(LCP/CCP/IPCP), one for urgent IP traffic and one for
everything else.
o Add the ``set urgent'' command for adjusting the list of
urgent port numbers. The default urgent ports are 21, 22,
23, 513, 514, 543 and 544 (Ports 80 and 81 have been
removed from the default priority list).
o Increase the buffered packet threshold from 20 to 30.
o Report the number of packets in the IP output queue and the
list of urgent ports under ``show ipcp''.
Supply RAD_NAS_IDENTIFIER if we have a `hostname` and
RAD_IP_ADDRESS if that hostname resolves.
Supply RAD_NAS_PORT using the ttyslot() of the tty that
we're authenticating on if it's a tty device.
Partially submitted by: Andriy I Pilipenko <bamby@marka.net.ua>
PR: 12225
I backed-out the changes in -current and didn't touch stable at all (I
thought I had my patch order reversed, not what actually happened).
AIEEE! I can't even blame the crack for this one since I broke my
crack pipe a few weeks ago. I think sleep deprivation gets the blame
for this one.
Medal for noticing this one goes to: Jim Bloom <bloom@acm.org>
bringing in DHCP support. The only thing I left out were Poul-Henning's
newfs changes since I'm not sure if he's brought the rest of that support
into -stable yet. If it turns out that this is the case, I'll MFC those
changes too.
going to remove ppp from the installation options in 5 days if ppp is
still broken, however, as it hasn't worked at installation time
for several weeks now and it's only causing people to fill my mailbox
with questions.
in NMEA mode (without date).
Trimble OEM Ace-II receiver. Low cost PCB with single
voltage input, external active antenna and two serial
ports with either NMEA and ITAPs output. Programmable
to be tuned for 'time' accuracy in fixed station config.
Author of tool notified.
Submitted by: Dirk van Gulik <dirk.vangulik@jrc.it>
in source input if the -f flag is used, and modify Makefile.yp to only
use -f for the passwd, master.passwd and group maps. These should be
the only ones for which the + and - characters have special meaning
that make it important for us to avoid letting them into any of the map
databases. In some cases (namely the automounter maps) we have to allow
at least the - character through in order to create the map properly.
This closes PR #8699.
PCI fast ethernet controller. Currently, the only card I know that uses
this chip is the D-Link DFE-550TX. (Don't ask me where to buy these: the
only cards I have are samples sent to me by D-Link.)
This driver is the first to make use of the miibus code once I'm sure
it all works together nicely, I'll start converting the other drivers.
The Sundance chip is a clone of the 3Com 3c90x Etherlink XL design
only with its own register layout. Support is provided for ifmedia,
hardware multicast filtering, bridging and promiscuous mode.
should be used from now on for anything security but not auth-related.
Included are updates for all relevant manpages and also to /etc files,
creating a new /var/log/security. Nothing in the system logs to
/var/log/security yet as of the time of this commit.
Reviewed by: rgrimes, imp, chris
that ppp stays in the foreground.
o Add the -quiet switch to quieten ppps startup
o Add the -nat flag and discourage the use of the -alias flag. Both do
the same thing.
o Correct some nat usage strings.
o Change the internal ``alias'' command to ``nat''.
Remove src/contrib/bind/bin/nslookup/commands.c as it is generated by lex
from commands.l.
Submitted by: lpc/cdcontrol patches originally by msmith.
Reviewed by: msmith (in theory)
in a previous FreeBSD version. That never happened. Document that
it is due to be replaced, but leave it open-ended as to when.
Also do some mdoc cleanup.
PR: docs/13148
PR: docs/13144
Submitted by: Lee Cremeans <lcremeans@erols.com>
Alex M. Zelkim <phantom@cris.net>
Discussed with: jkh
- Sort xrefs.
- FreeBSD.ORG -> FreeBSD.org
- Be consistent with section names as outlined in mdoc(7).
- Other misc mdoc cleanup.
PR: doc/13144
Submitted by: Alexey M. Zelkin <phantom@cris.net>
Savings Time on cron(8). If we ever introduce some work-around code for
handling jobs scheduled for a time that "doesn't happen" due to DST,
the section should be renamed to IMPLEMENTATION NOTES.
PR: 10947
Reported by: Scott Drassinower <scottd@cloud9.net>
Submitted by: Seth Bromberger <seth@freebie.dp.ny.frb.org>
Reviewed by: mpp
0.81.1 of the i4b code - namely support of the I4B_VR_REQ
ioctl via the i4brbchX device.
Ppp controls the phone number, but idle timers and
SYNC/RAW decisions are still made by isdnd (in isdnd.rc).
This involves a new datalink state machine phase. The
``wait for carrier'' phase happens after dialing but
before logging in. The whole dial state should really
be abstracted so that each device type can deal with it
in its own way (thinking about PPPoE) - but that'll have
to wait.
The ``set cd'' symantics remain the same for tty devices,
but we now delay until we either get CD or timeout waiting
(at which time we drop the link if we require CD).
For i4b devices we always insist on carrier.
Thanks to hm@ for his help, and especially for pointing out
that I *don't* need to re-implement isdnd (that was a huge
waste of time !) :-]
o If we're using RADIUS and the RADIUS mtu is less than our
peers mru/mrru, reduce our mtu to this value for NetBSD too.
o Make struct throughput's sample period dynamic and tweak the ppp
version number to reflect the extra stuff being passed through
the local domain socket as a result (MP mode).
o Measure the current throughput based on the number of samples actually
taken rather than on the full sample period.
o Keep the throughput statisics persistent while being passed to
another ppp invocation through the local domain socket.
o When showing throughput statistics after the timer has stopped, use
the stopped time for overall calculations, not the current time.
Also show the stopped time and how long the current throughput has
been sampled for.
o Use time() consistently in throughput.c
o Tighten up the ``show bundle'' output.
o Introduce the ``set bandwidth'' command.
o Rewrite the ``set autoload'' command. It now takes three arguments
and works based on a rolling bundle throughput average compared against
the theoretical bundle bandwidth over a given period (read: it's now
functional).
o Document debug level keyword
o Implement debug level:
o For most of the diagnostic messages, change them from #ifdef DEBUG
to if (debuglevel > 0).
o Add a couple more diagnostic messages that weren't present before
o Fix a couple of excessively long lines.
Reviewed by: hosokawa-san
o Start to implement the stopgap kludge for -current's pccard code by passing
the length of the i/o range. If DEV_DESC_HAS_SIZE is defined, we'll set
the size. This is done as an ifdef so that I can generate patches
against the kernel more easily.
o Add preliminary support for tweaking sleep times, but leave it
disabled until a good range of values can be established.
Didn't fix: logmsg problem noted by Nate.
compatibility. : is still the documented non-ambiguous approach. The
algorithm used will correctly parse david.obrien.staff as strrchar() is
used, and in my mind more people would use a ``.'' in the username than
the group name.
Convinced by argument and patch by: sheldonh (with slight changes by me)
negate the sense of rules.
o Remove the redundant (and undocumented) ``host'' and ``port''
words (README.changes updated).
o Don't permit (and ignore) garbage instead of the protocol.
Mostly submitted by: Peter Jeremy <jeremyp@gsmx07.alcatel.com.au>
callback option, and the server sends us CBCP_NONUM, proceed directly
to the network phase rather than insisting on our configured CBCP
option.
Mostly submitted by: kkphang <phang@dgate.po.my>
Originally submitted by: Wayne Self <wself@cdrom.com>
Allow a ppp startup option in rc.conf.
Adjust sysinstall so that it appends to the end of ppp.conf
and uses the generated profile to start ppp in auto mode on
boot.
Submitted by: Josef L. Karthauser <joe@uk.FreeBSD.org>
flamage between our beloved messrs Hearn and Feldman. Further commits go
through me. I urge the contestants to direct their energies at cleaning
up main() in inetd.c, which has over time become a crawling horror.
I've taken time to write up comments for the ident code tonight,
so there should no longer be any confusion about the purpouse of
whatever is in there. Wow, me commenting code... who'd have thought
that would happen?
Reviewed by: DES
Got rid of an extra variable or two, while making corrections to
problems (that would probably not be a problem anyway, and worked.)
Partially Obtained from: David Malone <dwmalone@maths.tcd.ie>
ethernet controllers based on the AIC-6915 "Starfire" controller chip.
There are single port, dual port and quad port cards, plus one 100baseFX
card. All are 64-bit PCI devices, except one single port model.
The Starfire would be a very nice chip were it not for the fact that
receive buffers have to be longword aligned. This requires buffer
copying in order to achieve proper payload alignment on the alpha.
Payload alignment is enforced on both the alpha and x86 platforms.
The Starfire has several different DMA descriptor formats and transfer
mechanisms. This driver uses frame descriptors for transmission which
can address up to 14 packet fragments, and a single fragment descriptor
for receive. It also uses the producer/consumer model and completion
queues for both transmit and receive. The transmit ring has 128
descriptors and the receive ring has 256.
This driver supports both FreeBSD/i386 and FreeBSD/alpha, and uses newbus
so that it can be compiled as a loadable kernel module. Support for BPF
and hardware multicast filtering is included.
* Bring memory allocation failure handling in line with that of
the rest of the code.
* Nestle block curlies between case statements correctly.
I've left the in-block declarations alone, since style(9) says we should
conform to the existing style within the code, and inetd already does
this. I've left the asprintf()'s in there because that's how Brian wants
it.
tables, copy them correctly back into our mbuf rather giving a
bzero'd count to memcpy() and ending up with a 0 byte fragment.
The old code resulted in a 0 byte write to the tun device which
tickled a bug that resulted in a panic :-(
example of their usage in the sample config. Merge the two examples
for the green internal auth service.
This commit failed the first time around because Brian beat me to the
punch on inetd.8 . I like my descriptions better and I'm pretty sure
Brian won't mind.
used! I don't declare every variable at the top of a function because
that wastes stack space. I've clarified the error a bit (for if asprintf()
filas.)
Allocate free I/O window with given size to card.
(example)
# IBM PCMCIA Ethernet I/II
card "IBM Corp." "Ethernet"
config 0x1 "ed0" ?
iosize 32
ether 0xff0
(it's currently only useful for externalizing hacks for broken CIS cards,
but it will play an important role with "function" directive I'm planninng
to merge)
Reviewed by: freebsd-mobile list
Obtained from: PAO3's "cardio" directive
1. Cleanups of ident_stream. "Evil" stdio is less used.
2. The BSD Copyright was added to the top of builtins.c.
3. As suggested, a timeout is now implemented in the ident
service. It defaults to 10 seconds. If enough people want
it, I'll make it configurable.
Suggested by: msmith
ifconfig, essentially stealing the lease until the user goes and changes
it. The alternative, sadly, is total dysfunction since bpf isn't in
GENERIC and network connectivity would otherwise fail completely on first
bootup when DHCP configuration was attempted again.
The ultimate answer here is to make either bpf a loadable kernel module
(which security conscious admins will be able to simply remove from /modules)
or come up with a lighter weight mechanism just for dhcp and other apps that
need to see broadcast packets but not otherwise sniff the wire in full
bpf glory.
Restore default SIGHUP, SIGCHLD and SIGALRM handlers in forked inetd
processes. This happens to work around the fact that hosts_access()
doesn't (but should) set SIG_IGN as the handler for SIGCHLD while it
handles the spawn option, but it would make sense even if that were
not true.
This does not address the leaking descriptors issue discussed on the
same PR.
PR: 12731
Reviewed by: des
Submitted by: David Malone <dwmalone@maths.tcd.ie>
in some code from C. Stone to parse the lease information. This is still
a WIP and this commit is largely intended to allow others to sync up; the
dhclient code still only works when doing dhcp configuration post-install
and requires a bit more work on the boot floppy before it will truly
work in the minimal bootstrapping role.
incarnated, it just matches other deficiencies related to crunchgen
and friends... and we already have similar code in ppp/Makefile.
RELEASE_CRUNCH should be axed, but for now let's be consistent.
Submitted by: Patrick Powell <papowell@astart.com>
track.
The Id line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
userland code. Using apmd.conf, the apmd(8) configuration file, you
can select the APM events to be handled from userland and specify the
commands for a given event, allowing APM behaviour to be configured
flexibly.
Have Fun!
Submitted by: iwasaki, KOIE Hidetaka <hide@koie.org>
Reviewed by: -hackers, -mobile and bsd-nomads ML folks.
Contributed by: Warner Losh <imp@FreeBSD.org>,
Hiroshi Yamashita <bluemoon@msj.biglobe.ne.jp>,
Yoshihiko SARUMARU <mistral@imasy.or.jp>,
Norihiro Kumagai <kuma@nk.rim.or.jp>,
NAKAGAWA Yoshihisa <nakagawa@jp.FreeBSD.org>, and
Nick Hilliard <nick@foobar.org>.
service. Inetd already uses the process title to indicate that a request
for an internal service is being serviced, so this addition is fairly
orthogonal.
Submitted by: David Malone <dwmalone@maths.tcd.ie>
gigabit ethernet adapters. This includes two single port cards
(single mode and multimode fiber) and two dual port cards (also single
mode and multimode fiber). SysKonnect is currently the only
vendor with a dual port gigabit ethernet NIC.
The ports on dual port adapters are treated as separate network
interfaces. Thus, if you have an SK-9844 dual port SX card, you
should have both sk0 and sk1 interfaces attached. Dual port cards
are implemented using two XMAC II chips connected to a single
SysKonnect GEnesis controller. Hence, dual port cards are really
one PCI device, as opposed to two separate PCI devices connected
through a PCI to PCI bridge. Note that SysKonnect's drivers use
the two ports for failover purposes rather that as two separate
interfaces, plus they don't support jumbo frames. This applies to
their Linux driver too. :)
Support is provided for hardware multicast filtering, BPF and
jumbo frames. The SysKonnect cards support TCP checksum offload
however this feature is not currently enabled (hopefully it will
be once we get checksum offload support).
There are still a few things that need to be implemeted, like
the ability to communicate with the on-board LM80 voltage/temperature
monitor, but I wanted to get the driver under CVS control and into
-current so people could bang on it.
A big thanks for SysKonnect for making all their programming info
for these cards (and for their FDDI and token ring cards) available
without NDA (see www.syskonnect.com).
Grammar and Spelling Reviewed by: mpp
While mpp kindly checked grammar and spelling, any technical errors
remaining in the man pages are entirely of mine.
internal services in inetd.conf .
The inetd(8) manpage used to say that the official name of a service
_must_ be used, yet inetd itself was hardcoded to used a service alias for
the auth service, namely ident!
Rather than change inetd.conf and break existing configurations on next
upgrade, we now allow service aliases as well as official names. This
allows the software to work as expected and still support existing
configurations.
This should not breaking existing wrapped configurations either and the
inetd(8) manpage already states that it is the service name specified in
inetd.conf that is used for calls to hosts_access(3).
PR: 11796
Reported by: Alex Charalabidis <alex@wnm.net>
Approved by: des
twice to enable wrapping for internal wrapping as well. If the option is
not specified wrapping is turned off so that inetd will behave exactly
as it used to before TCP Wrappers was imported.
Change etc/defaults/rc.conf so as to encourage wrapping on new systems.
Clarify the use of TCP Wrappers in the IMPLEMENTATION NOTES of the
manual page.
Approved by: jkh
secure permissions in case the user attempts to save something to
a file of his own.
Move umask stuff out of pw_init() into main() for better visibility
of overall umask tweaking logic.
PR: misc/11797
expect-send-expect sequence, finish gracefully, don't core dump.
This bug has been there for over a year - I could never reproduce it !
Straw provided by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
o getopt returns -1 rather than EOF on errors
o getopt returns '?' for characters it doesn't know about, so
don't include them in the getopt options string.
1) Handle forking and non-forking internal services correctly.
Turn on wrapping for internal services because it works now.
2) Preserve server names for each service on HUP.
3) Honour hosts_options(5) severity option.
4) Add IMPLEMENTATION NOTES section to clarify TCP Wrappers
usage and limitations.
This change may cause previously allowed builtin services (e.g. daytime)
to be denied in existing configurations.
PR: 12097
Reviewed by: markm
1)
Reported by: Pierre Beyssac <pb@fasterix.freenix.org>
2)
Submitted by: Masachika ISHIZUKA <ishizuka@ish.org>
3)
Submitted by: David Malone <dwmalone@maths.tcd.ie>
mode by padding out the ``struct device'' to the maximum
device size.
Bump the ppp version number to indicate the transfer format
change.
This should make MP over tty and udp devices functional again.
sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len.
Otherwise the increment will be wrong in certain cases.
Obtained from: Whistle source tree
For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests
SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
sizeof(ifr->ifr_addr) for the variable length field ifr->ifr_addr.sa_len.
Otherwise the increment will be wrong in certain cases.
Obtained from: Whistle source tree
For the record: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> suggests
SIOCGIFCONF should be dropped in favor of a sysctl mechanism.
having different speed links in a bundle. This would manifest itself
by having the link occasionally hang, but revive when a new connection
is made....
Make ``show mp'' a bit prettier.
o Show more information about missing MP fragments in ``show mp''.
o Do away with mbuf_Log(). It was showing mbuf stats twice on
receipt of LCP/CCP/IPCP packets.... ???!!?
o Pre-allocate a bit extra when creating LQR packets to avoid having
to allocate another mbuf in mbuf_Prepend().
- Mention that the 6Mbps turbo adapters are supported in HARDWARE.TXT
and RELNOTES.TXT and the wi.4 man page
- Mention turbo adapters in the wicontrol.8 man page and provide a
complete table of available transmit speed settings
ADMtek AL981 "Comet" chipset. The AL981 is yet another DEC tulip clone,
except with simpler receive filter options. The AL981 has a built-in
transceiver, power management support, wake on LAN and flow control.
This chip performs extremely well; it's on par with the ASIX chipset
in terms of speed, which is pretty good (it can do 11.5MB/sec with TCP
easily).
I would have committed this driver sooner, except I ran into one problem
with the AL981 that required a workaround. When the chip is transmitting
at full speed, it will sometimes wedge if you queue a series of packets
that wrap from the end of the transmit descriptor list back to the
beginning. I can't explain why this happens, and none of the other tulip
clones behave this way. The workaround this is to just watch for the end
of the transmit ring and make sure that al_start() breaks out of its
packet queuing loop and waiting until the current batch of transmissions
completes before wrapping back to the start of the ring. Fortunately, this
does not significantly impact transmit performance.
This is one of those things that takes weeks of analysis just to come
up with two or three lines of code changes.
on CDs and FTP sites.
o Collapse some redundant code.
o Fix typo'd menu.
o Restrict searches properly to packages rather than categories.
o Small tweaks to signal handling.
All RELENG_3 candidates.
being the same as the previous (still supported) ``host:port''
syntax for tcp socket devices.
A udp device uses synchronous ppp rather than async, and avoids
the double-retransmit overhead that comes with ppp over tcp (it's
usually a bad idea to transport IP over a reliable transport that
itself is using an unreliable transport). PPP over UDP provides
througput of ** 1.5Mb per second ** with all compression disabled,
maxing out a PPro/200 when running ppp twice, back-to-back.
This proves that PPPoE is plausable in userland....
This change adds a few more handler functions to struct device and
allows derivations of struct device (which may contain their own
data etc) to pass themselves through the unix domain socket for MP.
** At last **, struct physical has lost all the tty crud !
iov2physical() is now smart enough to restore the correct stack of
layers so that MP servers will work again.
The version number has bumped as our MP link transfer contents have
changed (they now may contain a `struct device').
Don't extract the protocol twice in MP mode (resulting in protocol
rejects for every MP packet). This was broken with my original
layering changes.
Add ``Physical'' and ``Sync'' log levels for logging the relevent
raw packets and add protocol-tracking LogDEBUG stuff in various
LayerPush & LayerPull functions.
Assign our physical device name for incoming tcp connections by
calling getpeername().
Assign our physical device name for incoming udp connections from
the address retrieved by the first recvfrom().
I simply forgot that I'd already proven this to be a "really good idea that
unfortunately didn't work at all" the *last* time I tried it. Now
I remember. Hmmm. I WILL defeat this evil problem.