Commit Graph

15188 Commits

Author SHA1 Message Date
Paul Traina
cc98643e68 Completely rewrite handling of protocol field for firewalls, things are
now completely consistent across all IP protocols and should be quite a
bit faster.

Discussed with: fenner & alex
1996-08-13 19:43:41 +00:00
Paul Traina
978eb210d1 Completely rewrite handling of protocol field for firewalls, things are
now completely consistent across all IP protocols and should be quite a
bit faster.

Use getprotoname() extensively, performed minor cleanups of admin utility.
The admin utility could use a good kick in the pants.

Basicly, these were the minimal changes I could make to the code
to get it up to tollerable shape.  There will be some future commits
to clean up the basic architecture of the firewall code, and if
I'm feeling ambitious, I may pull in changes like NAT from Linux
and make the firewall hooks comletely generic so that a user can
either load the ipfw module or the ipfilter module (cf Darren Reed).

Discussed with: fenner & alex
1996-08-13 19:43:24 +00:00
Peter Wemm
1ec21d5930 Fix nasty bracketing/precedence bug. Every time something read (and
refilled) a file that was either line- or un-buffered, all files were
flushed.  According to the code comment, the flush (according to ANSI)
is supposed to happen on write + line buffered output files, not _all_
files.

Obtained from: OpenBSD / Theo de Raadt, possibly from proven@cygnus.com
1996-08-13 17:49:45 +00:00
Andrey A. Chernov
c2bfae006a Back out fallback approximation changes, they are not so right to live 1996-08-13 17:03:18 +00:00
Bill Fenner
aba3a4ce1b Fix last commit (and PR bin/1489) by creating both sockets before
setuid().
1996-08-13 16:28:59 +00:00
Andrey A. Chernov
298f0ef3a2 Add collate_range_cmp 1996-08-13 14:55:09 +00:00
Andrey A. Chernov
2c4b0dffec Back out minor bumping per Peter suggestion 1996-08-13 14:37:53 +00:00
Andrey A. Chernov
c368dc7c7e Use collate for alpha character ranges 1996-08-13 14:33:05 +00:00
Andrey A. Chernov
5dc826672f Use collate for alpha character ranges 1996-08-13 14:21:48 +00:00
Andrey A. Chernov
e7dc576816 #if !ANSI !POSIX newly added collate_range_cmp function 1996-08-13 14:01:40 +00:00
Andrey A. Chernov
83d8106e1a simplify/speedup/extend 1996-08-13 13:38:35 +00:00
Jordan K. Hubbard
71a074386a Reverse my patch which erroneously removed the library dependencies
for a library.  They're needed.
1996-08-13 12:46:10 +00:00
Andrey A. Chernov
d293aead89 New collating rules, reflect POSIX better now 1996-08-13 12:20:11 +00:00
Andrey A. Chernov
ce78364150 Bump minor number - new function added 1996-08-13 10:00:35 +00:00
Peter Wemm
403b820b67 Fix a few minor type problems that turned up with gcc-2.7.2 1996-08-13 09:21:38 +00:00
Peter Wemm
2db86e5b74 Add RTF_STATIC to default route's flags in the hope that routed will no
longer remove it while it is running.
1996-08-13 09:19:45 +00:00
Peter Wemm
b49090e691 Add RTF_STATIC to flags when creating a default route. Hopefully this
will stop routed from removing it if it is also running.
1996-08-13 09:16:49 +00:00
Peter Wemm
fb128913a9 Same as non-secure telnetd, add support for ``-P altlogin'' to specify
an alternate /usr/bin/login type program to be run.
1996-08-13 07:53:54 +00:00
Peter Wemm
326bbdd92f Add a ``-P altlogin'' option which allows the sysadmin to specify an
alternate login(1) type program to run.
1996-08-13 07:51:45 +00:00
Julian Elischer
ed9a71b7fc symlink support in devfs.
it only barely works so don't get too carried away..
I noticed that teh symlink is length 0..
I guess I'll fix that tomorrow..
it also sometimes panics with "cleaned vnode isn't" but it's not more
broken than it was before.. I really want to go over it with someone
who understands the lifecycle of a vnode better than I do..

terry?
kirk?
david?
john?
1996-08-13 07:21:45 +00:00
Paul Traina
d026a5d864 Attempt to unlink any stale .o files before relocating code.
Abort if a file is still present, and make output file mode 0600.

Reviewed by:	bde
1996-08-13 00:50:59 +00:00
Paul Traina
4e4413decd Cover a potential buffer overrun problem 1996-08-13 00:43:01 +00:00
Paul Traina
73e3fe9132 Fix tcp/udp port ranges 1996-08-13 00:41:05 +00:00
Chuck Robey
a194eef2f8 Change in man page to document "-" flag as stdin/stdout, add
example showing how to move file hierarchies.
Reviewed by:	jkh
1996-08-13 00:13:49 +00:00
Andrey A. Chernov
c07cbf9cf8 Take out 0201-0207 range - those characters abused by sh 1996-08-12 22:14:50 +00:00
Andrey A. Chernov
a1a0a1f9c7 Convert to newly added collate compare function 1996-08-12 21:32:15 +00:00
Joerg Wunsch
3f0aecd3b5 Fix two minor oddities introduced by my yesterday's patches:
. preserve a multi-char sequence in a small static buffer inside
  pccngetc(), so it won't be clobbered later (used to happen when
  breaking into DDB user Ctrl-Alt-ESC), and

. simplify the ``keystroke is present'' determination in sgetc(), thus
  making pccncheck() actually working without waiting for a keystroke.
1996-08-12 21:31:07 +00:00
Garrett Wollman
9f0a4b33d9 Back out mistaken local change that sneaked in on the last commit. 1996-08-12 20:03:16 +00:00
Garrett Wollman
0b5b0f16a9 Don't declare the user_ldt functions unless USER_LDT is defined.
Eliminates an obnoxious warning.
1996-08-12 19:57:10 +00:00
Andrey A. Chernov
c906f8d406 Convert to newly added collate compare function 1996-08-12 19:31:11 +00:00
Andrey A. Chernov
b339a4060f Remove old version hooks 1996-08-12 19:18:47 +00:00
Andrey A. Chernov
5f02527325 Convert to newly aded collate compare function 1996-08-12 19:12:40 +00:00
Andrey A. Chernov
38378332f6 Convert to newly aded collate compare function 1996-08-12 19:04:24 +00:00
Andrey A. Chernov
acd9f20695 Convert to newly aded collate compare function 1996-08-12 18:56:38 +00:00
Andrey A. Chernov
79deb12410 Convert to newly aded collate compare function 1996-08-12 18:49:54 +00:00
Andrey A. Chernov
883a3266d1 There is so many places where range comparation (using collate)
needed (much more than I think initially), so I forced to add
new user-visible non-standard function to libc.
1996-08-12 18:38:49 +00:00
Andrey A. Chernov
806af72bd9 There is so many places where range comparation (using collate)
needed (much more than I think initially), so I forced to add
new user-visible non-standard function to libc.
1996-08-12 18:30:43 +00:00
Andrey A. Chernov
a0ef95d4b3 Use collate for alpha character ranges 1996-08-12 18:03:54 +00:00
Andrey A. Chernov
83d7542f35 Pick collate info too 1996-08-12 17:55:41 +00:00
Peter Wemm
08424dfaa3 Extend the poll code so that it can periodically scan the host cards
for work regardless of whether there was an interrupt.  This needs more
work, it should be able to run better when there are more than 3 host
cards present, ie: all cards in polling-only mode with no IRQ.  (The
host cards have a choice of 3 irq's, 11, 12, or 15, or just polling)
1996-08-12 17:12:07 +00:00
Peter Wemm
c00062b834 Add a simple -v (verbose) option that allows you to see when -C actually
installs something.  This is not 100% right, since it has a false hit
when install -C snaps hard links.

Also, run strip(1) from the $PATH, otherwise you need a special version
of install to install (say) elf binaries which have a different strip.
With JDP's elfkit, the layout of the path determines which binary format
you are generating.
1996-08-12 17:03:30 +00:00
John Fieber
c9e1a96c5a &ero; -> & 1996-08-12 16:07:50 +00:00
Peter Wemm
366982a550 Add new option to chpass: -e "expire" ; change the account expire time
from a script as if it was done in the interactive editor.

When reassembling the gecos string, trim any excess trailing commas, they
look ugly in the passwd file. :-)

Have a simple Makefile tweak to prevent mortal users from changing their
fullname.  As ISP's we have seem some real bizzare stuff here..

When decoding the change/expire string, allow the month number as a
synonym for the name of the month.. (ie: 1 as well as Jan or January)
Note that using numbers means there's a chance that you can get bitten
if you're not used to the American DD-MM-YY order.
1996-08-12 14:45:26 +00:00
Peter Wemm
ce70b6caf8 clear sockaddr_in's on stack before use
set sin_len
close one ftp port bounce attack
have rresvport() use bindresvport() rather than duplicate the code,
  rresvport() is a superset of bindresvport().

Obtained from: OpenBSD / Jason Downs / Theo de Raadt, minor tweaks by me.
1996-08-12 14:14:09 +00:00
Peter Wemm
cf2fcd35dd Use the more robust and more efficient reserved port allocation mechanism
now built into bind(2).

Obtained from: OpenBSD / Jason Downs / Theo de Raadt
1996-08-12 14:09:46 +00:00
Peter Wemm
bbd42ad0e5 Add two more portrange sysctls, which control the area of the below
IPPORT_RESERVED that is used for selection when bind() is told to allocate
a reserved port.

Also, implement simple sanity checking for all the addresses set, to make
it a little harder for a user/sysadmin to shoot themselves in the feet.
1996-08-12 14:05:54 +00:00
Peter Wemm
54edc0bbbf clear various struct sockaddr_in's on stack, set sin_len.
(Noticed when comparing to OpenBSD source)
1996-08-12 14:00:26 +00:00
Jordan K. Hubbard
f2b2a91e75 Fix broken modtime preservation code. *Now* it preserves the modtime
correctly!
Noticed-By: knarf@camelot.de (Frank Bartels)
1996-08-12 12:55:26 +00:00
Andrey A. Chernov
917de9be32 Simplify expression 1996-08-12 12:31:28 +00:00
Andrey A. Chernov
351472c6df Pick collate info too 1996-08-12 12:24:20 +00:00