drop any segment arriving at a closed port.
tcp.blackhole=1 - only drop SYN without RST
tcp.blackhole=2 - drop everything without RST
tcp.blackhole=0 - always send RST - default behaviour
This confuses nmap -sF or -sX or -sN quite badly.
that goes to opt_dontuse.h is so an opt_*.h file doesn't get created even
though an option may be used for bringing stuff in via files[.*].
Pointed out by: bde
that are linked into the kernel. The KLD compilation options are
changed to call these functions, rather than in-lining the
atomic operations.
This approach makes atomic operations from KLDs significantly
faster on UP systems (though somewhat slower on SMP systems).
PR: i386/13111
Submitted by: peter.jeremy@alcatel.com.au
supposedly it's ksh-derived, and it's not broken in pdksh. I've added
a test for test running as root: if testing for -x, the file must be
mode & 0111 to get "success", rather than just existant.
Reviewed by: chris
When you use pty(N) it creates pty(N+1) ready for your use in the DEVFS,
so DEVFS is not cluttered up with hundreds of ptys you are never going to
use.
about a dev_t.
printf("%x", dev) now becomes printf("%s", devtoname(dev)) because
printing actual information about the device is much more useful then
printing a pointer to an address that would never help the developer debug.
Submitted by: phk, bde
sysctl knobs.
With these knobs on, refused connection attempts are dropped
without sending a RST, or Port unreachable in the UDP case.
In the TCP case, sending of RST is inhibited iff the incoming
segment was a SYN.
Docs and rc.conf settings to follow.
in a previous FreeBSD version. That never happened. Document that
it is due to be replaced, but leave it open-ended as to when.
Also do some mdoc cleanup.
PR: docs/13148
PR: docs/13144
Submitted by: Lee Cremeans <lcremeans@erols.com>
Alex M. Zelkim <phantom@cris.net>
Discussed with: jkh
didn't match the argument (p->p_pid).
While I'm at it, also fix the dupo in the format string and fix the annoying
inconsistency in all the debug-printfs wrt p_pid arguments. Change all of them
to use the %ld format specifier and cast the p_pid arguments to long.
Submitted by: billf
0x40 and then access data stored in real-mode segment 0x40, even when
called in protected mode. Microsoft unfortunately coddle these individuals,
and so must we if we want to run their code.
This change works around GPFs in some APM and PnP BIOS implementations.
Obtained from: Linux
