00:00
Tom McLaughlin
3592acb12e - Update with a better example which shows that options specific to a
file system may be passed using -o.

Approved by:	remko, rodrigc
2008-03-12 02:09:22 +00:00
Tom McLaughlin
a818f1140f - Also change the /sbin/mount_unionfs line I managed to miss just two
lines down to '-o below'.

Approved by:	remko
Noticed by:	rodrigc
Pointyhat by:	me
2008-03-10 20:44:27 +00:00
Tom McLaughlin
39d63c55af - unionfs -b option is deprecated in favor of '-o below' as per
mount_unionfs(8).

Approved by:	remko
2008-03-10 19:03:55 +00:00
Christian Brueffer
058ddc3099 Fix typos.
PR:		121486
Submitted by:	Anatoly Borodin <anatoly.borodin@gmail.com>
MFC after:	3 days
2008-03-08 12:13:00 +00:00
Xin LI
bc69d66f2f Make it possible to build glabel into rescue geom(8) utility.
Ok'ed by:	marcel
No objection:	-current@
2008-03-05 23:31:49 +00:00
Xin LI
a6a568708b Use calloc(). 2008-03-05 23:17:19 +00:00
Brooks Davis
14084ab9bb Add the ability to read a file of commands to ddb(8) modeled after the
feature in ipfw(8).
2008-03-05 17:51:06 +00:00
Pawel Jakub Dawidek
081632cffb Add info about few missing GEOM classes that use geom(8). 2008-03-05 11:51:13 +00:00
Craig Rodrigues
d8f7b008a7 For a mounted file system which is read-only, when
doing the MNT_RELOAD, pass in "ro" and "update"
string mount options to nmount() instead of MNT_RDONLY and MNT_UPDATE flags.

Due to the complexity of the mount parsing code especially
with respect to the root file system, passing in MNT_RDONLY and MNT_UPDATE
flags would do weird things and would cause fsck to convert the root
file system from a read-only mount to read-write.

To test:
 - boot into single user mode
 - show mounted file systems with: mount
 - root file system should be mounted read-only
 - fsck /
 - show mounted file systems with: mount
 - root file system should still be mounted read-only

PR:		120319
MFC after:	1 month
Reported by:	yar
2008-03-05 08:25:49 +00:00
Craig Rodrigues
22a122f315 Remove hacks to filter out MNT_ROOTFS, since we now
do that internally inside nmount() in revision 1.267 of vfs_mount.c.
2008-03-05 06:24:42 +00:00
Sam Leffler
5ce09a9e9c explain that you must set a default transmit key for WEP
Submitted by:	Jeremie Le Hen <jeremie@le-hen.org>
MFC after:	1 week
2008-02-29 20:42:17 +00:00
David Malone
2b2c3b23d1 Dummynet has a limit of 100 slots queue size (or 1MB, if you give
the limit in bytes) hard coded into both the kernel and userland.
Make both these limits a sysctl, so it is easy to change the limit.
If the userland part of ipfw finds that the sysctls don't exist,
it will just fall back to the traditional limits.

(100 packets is quite a small limit these days. If you want to test
TCP at 100Mbps, 100 packets can only accommodate a DBP of 12ms.)

Note these sysctls in the man page and warn against increasing them
without thinking first.

MFC after:      3 weeks
2008-02-27 13:52:33 +00:00
Xin LI
1aaf5f440f In pass1(), cap inosused to fs_ipg rather than allowing arbitrary
number read from cylinder group.  Chances that we read a smarshed
cylinder group, and we can not 100% trust information it has
supplied.  fsck_ffs(8) will crash otherwise for some cases.
2008-02-26 03:08:22 +00:00
Xin LI
33663c7246 In pass2check(): Be more strict with the inode information before further
processing the information.  chk1 is more prone to crash when insane
information is provided by the on-disk inode, and does not even work
if the inode is being smarshed badly.
2008-02-26 03:05:48 +00:00
Xin LI
8f0931174a Be more careful when checking superblock. We have already checked
whether fs_bsize is larger than MINBSIZE, which is larger than the
value that is used to compared with fs_bsize, the sizeof fs, so the
check followed, will be always true.

By inspecting the code and some old commit log, I believe that the
check must be that *fs_sbsize* is larger than sizeof fs.  We round
up the size to nearest dev_bsize, as the smallest accepted fs_sbsize,
personally, I think this can be even changed to equal, because this
number is mostly an invariant in file systems.

With this check, fsck_ffs(8) will be more picky and has better
chance rejecting bad first superblock rather than referring to bad
value it supplied, thus gives better chance for it to check the
filesystem carefully.
2008-02-26 03:03:17 +00:00
Mike Silbersack
de625c605d Decrease ping6's minimum allowed interval
from .01 to .000001.

Note that due to the architecture of ping6,
you are still limited to kern.hz pings per
second.

MFC after: 2 weeks
2008-02-25 10:45:25 +00:00
Paolo Pisati
f94a7fc0b5 Add table/tablearg support to ipfw's nat.
MFC After: 1 week
2008-02-24 15:37:45 +00:00
Paolo Pisati
d956bdf35e -Fix display of nat range.
-Whitespace elimination.

Bug spotted by: Luiz Otavio O Souza
MFC After: 3 days
2008-02-21 22:55:54 +00:00
Ruslan Ermilov
b7498df286 getopt(3) returns -1, not EOF. 2008-02-19 07:09:19 +00:00
Yaroslav Tykhiy
c6446de05d Undo the damage I did in sys/kern/vfs_mount.c #1.274 and
sbin/mount_nfs/mount_nfs.c #1.76.  Let the dragons sleep.

Requested by:	rodrigc, des
PR:		kern/120319 (welcome the bug back)
2008-02-18 20:58:57 +00:00
Paolo Pisati
c879f6ecd7 Fix display of multiple nat rules.
Bug spotted by: Luiz Otavio O Souza
PR:	120734
MFC After: 3 days
2008-02-18 20:26:34 +00:00
Julian Elischer
0943a3b7ec Instead of using a heuristic to decide whether to display
table 'values' as IP addresses, use an explicit argument (-i).
This is a 'POLA' issue. This is a low risk change and should be MFC'd
to RELENG_6 and RELENG 7. it might be put as an errata item for 6.3.
(not sure about 6.2).

Fix suggested by: Eugene Grosbein
PR: 	120720
MFC After: 3 days
2008-02-18 19:56:09 +00:00
Yaroslav Tykhiy
bd20049d27 Add a work-around to make it possible again to remount
NFS root r/w.

The real solution would be to bring the whole nmount(2)
framework, including FS drivers and userland tools, into
a consistent state at last; but things should work in the
meantime, too.

Reported by:	kris
2008-02-18 10:24:47 +00:00
Yaroslav Tykhiy
a83655a35f Back out rev. 1.74 because the kernel isn't ready yet
to see NFS specific string options.
2008-02-18 00:23:28 +00:00
Yaroslav Tykhiy
fb2ae60938 Don't forget to prepare string options for nmount(2).
Otherwise things won't work as intended, e.g., it'll
be impossible to upgrade NFS root mount to read-write.

Reported by:	kris
2008-02-18 00:05:50 +00:00
Yaroslav Tykhiy
4ffb7f518d Correct the description of getmnt_silent: unknown options are silently
ignored if this variable is non-zero, which is quite logical given the
variable's name.
2008-02-17 20:25:25 +00:00
Ceri Davies
3efe0d9d2a Add the -4 option to the synopsis. 2008-02-12 09:24:11 +00:00
Ceri Davies
4a2b331aa6 Bump .Dd for r1.48. 2008-02-12 09:20:27 +00:00
Kris Kennaway
2427fa1998 Switch the default NFS mount mode from UDP to TCP. UDP mounts are a
historical relic, and are no longer appropriate for either LAN or WAN
mounting.  At modern (gigabit and 10 gigabit) LAN speeds packet loss
from socket buffer fill events is common, and sequence numbers wrap
quickly enough that data corruption is possible.  TCP solves both of
these problems without imposing significant overhead.

MFC after:     1 month
2008-02-11 23:23:21 +00:00
David E. O'Brien
9c6c6249d1 style(9) (verifed no-change in .o's) 2008-02-07 18:10:24 +00:00
Yaroslav Tykhiy
5702f0f0a5 Add a note that ipfw states do not implicitly match ICMP error messages. 2008-02-07 11:00:42 +00:00
Pierre Beyssac
2c41053e78 Fix typo.
Submitted by:	danny at cs.huji.ac.il (author)
2008-02-06 08:03:27 +00:00
Pierre Beyssac
fc2d062607 Update fix from rev 1.2.
Submitted by:	danny at cs.huji.ac.il (author)
MFC after:	1 week
2008-02-06 08:02:55 +00:00
Pierre Beyssac
7a21dee3c2 Fix a bug in hexadecimal formatting of the CHAP digest: bytes >= 0x80
were formatted as 0xff, causing the authentication to fail.

Reviewed by:	scottl
MFC after:	1 week
2008-02-05 23:42:38 +00:00
Ceri Davies
cc96d84196 Bump .Dd for r1.19; use consistent whitespace. 2008-02-05 23:42:37 +00:00
John Baldwin
d27c29a34e Add ZFS support.
MFC after:	1 week
PR:		bin/119976
Submitted by:	Simun Mikecin  numisemis of yahoo.com
2008-02-05 23:37:42 +00:00
Ulf Lilleengen
9d19384836 - Update geom(8) to explain that GEOM_LIBRARY_PATH can take a comma-separated
list of paths.

Approved by:	pjd (mentor)
MFC after:	2 days
2008-02-05 14:02:55 +00:00
Ruslan Ermilov
98439aaf04 Improve rev. 1.63. Document -instance and -globalport options.
Add a MULTIPLE INSTANCES section which provides an example of
setting up natd in multi-instance mode (based on the notes.natd
file from phk@).

Submitted by:	"Andrey V. Elsukov" <bu7cher@yandex.ru>
Reviewed by:	ru
2008-02-04 15:27:09 +00:00
Ulf Lilleengen
2591e96ce2 - Make geom commands handle multiple library paths in the GEOM_LIBRARY_PATH
environment variable using ':' as a separator.

Approved by:	pjd (mentor)
MFC after:	3 days
2008-02-04 12:17:02 +00:00
Matteo Riondato
b42024b241 Fix mount -p and mount -u -ocurrent on gjournaled FS
PR:		bin/120162
Submitted by:	Niki Denev
MFC after:	1 week
2008-02-04 07:37:56 +00:00
Sam Leffler
5ad26a3de5 correct tx rate displayed by list sta: the reported legacy tx rate
is still an index into the rate set and not (yet) the rate code

Noticed by:	JoaoBR
2008-02-03 18:29:58 +00:00
Sam Leffler
055d464b33 fix list mac; broken in delta 1.48
Noticed by:	JoaoBR
2008-02-03 18:21:13 +00:00
Matteo Riondato
031ea52f84 Fix printing of unionfs mounts when using the -p option
PR:		 bin/75585
MFC after:	1 week
2008-02-03 17:23:58 +00:00
Yaroslav Tykhiy
bb0e602de4 Spot two more bugs WRT adherence to the local prompt style. 2008-01-31 13:22:13 +00:00
Yaroslav Tykhiy
dc401d4927 Use consistent style in user prompts: the question is in a new line
and begins with a capital letter.  The rest of pwarn/ask pairs here
follows this style.

Requested by:	bde
2008-01-31 13:16:29 +00:00
John Baldwin
78111593dd Map 'boot' to GPT_ENT_TYPE_FREEBSD_BOOT when parsuing UUIDs so that things
like 'gpt add -t boot' work.

MFC after:	1 week
Submitted by:	 Niki Denev nike_d of cytexbg.com
2008-01-30 13:29:10 +00:00
Xin LI
5c68d10833 Don't coredump when executed with -o. 2008-01-29 00:20:00 +00:00
Mike Pritchard
3b9401db6f Sync up quotacheck's preen.c with fsck's. This makes quotacheck
process parallel checks in the same way as fsck, since fsck supports
pass numbers other than 0, 1 or 2.  Without this, quotacheck would
ignore file systems with pass numbers > 2.

The -l (maxrun) option is now deprecated and can be tuned with pass
numbers in /etc/fstab if needed.
2008-01-26 12:03:26 +00:00
Robert Watson
bb5081a7eb Hide ipfw internal data structures behind IPFW_INTERNAL rather than
exposing them to all consumers of ip_fw.h.  These structures are
used in both ipfw(8) and ipfw(4), but not part of the user<->kernel
interface for other applications to use, rather, shared
implementation.

MFC after:	3 days
Reported by:	Paul Vixie <paul at vix dot com>
2008-01-25 14:38:27 +00:00
Brooks Davis
1547317e88 During PREINIT, when giving the interface the address 0.0.0.0, do it as an
alias to avoid distrubing other addresses.

PR:		bin/119255
Submitted by:	Jaakko Heinonen <jh at saunalahti dot fi>
2008-01-21 23:54:57 +00:00
Tom Rhodes
e30ba4753a Note that the punch_fw option does not work in securelevel 3 and Xref init.8.
Bump .Dd.

PR:		41807
2008-01-21 23:09:18 +00:00
Maxim Konovalov
8c03c6c023 o Fix ipfw(8) command line parser bug: "ipfw nat 1 config if" requires an argument.
PR:		bin/119815
Submitted by:	Dierk Sacher
MFC after:	1 week
2008-01-20 08:31:35 +00:00
Mike Pritchard
eee55ebda9 Quotacheck may possibly skip quota accounting for up to 2 files
on a filesystem if the quota data files reside on a different
filesystem (e.g. the userquota=/somepath,groupquota=/somepath2
options are specified in /etc/fstab to place the quota files
somewhere other than the default location).

Fix quotacheck to only skip accounting if the quota data file
actually resides on the filesystem being checked.
2008-01-15 06:33:20 +00:00