interpreted $command. Some "portable" sofware packages use such a
line to skip the task of figuring out the absolute pathname of the
interpreter at install time, e.g.:
#!/usr/bin/env python
It is insecure, but a popular book on Python seems to have advised
it to a wide audience. Hence a number of such scripts in the ports,
mostly written in Python.
PR: bin/100287
MFC after: 1 week
scripts, except for mdconfig* and jail. Such symbols are reserved
for the rc.subr internals. Most scripts can be fixed by just
declaring _foo symbols as local: few scripts actually need them to
be global.
Discussed with: dougb in freebsd-rc
Delete some duplicates found while double checking the new ones,
and fix a typo.
These haven't been sorted yet, but will be in a future commit.
PR: ports/40273
Submitted by: Achim Patzner <ap@proxon.bnc.net>
- Micro-optimize the addition of an 802.1q header to match the removal code.
- Consistently check for interfaces being up and running.
- Consistently use NULL instead of 0 with pointers.
- add some files to FILES section and provide their description
- reference devfs.conf and devfs.rules in SEE ALSO section
Approved by: keramida (mentor), trhodes (mentor)
With the second (and last) part of my previous Summer of Code work, we get:
-ipfw's in kernel nat
-redirect_* and LSNAT support
General information about nat syntax and some examples are available
in the ipfw (8) man page. The redirect and LSNAT syntax are identical
to natd, so please refer to natd (8) man page.
To enable in kernel nat in rc.conf, two options were added:
o firewall_nat_enable: equivalent to natd_enable
o firewall_nat_interface: equivalent to natd_interface
Remember to set net.inet.ip.fw.one_pass to 0, if you want the packet
to continue being checked by the firewall ruleset after being
(de)aliased.
NOTA BENE: due to some problems with libalias architecture, in kernel
nat won't work with TSO enabled nic, thus you have to disable TSO via
ifconfig (ifconfig foo0 -tso).
Approved by: glebius (mentor)
access plus timers. This makes the code
more portable and able to change out the
mbuf or timer system used more easily ;-)
b) removal of all use of pkt-hdr's until only
the places we need them (before ip_output routines).
c) remove a bunch of code not needed due to <b> aka
worrying about pkthdr's :-)
d) There was one last reorder problem it looks where
if a restart occur's and we release and relock (at
the point where we setup our alias vtag) we would
end up possibly getting the wrong TSN in place. The
code that fixed the TSN's just needed to be shifted
around BEFORE the release of the lock.. also code that
set the state (since this also could contribute).
Approved by: gnn
* Change the API of bridge_get_basemac to take a maximum buffer length.
bridge_if.c
* Adopt to new API.
* In bridge_attach_newif() remove an additional pointer to the buffer
by shuffling the code a bit. Also makes the code more readable.
bridge_sys.c
* bridge_get_basemac():
- Adopt to the new API.
- Change check for error code of getifaddrs().
- First check for sa_family != AF_LINK.
- Copy sockaddr_dl * to get around alignment constraints on some
platforms.
- Use strcmp instead of strncmp so that "foo11" != "foo1".
* other functions:
- Allocate n times of the struct we need instead of arbitrary len,
cast to the type we want it to be and pass around struct *s instead
of char *s. This gets us around alignment restrictions on some
platforms and in addition it is more clear what data is passed around.
- Name variables for same types consistently.
Reviewed by: syrinx
- Somewhat improve wording.
- Change the layout of the EXAMPLES section so that descriptions
come before example, as in most other manpages.
- Fix a bad example that edits a label using a `c' partition.
semantics.
- Stop testing bpf pointers for NULL. In some cases use
bpf_peers_present() and then call the function directly inside the
conditional block instead of the macro.
- For places where the entire conditional block is the macro, remove the
test and make the macro unconditional.
- Use BPF_MTAP() in if_pfsync on FreeBSD instead of an expanded version of
the old semantics.
Reviewed by: csjp (older version)
lookup early. This has some performance implications and should not be
enabled by default, but might help greatly in certain setups. After some
more testing this could be turned into a sysctl.
Tested by: avatar
LOR ids: 17, 24, 32, 46, 191 (conceptual)
MFC after: 6 weeks
MPLOCKED. The cleaning in rev.1.25 was supposed to have been undone
by rev.1.26, but 1.26 could never have actually affected asm files
since atomic.h is full of C declarations so including it in asm files
would just give syntax errors. The asm MPLOCKED is even less needed
than when misplaced definitions of it were first removed, and is now
unused in any asm file in the src tree except in anachronismns in
sys/i386/i386/support.s.
manipulation is visible to the subject process. Remove XXX comments
suggesting this.
Convert one XXX on a difference from Darwin into a note: it's not a
bug, it's a feature.
Obtained from: TrustedBSD Project
