new sample database files, so that they will be installed with make
distribution. NOSPAM probably ought to be renamed to MAIL.
Reviewed by: peter
Approved by: jkh
as well as rename access.txt back to the standard access. Also modify
the Makefile to know how to build hashes for each of these databases.
If one of the databases is missing when Make is run, use a commented
out version of the sample.
Reviewed by: peter
Approved by: jkh
- 6to4(stf) interface configuration.
- Static route configuration.
- Comment additions.
- Replaced a still existed '@' to '%' in IPv6 scoped addr format.
(This became necessary as previous IPv6 scoped addr format change.)
Much thanks to ume, who helped me reviewing, testing, and finding problems
with these changes.
Approved by: jkh
Reviewed by: ume
to avoid error messages printed on /var/log/messages.
Recently added "stf" interface has IFF_MULTICAST bit set,
because IPv6 don't work on non IFF_MULTICAST set interfaces
in current implementation.
But "stf" interface is multi-dest IPv6 over IPv4 tunnel, so
can't treat multicast packet with no special configuration.
On the other hand, tools like "rtadvd", "pim6dd", "pim6sd"
send messages on IFF_MULTICAST set interfaces by default.
So there will be many bogus error message on /var/log/messages,
that multicast packets sent to "stf0" failed.
So,
-strip "stf0" from rtadvd sending interfaces in rc.network6
("rtadvd" is a daemon used only for local subnet, so it
will never need to send its packets over "stf0" interfaces.)
-Add default configuration files for "pim6dd" and "pim6sd",
and disable "stf0" in those files.
Approved by: jkh
modem side of my Xircom CreditCard Ethernet+Modem 33.6. Eliminate bad
Xircom entry. Complete IBM Push/Pop Modem(14.4 -> Push/Pop
Modem(14.4K).
Approved in concept by: jkh
o Correct Entry for Intel EtherExpress (jkoshy)
o Add Option International 56K modem (markm)
o Socket LP-E low power WinCE ethernet card (imp)
Correction approved by: jkh
Adding devices approved in principle by: jkh
even simple things like md5 and ping aren't in your path. This patch
moves the custom root-path setting from .login to .cshrc, so that users
who su to root get a decent (and consistent) path. An appeal to change
/etc/login.conf to provide a decent path for all users seems to have been
vetoed for the time being. As a result, users will still, by default,
not find ping or md5 in their path. However, at least root gets a decent
default now.
Reviewed by: asmodai
Approved by: jkh
o use ata2 consistanty, even though it doesn't matter too much
o SunDisk (aka SanDisk) SDP's need a different config to actualy work
(tested on the 10M part) by me.
o Non-name ata card.
o WIT IDE controller
o IBM FLASH card
o Megahert 28.8 cellular modem that I thought I'd added before.
o LinkMake LM 336 combo modem/fax.
Submitted by various people and gleaned from the nomads and mobile
mailing lists, but I've lost the names. I'm sorry.
Also enable some standard IPv6 apps by default.
These entries will be simply ignored on systems with no INET6 defined.
Approved by: jkh
Suggested by: peter
interfaces passed to rtadvd
-Comment out example sentences more completely
-Redirect error message of ifconfig output into /dev/null, to correctly
find out working IPv6 interfaces
Approved by: jkh
Initial version created by, and kindly much tested by:
bmah@CA.Sandia.GOV (Bruce A. Mah)
Approved by: jkh
Reviewed by: bmah@CA.Sandia.GOV (Bruce A. Mah),
Ollivier Robert <roberto@keltia.freenix.fr>
Obtained from: KAME project
MAKEDEV all, making DHCP on multiple interfaces happier, and allowing use
of tcpdump to to debug DHCP, without creating more devices.
(we need devfs)
Modify MAKEDEV to create four tun devices in MAKEDEV all as well, since
we're being gratuitous with network pseudo-devices.
(we need devfs)
Approved by: The Hubbard
action when denying access to a service. Unfortunately, this also makes
a dandy denial-of-service attack possible. Change to just log the event
and shoot a "go away" response back down the socket.
S/Key authentication for ftpd was not working due to ftp implementation and
/etc/pam.conf missmatch.
So add ftpd entries into /etc/pam.conf.
Reported by: "Jose M. Alcaide" <jose@we.lc.ehu.es>
Approved by: jkh
Reviewed by: markm
interface on the dhclient command line. Not doing so screws up vmware's
network interface by attempting to configure it for DHCP (which will
never work, of course). It also would impact any other interface that
may be present that, again, would likely be manually configured for
some other purpose.
Approved by: jkh
strictly a security hole, but neither is it a very good idea. Replace
it with a symlink to /dev/null to happify programs that expect it.
It is suggested that users of the jail environment modify the jail's
syslog.conf to not send stuff to /dev/console, but instead syslog
it somewhere else. Such as a loghost, potentially even to the host
environment's syslog.
Approved by: jkh
/etc/Makefile so that if it is defined, MAKEDEV all is not called
during a make distribution. This helps clean up the messy userland
in jail(), by reducing the number of devices exposed in jail.
Modifications to jail(2) to follow.
Approved by: jkh-arius
an all.log for logging all messages, and one to demonstrate use of loghosts.
Also, a matching entry in newsyslog.conf for all.log.
Per request of Garrett Wollman, also modified the maillog entry to use the
@T newsyslog time specification mechanism. Because newsyslog doesn't
support the mod date specification machanism, couldn't change other
entries that required more than one execution a month, but less than once
a day.
Approved by: jkh
Reviewed by: freebsd-security
Reviewed by: joerg
The isdnd is able to listen on a socket for isdnmonitor to connect to
it to remotely control it (similar to ppp and pppctl). When this is
enabled in the isdnd config file, it will fail currently because isdnd
is started before the network interfaces are configured.
It is necessary to move the isdnd start after the ifconfig of the network
interfaces, then this problem will not occur.
happen with a keyboard and monitor the console change was not as needed
in the i386 case as the Alpha case. IMO >50% of Alpha installs are using
a serial console, the change matching rev 1.7 should not be backed out.
devices because accessible by group wheel instead of group operator.
Didn't fix fishy group for rsa*.ctl. This device should have group operator
if that is safe, or mode 600 and group wheel.
Removed ssc and uk*.
Removed bogus (redundant) chmod's to 600.
# Apollo PCMCIA Ethernet Adapter
# Olicom OC2220
# National Semiconductor InfoMover NE4100
I forgot who submitted the first two, but the third one was submitted
by Jim Bloom.
draft-manning-dsua-01.txt.
Stop using public addresses as samples and use the recommended
192.0.2.0/24 netblock that has specifically been set aside for
documentation purposes.
Reviewed by: readers of freebsd-security did not respond to a request
for review
o Fix entry for Megahertz XJ4336-CC4336. Old config (sio1) seems
conflict with IrDA port or COM port on some laptop and sometimes
totally hang up after insertion.
o Add 'NTT DoCoMo Mobile D Card 96P1' which is used by many
people in Japan.
Reviewed by: imp
that it does not reset the printer when opened. This fixes the problem
of printing a document almost till the end and then resetting the
printer when the next print job is started.
Submitted by: Christopher Masto <chris@netmonger.net>
Also, remove all but the ums0 device from the fixit target 'to save
precious i-nodes on the fixit floppy'.
o Make sure every entry has a logger event on insert/delete
o Make sure that the order of loggers is consistant
o Add D-Link DEF-650
o use /sbin/ifconfig consistantly
o Add Elecom Laneed LD-CDE, NTT DoCoMo Paldio 321S and 341S
(from shige@FreeBSD.org)
We were supposed to get these in far earlier and didn't, hence
the commit after feature freeze. A promise is a promise. :)
Submitted by: Sascha Schumann <sascha@schumann.cx>
Changes are:
- rpc.umntall is called at the right places now in /etc/rc*
- rpc.umntall timeout has been lowered from two days (too high) to one
- verbose messages in rpc.umntall have been clarified
- kill double entries in /var/db/mounttab when rpc.umntall is invoked
- ${early_nfs_mounts} has been removed from /etc/rc
- patched mount(8) -p to print different pass/dump values for ufs filesystems.
(last patch recieved from dan <bugg@bugg.strangled.net>)
Submitted by: Martin Blapp <mbr@imp.ch>, dan <bugg@bugg.strangled.net>
NICs. (Finally!) The PCMCIA, ISA and PCI varieties are all supported,
though only the ISA and PCI ones will work on the alpha for now.
PCCARD, ISA and PCI attachments are all provided. Also provided an
ancontrol(8) utility for configuring the NIC, man pages, and updated
pccard.conf.sample. ISA cards are supported in both ISA PnP and hard-wired
mode, although you must configure the kernel explicitly to support the
hardwired mode since you have to know the I/O address and port ahead
of time.
Special thanks to Doug Ambrisko for doing the initial newbus hackery
and getting it to work in infrastructure mode.
PC Card (PCMPC100). the entry was one character
short...the final ")" was missing.
Pointed out by: Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org
of the SOA 'minimum' field. Now it's necessary to define $TTL seperately
to shut it up. Bind does reasonable things by default but it's annoying
still.
PR: 15834
Submitted by: Daniel Lewart <d-lewart@uiuc.edu>
in the 3.x branch. Also remove the dependency on /usr to find the
boot address/interface.
Mostly-submitted-abd-tested-by: MIHIRA Sanpei Yoshiro <sanpei@sanpei.org>
Improve the internal mknod() to understand being passed an (optional)
user:group specification.
Don't apply root:wheel to nodes explicitly anywhere, it's the default.
Remove an odd looking uucp:wheel assignment, as it's inconsistent with
all the other tty?? devices.
5in HD 2 heads, 77 cylinders, 8 sectors/track, 1024 bytes/sector
5/3.5in DD 2 heads, 80 cylinders, 8 sectors/track, 512 bytes/sector
Meanings of the rogrammer-readeble fd name were explained by Brian
Fundakowski Feldman and Peter Wemm in hackers list and NOKUBI
Hirotaka.
Reviewed by: nyan
Fixed some style bugs for cam (superflous umask and missing newline).
Fixed bogons for apm. The pattern "apm*" matched too many things; apm
and apmctl were both made twice by `MAKEDEV all'. Hopefully no one
depends on `MAKEDEV apm0' making apm or on `MAKEDEV apm' making apmctl.
more comprehensive. Previously, at least colour changes were not
applied to all virtual consoles.
PR: 15066
Reported by: Andy Farkas <andyf@speednet.com.au>
Submitted by: yokota