It also squashes 99% of packet kiddie synflood orgies. For example, to
rate syn packets without MSS,
ipfw pipe 10 config 56Kbit/s queue 10Packets
ipfw add pipe 10 tcp from any to any in setup tcpoptions !mss
Submitted by: Richard A. Steenbergen <ras@e-gerbil.net>
This may break some scripts, but with the number of ways users can damage
a system with this tool, it's important to make sure they specify which
device they want to talk to.
Suggested by: joerg
can be viewed more easily with a pager.
Regular (i.e. short) usage output is still sent to stderr.
PR: bin/12358
Submitted by: Christian Weisgerber <naddy@mips.rhein-neckar.de>
/var/log/vinum_history. Also check that any existing history file is
a regular file.
Admonished-by: imp
Allow stopping long-running commands with ^C (well, SIGINTR).
Previously this would stop the program.
directly off the drives.
This command shows a minor problem: it requires that the device nodes
exist, whereas kernel Vinum does not. Thus dumpconfig may show no
configuration for certain drives which are up and happily running.
This is documented in the man page.
libcam/Makefile: Add scsi_da.c to libcam for the new
scsi_format_unit() function.
camcontrol.8: Update the man page for the new format
functionality, and take out the examples section
describing how to do it with 'camcontrol cmd'.
camcontrol.c: New format functionality. Note that unlike the
rest of the camcontrol subcommands, this one is
interactive by default. Because of the potential
destructiveness of the format command, I thought
it necessary to get confirmation from the user
before spamming a disk. You can disable the
interactive behavior, and the status meter with
command line arguments.
scsi_da.c: Add the new scsi_format_unit() cdb building
function and use #ifdef _KERNEL to make this file
compile in both the kernel and userland. The
format unit function is currently only defined in
the non-kernel case, because nothing in the kernel
is using it. If that changes, it should be
un-ifdefed and compiled in both cases.
scsi_da.h: New function declaration, CDB structure and format
data structures.
Thanks to Nick Hibma for providing some valuable input on these changes.
Describe -i option for start.
Update description of start command (will now work on plexes).
Update discussion of choice of stripe size (don't use power of 2).
Remove references to raw devices.
Add -i option to delay between blocks copied, to reduce performance
impact.
Remove -v option, things work now.
Rewrite parity maintenance functions.
Rebuildparity: Add -v option to check whether it was broken before
rebuilding each block.
in cases where the supplied name was already pointing to a character
special device. This fixes the breakage that occured when trying to
dump a filesystem by name (e. g. /usr), with an fstab already
mentioning the raw device name (like /dev/rda0g) where dump attempted
to use /dev/rrda0g then.
Also removed the now obsolete remark that fstab were carrying block
special names.
least one reviewer is now unhappy with, since it contains incomplete
and misleading advice that is not easy to correct.
The net effect of this commit and the previous commit is to simply
remove all discussion of setting dumpdev to catch crash dumps
prior to entering user mode.
later. This allows tunefs -p on mounted filesystems.
Side-effects:
Use K&R prototypes.
Use definitions from fcntl.h for the flags argument to open(2).
There are cosmetic differences between this and the submitted patch.
PR: 17143
Reported by: Peter Edwards <peter.edwards@ireland.com>
Submitted by: luoqi
don't support routes with sin6_scope_id set.
Without this fix, routes with IPv6 scoped addr won't work when it is
assigned by "route" command.
Approved by: jkh
Reviewed by: ume
according to draft-ietf-ipngwg-icmp-name-lookups-04 to 05 change.
This is necessary before 4.0, because,
-This change is non backword compatible
-Other KAME derived platforms applied 05
-Author of the draft said he never do backword imcompatible changes
again.
Approved by: jkh
Obtained from: KAME project
Describe stop -f to stop when config updates are disabled.
Explain in more detail why Vinum needs its own partition type, and why
you can't make it the c partition.
Implicitly-sanctioned-by: jkh
replaces an older attempt to silence vinum(8) when started in
single-user mode.
Add entries for vinum_raid[45].
Replace the preprocessor variable name CDEV_MAJOR with
VINUM_CDEV_MAJOR.
continue_revive: Set the proc title to 'reviving <sdname>' so that it
can be recognized in a ps list.
Approved-by: jkh
drive if it is set.
vinum_lvi: Change line spacing. This is still not right.
Change checks for striped or RAID-5 plexes to a macro 'isstriped',
which now also includes RAID-4.
Change checks for RAID-5 plexes to a macro 'isparity', which now also
includes RAID-4.
vinum_lsi: If the subdisk is initializing or reviving, don't wait a
whole second to check whether it's advancing; wait in increments of 50
ms up to 1 second. This makes for a barely perceptible delay.
Approved-by: jkh
enabled and print a warning message in varous places if they are not.
Fix typos in comments.
Change some indents to approach style(9).
initvol: If init fails, place the subdisks in a "down" state.
vinum_start(): If we're starting a plex, try doing it directly. It's
possible that the state of the plex differs from that of the subdisks,
for example if somebody has used 'setupstate'.
New functions vinum_raid4 and vinum_raid5 to create RAID-4 and RAID-5
volumes, analagous to vinum_mirror and vinum_stripe.
vinum_checkparity: Don't try to check the parity of a non-parity plex,
print a rude remark instead.
Approved-by: jkh
DIR I=64512 CONNECTED. PARENT WAS I=4032
fsck: cannot find inode 995904
fsdb found the inodes with no problem:
fsdb (inum: 64512)> inode 995904
current inode: directory
I=995904 MODE=40777 SIZE=512
MTIME=Feb 14 15:27:07 2000 [0 nsec]
CTIME=Feb 14 15:27:07 2000 [0 nsec]
ATIME=Feb 24 10:31:58 2000 [0 nsec]
OWNER=nobody GRP=nobody LINKCNT=4 FLAGS=0 BLKCNT=2 GEN=38a41386
Direct blocks: 8094568 0 0 0 0 0 0 0 0 0 0 0
Indirect blocks: 0 0 0
The problem turns out to be a program logic error in fsck. It stores
directory inodes internally in hash lists, using the number of
directories to form the hash key:
inpp = &inphead[inumber % numdirs];
Elsewhere, however, it increments numdirs when it finds unattached
directories. I've made the following fix, which solved the problem in
the case in hand.
Submitted by: Greg Lehey <grog@lemis.com>
Reviewed by: Matthew Dillon <dillon@apollo.backplane.com>
Approved by: Kirk McKusick <mckusick@mckusick.com>
Improve compatibility with BSD/OS, and also more accurately reflect that
IP aliases aren't really any different than the primary IP address on an
interface.
Reviewed by: dcs
Approved by: jkh
-Open socket() at first and then setuid() to actual user.
-Allow ping6 preload option only for root.
Approved by: jkh
Submitted by: Neil Blakey-Milner <nbm@mithrandr.moria.org>
Kirk argees that the comment about corruption caused by switching the flags
on an already mounted manpage are bogus, it doesn't happen.
Ok by: mckusick
256 bytes) caused it to break on many devices.
The SCSI spec says that for commands with 8-bit length fields, a value of 0
means 256 bytes. As it turns out, many devices don't deal with that
properly. Some interpret the 0 as 0, and return no data. Others return
more than 256 bytes of data, and cause an overrun.
The fix is to tell the device we've only allocated SHORT_INQUIRY_LENGTH (36
bytes) of inquiry data, instead of sizeof(struct scsi_inquiry_data).
camcontrol.c: Change inq_len in the call to scsi_inquiry() to
SHORT_INQUIRY_LENGTH, and add a long comment
explaining the reason for the change.
scsi_all.h: Add a comment above the definitinon of
SHORT_INQUIRY_LENGTH alerting people that it is
both the initial probe inquiry length, and the
minimum amount of data needed for scsi_print_inquiry()
to function.
scsi_all.c: Add a comment about SHORT_INQUIRY_LENGTH being the
minimum amount of data needed for
scsi_print_inquiry() to function.
Reviewed by: gibbs
Approved by: jkh
Reported by: "John W. DeBoskey" <jwd@unx.sas.com>
Sorry for the flapping, but no change will be done for 4.0 anymore.
Official standard will be published around April or later.
If different format would be adopted at that time, then support for
the new format will be added to the succeeding FreeBSD 4.x.
Approved by: jkh
include a copy of the 3.0.1 firmware for the PCA200E card in the fore_dnld
program.
There are various and subtle compatibility issues between the hfa driver and
the microcode, this version is belived to work best.
If a file is specified on the command line it will be used instead of the
embedded image.
Approved by: jkh
IPv6 scoped addr display is not yet supported by ifconfig
and route. Now almost of IPv6 apps support it, so its support
in ifconfig and route is important to keep consisetncy, and
to avoid user confusion.
Approved by: jkh
Yes it is almost code freeze, but as the result of many thought, now I
think this should be added before 4.0...
make world check, kernel build check is done.
Reviewed by: green
Obtained from: KAME project
add an upper limit to -t
match the types of return values and the variables they are stuffed in
make the man page and usage() a little more consistantly ugly
less obfuscation.
Submitted by: adrian, billf
Changes are:
- rpc.umntall is called at the right places now in /etc/rc*
- rpc.umntall timeout has been lowered from two days (too high) to one
- verbose messages in rpc.umntall have been clarified
- kill double entries in /var/db/mounttab when rpc.umntall is invoked
- ${early_nfs_mounts} has been removed from /etc/rc
- patched mount(8) -p to print different pass/dump values for ufs filesystems.
(last patch recieved from dan <bugg@bugg.strangled.net>)
Submitted by: Martin Blapp <mbr@imp.ch>, dan <bugg@bugg.strangled.net>
Also, in addition to the previous log message, the last change had a fix
for the case where where f.mntfromname is a relative path like da0a.
Submitted by: bde
- Don't use realpath as stat does the right thing.
- Only check ufs filesystems in getmntpt.
- Dont' bother checking that the ufs-mounted-on
device is a special file. It *must* be a special
file, or ufs wouldn't have mounted it.
Submitted by: Paul Saab <ps@yahoo-inc.com>
Suggested-by: Bernd Walter (ticso@cicely.de)
Add key pairs for 'mv' and 'move' (a synonym for 'mv'). Required for
the move command code submitted by Marius Bendiksen
<marius@marius.scancall.no>
make_devices: Don't create symlinks for drives if they are only
referenced. Previously, spurious symlinks appeared in the current
directory.
Problem-reported-by: Bernd Walter (ticso@cicely.de)
No longer create character devices, now that there is no difference.
Make the devices as character devices, not block devices.
on alpha.
Submitted-by: Bernd Walter <ticso@cicely.de>
Replace %q formats with %lld.
Desired-by: bde
Remove #ifdef RAID5
vinum_lsi: If a subdisk is in 'reviving' state, check the status of
the revive and report the status of the revive. In verbose mode,
display the pid of the reviver.
on alpha.
Submitted-by: Bernd Walter <ticso@cicely.de>
Add function vinum_mv, which moves subdisks to different drives. This
function just does the low-level configuration changes; the resultant
subdisk is stale if it previously had any contents, otherwise it is
empty (i.e. in need of initializing if it's RAID-5). We still need to
handle getting the contents moved over, but the current version will
suffice to migrate subdisks from a disk which has failed.
Submitted-by: Marius Bendiksen <marius@marius.scancall.no>
vinum_start: Get the revive block size right.
(1)added error check of if_nameindex() return value at getaddrinfo().
(2)print out more detailed information when getaddrinfo() error value
is EAI_SYSTEM.(in this case system error num is kept in errno)
(1) is Discovered by: jinmei@kame.net in KAME environment.
packet divert at kernel for IPv6/IPv4 translater daemon
This includes queue related patch submitted by jburkhol@home.com.
Submitted by: queue related patch from jburkhol@home.com
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
assumption that only getty processes can be managed. Describe the
SysV-like ability to keep arbitrary long-running processes alive
using a non-device first field in /etc/ttys.
PR: 12767
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>
Packets that match a tee rule should not be immediately accepted,
but should continue going through the rule list. This may be fixed
in a later version.
I hope to fix this soon in a separate commit.
rundown script 'reboot' or 'single'. ISO support (which never
worked) has been removed from mount_nfs. mount_nfs and umount
now use mounttab, which allows umntall to work properly. The
rc scripts now call umntall as appropriate.
Submitted by: Martin Blapp <mb@imp.ch>
(2) Check for ENOENT when checking for /var/db/mountdtab
(3) Remove a signal handler that called broken functions.
(4) Remove the broken functions.
Submitted by: Martin Blapp <mb@imp.ch>
Reviewed by: bde (1), billf ([234])
option and add explicit option to bind to the wildcard address. The
default is to bind to the wildcard address when no -h option has been
specified and thus backwards compatibility is maintained.
PR: kern/13049
Reviewed by: David Malone <dwmalone@maths.tcd.ie>
Submitted by: Matt Dillon <dillon@freebsd.org>, David Malone <dwmalone@maths.tcd.ie>
