libexec/ftp-proxy - ftp proxy for pf
sbin/pfctl - equivalent to sbin/ipf
sbin/pflogd - deamon logging packets via if_pflog in pcap format
usr.sbin/authpf - authentification shell to modify pf rulesets
Bring along some altq headers used to satisfy pfctl/authpf compile. This
helps to keep the diff down and will make it easy to have a altq-patchset
use the full powers of pf.
Also make sure that the pf headers are installed.
This does not link anything to the build. There will be a NO_PF switch for
make.conf once pf userland is linked.
Approved by: bms(mentor)
generic watchdoc(9) interface.
Make watchdogd(8) perform as watchdog(8) as well, and make it
possible to specify a check command to run, timeout and sleep
periods.
Update watchdog(4) to talk about the generic interface and add
new watchdog(8) page.
nologin(8), this causes a considerable (100K) increase in the binary size,
so I've added a NO_LOGIN_LOG option which disables this.
While I'm here, s/sizeof(MESSAGE)/sizeof(MESSAGE) - 1/, in order to
avoid writing the string-terminating zero byte.
No complaints from: -current
Approved by: rwatson (mentor)
This is the second of two commits; bring in the userland support to finish.
Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.
Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.
Sponsored by: sentex.net
hostname rather than an IP. The code was copying the pointer to the
IP address instead of the IP address itself. The bug has existed
ever since ypset was first imported in 1994.
PR: bin/62550
Submitted by: aardvark@saintaardvarkthecarpeted.com
MFC after: 1 week
loading on a particular version of Windows. For example, a .INF file
for a Windows 2000 driver may have an empty [foo.NT.5.1] section which
will be ingored on Win2K (whose .INF parser won't look for sections
decorated with .NT.5.1) in favor of a [foo] section. Likewise, a
WinXP file will have an empty [foo] section which will be ignored in
favor of [foo.NT.5.1].
The problem is, we can handle both Win2K and WinXP drivers, and we
don't want to exclude either one.
As a workaround, we try to pretend we are WinXP by default and search
for sections decorated with .NT.5.1, but if we don't turn up any records,
we assume that maybe we're being fooled by a sabotaged .INF file and
make one more pass looking for undecorated sections instead.
This allows us to parse the .INF files for both the Win2K and the WinXP
Centrino wireless drivers.
I'd give anything for 5 minutes alone in a room with whoever wrote
Microsoft's .INF file parser. Just 5 minutes. That's all.
for storing the "diff -n" output. Some files (eg ports/INDEX,v) are too
big nowadays to fit on the stack.
Submitted by: Stephen Montgomery-Smith <stephen@math.missouri.edu>
if the line doesn't match ^<%d>, then treat it as a regular kernel
printf line. Previously if a kernel printf message started with "<"
it would be interpreted as a log message, often with LOG_EMERG
level. This was triggered by some printfs in sys/dev/aic7xxx/, and
can also happen with the partial lines that result if syslogd cannot
keep up with the rate of arrival of kernel messages.
Reviewed by: dwmalone
MFC after: 1 week
