that this provokes. "Wherever possible" means "In the kernel OR NOT
C++" (implying C).
There are places where (void *) pointers are not valid, such as for
function pointers, but in the special case of (void *)0, agreement
settles on it being OK.
Most of the fixes were NULL where an integer zero was needed; many
of the fixes were NULL where ascii <nul> ('\0') was needed, and a
few were just "other".
Tested on: i386 sparc64
- bzero the CCB header in getdevtree() and set the path properly, to
avoid having random garbage in the CCB header.
- if the lun isn't specified in a device specifier, it should default to
0, not whatever random data happens to be in the lun variable.
- move the prototype for getdevtree() out from under #ifndef MINIMALISTIC,
since it is used in both cases.
Submitted by: Marius Strobl <marius@alchemy.franken.de> (mostly)
MFC After: 2 weeks
libexec/ftp-proxy - ftp proxy for pf
sbin/pfctl - equivalent to sbin/ipf
sbin/pflogd - deamon logging packets via if_pflog in pcap format
usr.sbin/authpf - authentification shell to modify pf rulesets
Bring along some altq headers used to satisfy pfctl/authpf compile. This
helps to keep the diff down and will make it easy to have a altq-patchset
use the full powers of pf.
Also make sure that the pf headers are installed.
This does not link anything to the build. There will be a NO_PF switch for
make.conf once pf userland is linked.
Approved by: bms(mentor)
like tun are naming their modules using the 'if_; prefix and previous version of
the code failed to detect their presence in the kernel, resulting in the same
module being loaded twice.
created with the multilabel flag from inception. This simply
passes the "-l" flag on to newfs(8).
Obtained from: TrustedBSD Project
Sponsored by: DARPA, McAfee Research
permits users of newfs to set the multilabel flag on UFS1 and UFS2
file systems from inception without using tunefs.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, McAfee Research
nologin(8), this causes a considerable (100K) increase in the binary size,
so I've added a NO_LOGIN_LOG option which disables this.
While I'm here, s/sizeof(MESSAGE)/sizeof(MESSAGE) - 1/, in order to
avoid writing the string-terminating zero byte.
No complaints from: -current
Approved by: rwatson (mentor)
the corresponding manpage has been committed.
The rest of "vlan" words, which are refering
to the technology itself, should be capitalized.
MFC after: 1 week
"makedev" command for backwards compatibility, but just print out an
informational message (this was the current behaviour, anyway) and remove
it from the documentation.
Approved by: grog (mentor)
that ext2fs in the kernel supports async mounts. ext2fs used to
effectively force the -async flag on. -async for ext2fs only gives
async (more precisely, delayed) writes for inode updates, so it is
barely worth using even when it is safe.
This is the second of two commits; bring in the userland support to finish.
Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.
Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.
Sponsored by: sentex.net
These files had tags after the copyright notice,
inside the comment block (incorrect, removed),
and outside the comment block (correct).
Approved by: rwatson (mentor)
- Ensure that the buffer ends with "\n\0" to avoid special cases
and allow the use of strtol().
- Use strvisx() on each complete line instead of character by
character.
Submitted by: bde
MFC after: 1 week
lookup on an IP address from the packet (such as the IP that sent
a TTL exceeded error). If the DNS lookup takes a long time, ^C will
appear to be ineffective since the SIGINT handler just sets a flag
and returns. Work around this by exiting immediately on receipt of
a second SIGINT when DNS lookups are enabled.
PR: bin/4696
MFC after: 1 week
full, since that line is almost always incomplete. Make the parsing
of <%d> lines more strict.
Also simplify the logic a little:
- Start off by making the buffer linear so that we don't have to
deal with it wrapping around (suggested by bde).
- Process line by line rather than byte at a time.
has now has no effect except in combination with -p, and plain fsck
checks all file systems instead of skipping clean ones for msdosfs
only.
Renamed the force flag to skipclean and inverted its logic as in
fsck_ffs.
combined with the the signature check in a wrong way (basically
(dirty:= signature_recognised() && !clean) instead of
(mightbedirty:= !signature_recognized || !clean), so file systems
with unrecognized signatures were considered clean. Many of the
don't-care and reserved bits were not ignored, so some file systems
with valid signatures were unrecognized. One of my FAT32 file systems
has a signature of f8,ff,ff,ff,ff,ff,ff,f7 when dirty, but only
f8,ff,ff,0f,ff,ff,ff,07 was recognised as dirty for FAT32, so the
fail-unsafeness made my file system always considered clean.
Check the i/o non-error bit in checkdirty(). Its absence would give
an unrecognized signature in code that is unaware of it, but we now
mask it out of the signature so we have to check it explicitly. This
combines naturally with the check of the clean bit.
Reviewed by: rnordier (except for final details)
