Also rename the related functions in a similar way.
There are no functional changes.
For a packet coming in with IPsec tunnel mode, the default is
to only call into the firewall with the "outer" IP header and
payload.
With this option turned on, in addition to the "outer" parts,
the "inner" IP header and payload are passed to the
firewall too when going through ip_input() the second time.
The option was never only related to a gif(4) tunnel within
an IPsec tunnel and thus the name was very misleading.
Discussed at: BSDCan 2007
Best new name suggested by: rwatson
Reviewed by: rwatson
Approved by: re (bmah)
Merge in parts of the old fast_ipsec.4 man page to ipsec.4 and
start updating ipsec.4 man page.
Reviewed by: brueffer, sam (slightly earlier versions), bmah
Approved by: re (bmah)
64bit counters are needed to simplify traffic accounting and
reduce system load at the big PPP concentrators.
Approved by: re (rwatson), glebius (mentor)
ports to the lagg interface.
- Use the MTU from the first interface as the lagg MTU, all extra interfaces
must be the same.
This fixes using a lagg interface for a vlan or enabling jumbo frames, etc.
Approved by: re (kensmith)
MFC After: 3 days
information from the submitter:
Starting value for OID_AUTO was changed from 100 to 256 (0x100) in
kern/kern_sysctl.c#rev1.112 on 2001-07-25, and defined as
CTL_AUTO_START in sys/sysctl.h#rev1.98.
Submitted by: cnst
Silence from: #bsddocs on efnet
MFC After: 3 days
Approved by: re (bmah)
included man pages on how to use it. This code is still somewhat experimental
but has been successfully tested on a number of targets. Many thanks to
Danny for contributing this.
Approved by: re
config info. from device.hints. Some machines have ipmi controllers
that do not have attachment info in either PCI, SMBIOS or ACPI.
This idea was hacked together by me and then done properly by
jhb.
Submitted by: jhb
Reviewed by: jhb (man page)
Approved by: re (Ken Smith)
MFC after: 1 week
Document the SENDMAIL_ALIASES, SENDMAIL_MAP_SRC, SENDMAIL_MAP_TYPE, and
SENDMAIL_START_SCRIPT
.Xr make.conf 5
variables.
These are used in
.Pa /etc/mail/Makefile .
PR: conf/40548
MFC after: 3 days
and protocol-independent host mode multicast. The code is written to
accomodate IPv6, IGMPv3 and MLDv2 with only a little additional work.
This change only pertains to FreeBSD's use as a multicast end-station and
does not concern multicast routing; for an IGMPv3/MLDv2 router
implementation, consider the XORP project.
The work is based on Wilbert de Graaf's IGMPv3 code drop for FreeBSD 4.6,
which is available at: http://www.kloosterhof.com/wilbert/igmpv3.html
Summary
* IPv4 multicast socket processing is now moved out of ip_output.c
into a new module, in_mcast.c.
* The in_mcast.c module implements the IPv4 legacy any-source API in
terms of the protocol-independent source-specific API.
* Source filters are lazy allocated as the common case does not use them.
They are part of per inpcb state and are covered by the inpcb lock.
* struct ip_mreqn is now supported to allow applications to specify
multicast joins by interface index in the legacy IPv4 any-source API.
* In UDP, an incoming multicast datagram only requires that the source
port matches the 4-tuple if the socket was already bound by source port.
An unbound socket SHOULD be able to receive multicasts sent from an
ephemeral source port.
* The UDP socket multicast filter mode defaults to exclusive, that is,
sources present in the per-socket list will be blocked from delivery.
* The RFC 3678 userland functions have been added to libc: setsourcefilter,
getsourcefilter, setipv4sourcefilter, getipv4sourcefilter.
* Definitions for IGMPv3 are merged but not yet used.
* struct sockaddr_storage is now referenced from <netinet/in.h>. It
is therefore defined there if not already declared in the same way
as for the C99 types.
* The RFC 1724 hack (specify 0.0.0.0/8 addresses to IP_MULTICAST_IF
which are then interpreted as interface indexes) is now deprecated.
* A patch for the Rhyolite.com routed in the FreeBSD base system
is available in the -net archives. This only affects individuals
running RIPv1 or RIPv2 via point-to-point and/or unnumbered interfaces.
* Make IPv6 detach path similar to IPv4's in code flow; functionally same.
* Bump __FreeBSD_version to 700048; see UPDATING.
This work was financially supported by another FreeBSD committer.
Obtained from: p4://bms_netdev
Submitted by: Wilbert de Graaf (original work)
Reviewed by: rwatson (locking), silence from fenner,
net@ (but with encouragement)
in the description of `moused_flags', instead of the later), and
add a description of `moused_XXX_flags' where `XXX' is the port
name of a non-default moused invocation -- including an example
of using "-3" with the default moused(8) instance, but no special
flags for moused(8) invocations handling 3-button USB mice (which
seems a very common scenario these days).
MFC after: 3 days
errr, I mean "Enumerate how the giant lock differs from other locks"
Please let me know if I missed any. Or misrepresented any...
Reviewed by: ssouhlal@
scripts in rc.d to stop rc(8) from booting into multi-user mode when
a critical or severe error condition is encountered.
o Modify scripts in etc/rc.d that already implemented this functionality
independently.
o Document it.
[1] - This subroutine was implemented in FreeBSD in rc.d/fsck. I moved it
to rc.subr(8). Our version differs slightly in that it takes an
optional argument to stop the boot even if "autoboot" is not set.
Obtained from: NetBSD
MFC after: 2 weeks
* Break out the boot0 loader selection into a variable - NANO_BOOTLOADER -
so people like me with VGA consoles can override the default (which is
to use boot0sio)
* Put the boot0 configuration options in NANO_BOOT0CFG in case you want
to override the defaults.
* Modify nanobsd.8 to reflect the changes and hint the console default is
serial.
MFC after: 2 weeks
The name trunk is misused as the networking term trunk means carrying multiple
VLANs over a single connection. The IEEE standard for link aggregation (802.3
section 3) does not talk about 'trunk' at all while it is used throughout IEEE
802.1Q in describing vlans.
The lagg(4) driver provides link aggregation, failover and fault tolerance.
Discussed on: current@
which can be used to turn off multicast pfsync support, and enable
the transmission of directed PFSYNC (IP protocol: 240) packets to
a specific "sync peer" host.
PR: conf/111225
Submitted by: Bas van Beek <bas@tobin.nl>
Approved by: mtm, mlaier
MFC after: 2 weeks
tolerance. This driver allows aggregation of multiple network interfaces as
one virtual interface using a number of different protocols/algorithms.
failover - Sends traffic through the secondary port if the master becomes
inactive.
fec - Supports Cisco Fast EtherChannel.
lacp - Supports the IEEE 802.3ad Link Aggregation Control Protocol
(LACP) and the Marker Protocol.
loadbalance - Static loadbalancing using an outgoing hash.
roundrobin - Distributes outgoing traffic using a round-robin scheduler
through all active ports.
This code was obtained from OpenBSD and this also includes 802.3ad LACP support
from agr(4) in NetBSD.
the args for hash32_stre and hash32_strne but there are no consumers in the
base system and openbgpd does not use it which the initial import was for.
Silence on: hackers
