Close the ip-fragment hole.
Waste less memory.
Rewrite to contemporary more readable style.
Kill separate IPACCT facility, use "accept" rules in IPFIREWALL.
Filter incoming >and< outgoing packets.
Replace "policy" by sticky "deny all" rule.
Rules have numbers used for ordering and deletion.
Remove "rerorder" code entirely.
Count packet & bytecount matches for rules.
Code in -current & -stable is now the same.
to enable IP forwarding, use sysctl(8). Also did the same for IPX,
which involved inventing a completely new MIB from whole cloth (which
I may not quite have correct); be aware of this if you use IPX forwarding.
(The two should never have been controlled by the same option anyway.)
or deleted.
Motivated by: `int doclusteread = 1;' in ext2_vnops.c redefined
doclusterread if DEBUG is defined, so it could not have worked.
This was fixed by staticizing things before it caused problems.
I didn't find any more cases like this.
LINT: add a couple of new/missing/undocumented options
files.i386: add linux code so that you can compile a kernel with static
linux emulation ("options LINUX")
i386/*: use #if defined(COMPAT_LINUX) || defined(LINUX) to enable static
support of linux emulation (just like "IBCS2" makes ibcs2 static)
The main thing this is going to make obvious, is that the LINUX code
(when compiled from LINT) has a lot of warnings, some of which dont look
too pleasant..
allow one EISA/ISA/PCI/VL Buslogic controller to be probed. The driver
is almost fully dynamic. It just needs some kdc work and for the SCSI code
to stop passing unit numbers up in the scsi_xfer struct.
o Add signed/unsigned functionality to the matrox meteor device driver.
o Apply a few fixes to the sound driver.
o Add a ``SPIGOT_UNSECURE'' compile time definition so, if one defines
SPIGOT_UNSECURE in their conf file, then they can use the spigot w/o
root. There is a warning that this allows users access to the IO
page which is probably not secure.
Submitted by: james
Submitted by: fgray@rice.edu
this driver hasn't been checked but as a separate module, bringing it in won't
break anything else and it't the best way of testing it......
julian
Submitted by: Mike Mitchell, supervisor@alb.asctmd.com
This is a bulk mport of Mike's IPX/SPX protocol stacks and all the
related gunf that goes with it..
it is not guaranteed to work 100% correctly at this time
but as we had several people trying to work on it
I figured it would be better to get it checked in so
they could all get teh same thing to work on..
Mikes been using it for a year or so
but on 2.0
more changes and stuff will be merged in from other developers now that this is in.
Mike Mitchell, Network Engineer
AMTECH Systems Corporation, Technology and Manufacturing
8600 Jefferson Street, Albuquerque, New Mexico 87113 (505) 856-8000
supervisor@alb.asctmd.com
Extend test coverage:
Add and enable undocumented options TCPDEBUG, COMPAT_LINUX and IBCS2.
Add but disable (broken) pseudo device tb.
Add and enable pseudo devices su, ssc.
Add but disable (broken) devices sscape0, trix0.
Add and enable device bqu0.
had a 2.1 tag, thus sending these two changes into the 2.1 branch instead
of -current. Argh. I may bring these changes into the 2.1 anyway (they're
benign there) so I'm not going to admin them out of 2.1 for the time
being.