pf_ioctl.c Revision 1.153 Sun Aug 7 11:37:33 2005 UTC by dhartmei
| verify ticket in DIOCADDADDR, from Boris Polevoy, ok deraadt@
pf_ioctl.c Revision 1.158 Mon Sep 5 14:51:08 2005 UTC by dhartmei
| in DIOCCHANGERULE, properly initialize table, if used in NAT rule.
| from Boris Polevoy <vapcom at mail dot ru>, ok mcbride@
pf.c Revision 1.502 Mon Aug 22 11:54:25 2005 UTC by dhartmei
| when nat'ing icmp 'connections', replace icmp id with proxy values
| (similar to proxy ports for tcp/udp). not all clients use
| per-invokation random ids, this allows multiple concurrent
| connections from such clients.
| thanks for testing to Rod Whitworth, "looks ok" markus@
pf.c Revision 1.501 Mon Aug 22 09:48:05 2005 UTC by dhartmei
| fix rdr to bitmask replacement address pool. patch from Max Laier,
| reported by Boris Polevoy, tested by Jean Debogue, ok henning@
Obtained from: OpenBSD
MFC after: 3 days
times consequently, without checking whether callout has been serviced
or not. (ng_pptpgre and ng_ppp were catched in this behavior).
- In ng_callout() save old item before calling callout_reset(). If the
latter has returned 1, then free this item.
- In ng_uncallout() clear c->c_arg.
Problem reported by: Alexandre Kardanev
First, mutexed callouts are incompatible with netgraph nodes, because
netgraph(4) can guarantee that the function will be called with mutex
held.
Second, nodes should not send data to their neighbor holding their
mutex. A node does not know what stack can it enter sending data in
some direction. May be executing will encounter a place to sleep.
New locking:
- ng_pptpgre_recv() and ng_pptpgre_xmit() must be entered with mutex held.
- ng_pptpgre_recv() and ng_pptpgre_xmit() unlock mutex before
sending data and then return unlocked.
- callout routines acquire mutex themselves.
appear in tmpmfs and varmfs default flags explicitly.
Explain why -M is good for these file systems (it maximizes
performance and makes the system more stable at low memory
conditions by reducing the chance of thrashing.)
Bump .Dd accordingly.
MFC after: 3 days
struct bufs that are persistently held by ext2fs. Ignore any buffers
with this flag in the code in boot() that counts "busy" and dirty
buffers and attempts to sync the dirty buffers, which is done before
attempting to unmount all the file systems during shutdown.
This fixes the problem caused by any ext2fs file systems that are
mounted at system shutdown time, which caused boot() to give up on
a non-zero number of buffers and skip the call to vfs_unmountall().
This left all the mounted file systems in a dirty state and caused
them to all require cleanup by fsck on reboot.
Move the two separate copies of the "busy" buffer test in boot()
to a separate function.
Nuke the useless spl() stuff in the ext2fs ULCK_BUF() macro.
Bring the PRINT_BUF_FLAGS definition in sys/buf.h up to date with
this and previous flag changes.
PR: kern/56675, kern/85163
Tested by: "Matthias Andree" matthias.andree at gmx.de
Reviewed by: bde
MFC after: 3 days
here is the support for amd64, as well as possible support for PAE. Many
thanks to Highpoint for continuing to support FreeBSD.
Obtained from: Steve Chang @ Highpoint
MFC After: 3 days.
o Note that the first 255 locations are reserved for JEDEC Ids from
publication 106 (current revision Q, each one verified with
JEDEC and the PMCICA).
o Move ADAPTEC2 to the right section.
o Sort TOSHIBA2 numerically.
-- Made the synopses more precise.
-- Added argument to flag in option description.
-- Moved -b default and limits to option description (to un-hide).
-- Noted several behaviors that were not mentioned.
-- A few more trivial changes.
PR: docs/46787
Approved by: keramida
MFC after: 3 days
a -B option which causes bpf peers to be printed. This option can be
used in conjunction with -I if information about specific interfaces
is desired. This is similar to what NetBSD added to their version of
netstat.
$ netstat -B
Pid Netif Flags Recv Drop Match Sblen Hblen Command
1137 lo0 p--s-- 0 0 0 0 0 tcpdump
205 sis0 -ifs-l 37331 0 1 0 0 dhclient
$
$ netstat -I lo0 -B
Pid Netif Flags Recv Drop Match Sblen Hblen Command
1174 lo0 p--s-- 0 0 0 0 0 tcpdump
$
-Add bpf.c which stores all the code for retrieving and parsing bpf
related statistics.
-Modify main.c to add support for the -B option and hook it into the
program logic.
-Add bpf.c to the build.
-Document this new functionality in the man page and bump the revision
date.
-Add prototype for bpf_stats function.
dl100xx case.
o We no longer acquire and release resources during attach many times. We now
do it once at the beginning.
o Move setting the resource offsets to just after acquiring the ports in
attach.
o Move ax88x90 code to the end of the file, just after the dl100xx specific
code.
o Rename ed_pccard_Linksys to ed_pccard_dl100xx to reflect the underlying
chipset.
o Pass the ed_product structure into ed_pccard_{dl100xx,ax88x90} and have
those routines test the flags to see if this card should be probed in that
way.
o transition from ed_probe_Novell to ed_probe_Novell_generic since we already
have the resources setup.
o Move use of ed_probe_Novell_generic into ed_pccard_dl100xx to be more
consistant with ax88x90 case.
o simplify the code where we probe for the chipsets
the probe code that this used to be part of, but as part of the
attach, we shouldn't be dropping the resources here.
Also, allocate the proper rid in the ax88x90 setup.
as yet unknown, those cards report their MAC address a byte at a time.
However, other AX88x90 cards report the MAC address a word at a time.
Add a heuristic which looks at the high order bytes of the first 6
words. If they are all '0', assume the card is behaving like the
Linksys EC2T card. Since the default prefix for these cards appears
to be 00:e0:98, this appears to be a safe heuristic. While some cards
have been observed with different prefixes, they all work with this
heuristic.
I'm unsure if this is a bug in the EC2T card, or if it is a bug in the
initialization of the card. No other OS has this heuristic (although
w/o it, the MAC address that is used works).
listed in different orders. Since it is easy to identify the Modem
resources vs the Ethernet resources by looking at the size, use that
rather than hard coded rids. For such parts, go ahead and guess which
rid we should use based on the size. This guess appears reliable for
the two example cards that I have with different CIS info.
assigned to the interface.
IPv6 auto-configuration is disabled. An IPv6 link-local address has a
link-local scope within one link, the spec is unclear for the bridge case and
it may cause scope violation.
An address can be assigned in the usual way;
ifconfig bridge0 inet6 xxxx:...
Tested by: bmah
Reviewed by: ume (netinet6)
Approved by: mlaier (mentor)
MFC after: 1 week
and linting procedure:
1. Remove useless sub-expression:
- if (*start || (!ifsspc && start > string && (nulonly || 1))) {
+ if (*start || (!ifsspc && start > string)) {
The sub-expression "(nulonly || 1)" always evaluates to true and
according to CVS logs seems to be just a left-over from some
debugging and introduced by accident. Removing the sub-expression
doesn't change semantics and a code inspection showed that the
variable "nulonly" is also not necessary here in any way (and the
expression would require fixing instead of removing).
2. Remove dead code:
- if (backslash && c == '\\') {
- if (read(STDIN_FILENO, &c, 1) != 1) {
- status = 1;
- break;
- }
- STPUTC(c, p);
- } else if (ap[1] != NULL && strchr(ifs, c) != NULL) {
+ if (ap[1] != NULL && strchr(ifs, c) != NULL) {
Inspection of the control and data flow showed that variable
"backslash" is always false (0) when the "if"-expression is
evaluated, hence the whole block is effectively dead code.
Additionally, the skipping of characters after a backslash is already
performed correctly a few lines above, so this code is also not
needed at all. According to the CVS logs and the ASH 0.2 sources,
this code existed in this way already since its early days.
3. Cleanup Style:
- ! trap[signo][0] == '\0' &&
+ ! (trap[signo][0] == '\0') &&
The expression wants to ensure the trap is not assigned the empty
string. But the "!" operator has higher precedence than "==", so the
comparison should be put into parenthesis to form the intended way of
expression. Nevertheless the code was effectively not really broken
as both particular NUL comparisons are semantically equal, of course.
But the parenthesized version is a lot more intuitive.
4. Remove shadowing variable declaration:
- char *q;
The declaration of symbol "q" hides another identical declaration of
"q" in the same context. As the other "q" is already reused multiple
times and also can be reused again without negative side-effects,
just remove the shadowing declaration.
5. Just small cosmetics:
- if (ifsset() != 0)
+ if (ifsset())
The ifsset() macro is already coded by returning the boolean result
of a comparison operator, so no need to compare this boolean result
again against a numerical value. This also aligns the macros usage to
the remaining existing code.
Reviewed by: stefanf@
of the form "REFUSE foo" in portsnap.conf will result in parts of the
tree matching "^foo" being (a) not extracted by "portsnap extract", (b)
not updated by "portsnap update", and (c) not having any patches or new
ports downloaded by "portsnap fetch" or "portsnap cron". The example
shown in portsnap.conf demonstrates ignoring all the language categories.
As mentioned in portsnap.conf.5, the use of an imcomplete ports tree is
not officially supported; but this is something which many users have
requested, so I'm adding it anyway.
PR: bin/85619 (but not the patch provided therein)
MFC after: 1 month
does not clear m_nextpkt for us. The mbufs are sent into netgraph and
then, if they contain a TCP packet delivered locally, they will enter
socket code again. They can pass the first assert in sbappendstream()
because m_nextpkt may be set not in the first mbuf, but deeper in the
chain. So the problem will trigger much later, when local program
reads the data from socket, and an mbuf with m_nextpkt becomes a
first one.
This bug was demasked by revision 1.54, when I made upcall queueable.
Before revision 1.54 there was a very small probability to have 2
mbufs in GRE socket buffer, because ng_ksocket_incoming2() dequeued
the first one immediately.
- in ng_ksocket_incoming2() clear m_nextpkt on all mbufs
read from socket.
- restore rev. 1.54 change in ng_ksocket_incoming().
PR: kern/84952
PR: kern/82413
In collaboration with: rwatson