138 Commits

Author SHA1 Message Date
glebius
5190d38ee3 Merge the projects/pf/head branch, that was worked on for last six months,
into head. The most significant achievements in the new code:

 o Fine grained locking, thus much better performance.
 o Fixes to many problems in pf, that were specific to FreeBSD port.

New code doesn't have that many ifdefs and much less OpenBSDisms, thus
is more attractive to our developers.

  Those interested in details, can browse through SVN log of the
projects/pf/head branch. And for reference, here is exact list of
revisions merged:

r232043, r232044, r232062, r232148, r232149, r232150, r232298, r232330,
r232332, r232340, r232386, r232390, r232391, r232605, r232655, r232656,
r232661, r232662, r232663, r232664, r232673, r232691, r233309, r233782,
r233829, r233830, r233834, r233835, r233836, r233865, r233866, r233868,
r233873, r234056, r234096, r234100, r234108, r234175, r234187, r234223,
r234271, r234272, r234282, r234307, r234309, r234382, r234384, r234456,
r234486, r234606, r234640, r234641, r234642, r234644, r234651, r235505,
r235506, r235535, r235605, r235606, r235826, r235991, r235993, r236168,
r236173, r236179, r236180, r236181, r236186, r236223, r236227, r236230,
r236252, r236254, r236298, r236299, r236300, r236301, r236397, r236398,
r236399, r236499, r236512, r236513, r236525, r236526, r236545, r236548,
r236553, r236554, r236556, r236557, r236561, r236570, r236630, r236672,
r236673, r236679, r236706, r236710, r236718, r237154, r237155, r237169,
r237314, r237363, r237364, r237368, r237369, r237376, r237440, r237442,
r237751, r237783, r237784, r237785, r237788, r237791, r238421, r238522,
r238523, r238524, r238525, r239173, r239186, r239644, r239652, r239661,
r239773, r240125, r240130, r240131, r240136, r240186, r240196, r240212.

I'd like to thank people who participated in early testing:

Tested by:	Florian Smeets <flo freebsd.org>
Tested by:	Chekaluk Vitaly <artemrts ukr.net>
Tested by:	Ben Wilber <ben desync.com>
Tested by:	Ian FREISLICH <ianf cloudseed.co.za>
2012-09-08 06:41:54 +00:00
dim
ea718b0e08 Upgrade our copy of llvm/clang to trunk r162107. With thanks to
Benjamin Kramer and Joerg Sonnenberger for their input and fixes.
2012-08-20 18:33:03 +00:00
gjb
8670397617 General mdoc(7) and typo fixes.
PR:		167734
Submitted by:	Nobuyuki Koganemaru (kogane!jp.freebsd.org)
MFC after:	3 days
2012-05-11 20:06:46 +00:00
eadler
1ef5fe44d3 Remove trailing whitespace per mdoc lint warning
Disussed with:	gavin
No objection from:	doc
Approved by:	joel
MFC after:	3 days
2012-03-29 05:02:12 +00:00
joel
4234591b03 mdoc: terminate quoted strings.
Reviewed by:	brueffer
2012-03-26 15:18:14 +00:00
joel
e3d7180447 Remove superfluous paragraph macro. 2012-03-25 09:18:34 +00:00
ed
23524b572c Globally replace u_int*_t from (non-contributed) man pages.
The reasoning behind this, is that if we are consistent in our
documentation about the uint*_t stuff, people will be less tempted to
write new code that uses the non-standard types.

I am not going to bump the man page dates, as these changes can be
considered style nits. The meaning of the man pages is unaffected.

MFC after:	1 month
2012-02-12 18:29:56 +00:00
syrinx
d4a4d07265 Implement an option to execute SNMP walks using GETBULK requests in bsnmpwalk(1)
retrieving multiple values with a Single PDU.

Reviewed by:	philip@
Tested by:	tsanand129 (at) gmail (dot) com
2012-01-10 15:29:03 +00:00
uqs
2b4085e7fd Partial backout of r228990, restore original MIB object name.
It's too late to change this in 9.0 -- so we have a release with the
misspelling in the wild and should not break users that depend on it.

Deprecating/replacing it because of a one-char typo seems excessive.
2012-01-05 21:36:28 +00:00
ed
f1de7c98ce Fix subtle typo: compare against idx -- not index.
In this contest, index refers to the index(3) function. In this case it
doesn't really harm, as this function is never called with idx == NULL.

MFC after:	2 weeks
2012-01-03 11:10:15 +00:00
uqs
415a3a9b96 Spelling fixes for usr.sbin/ 2011-12-30 10:58:14 +00:00
dim
e166d57d96 In usr.sbin/bsnmpd/modules/snmp_wlan/wlan_snmp.h, use the correct
enumeration types for the mesh_peering and mesh_forwarding members of
struct wlan_iface, to fix enum conversion warnings.

MFC after:	1 week
2011-12-17 19:53:08 +00:00
ivoras
d468939fab Apparently, "ada" drives are better treated similarly to "da" drives. 2011-10-24 12:59:39 +00:00
ivoras
4151aacb22 It seems that the warning is much less severe than its message says. The
device is certainly added to the list after the first pass.
2011-10-24 12:43:20 +00:00
ivoras
ebadbc15cd Fix typo
MFC after:	1 month
2011-10-24 12:21:58 +00:00
uqs
eb3a891009 Fix broken mdoc.
Found by:	manlint
Approved by:	re (kib)
2011-08-01 22:21:18 +00:00
ae
6425e22b7b Use full buffer size in read(2) call, there is no need to preserve the
last byte of the buffer.

Since we call refresh_device_tbl() for any devctl event types - no need
to check the first byte of buffer. Remove these checks.

Also remove logging for the case of unknown devd message. It incorrectly
triggers when all devctl events are not fit into one buffer and part of
unread data will be read in the next pass.

When length of data readed from devctl is equal to sizeof(buf), then try
to read from socket again, to read full data.

MFC after:	2 weeks
2011-07-11 12:51:35 +00:00
ed
52acbc4c0a Remove redundant assignments to WARNS.
For these directories, WARNS is already implied to be 6.
2011-06-06 20:24:17 +00:00
ru
2628ba45f7 [mdoc] Fixed .Dt call. 2011-05-25 14:13:53 +00:00
syrinx
3830b0c9c7 Unbreak the build by temprorarily not using include directives in
bsnmpd(1)' def files, until bsd.snmpmod.mk & Makefiles are fixed to
pass proper include path flags to gensnmptree.
2010-12-20 22:56:50 +00:00
syrinx
cdf73327e5 Bring in a SNMP module that allows configuration of SNMPv3 Notification targets.
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip
Approved by:	philip
2010-12-20 17:13:14 +00:00
syrinx
ceef911397 Pass proper -Wl,-export-dynamic to ld. Thus bsnmpd(1) compiled with clang
properly exports its symbols to the modules.

Submitted by:	dim
2010-12-16 15:18:53 +00:00
syrinx
afe3bf1f4b Remove unnecessary debug/error CFLAGS.
Reported by	: pawel.worach (at) gmail (dot) com
2010-12-11 13:24:01 +00:00
syrinx
a8871388a3 Unbreak "make installworld" w/ DESTDIR specified
PR	:	kern/152939
2010-12-09 12:25:45 +00:00
syrinx
9ef714f2e2 Add bsnmpd(1)'s SNMP client tools (including SNMPv3 support) to the base system.
Sponsored by:   The FreeBSD Foundation (the SNMPv3 bits), Google Summer of Code 2005
Reviewed by:    philip@ (mostly), bz@ (earlier version based on p4 ch124545)
Approved by:    philip@
2010-12-08 14:30:25 +00:00
syrinx
ed79f703fb In bsnmpd(1) add support for SNMPv3 message processing model, including message authentication, packet encryption & view-based access control (RFC 3412, 3414, 3415).
Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@ (mostly)
Approved by:	philip@
2010-12-08 13:51:38 +00:00
uqs
14c0facba5 Fix CPU load reporting independent of scheduler used.
- Sample CPU usage data from kern.cp_times, this makes for a far more
  accurate and scheduler independent algorithm.
- Rip out the process list scraping that is no longer required.
- Don't update CPU usage sampling on every request, but every 15s
  instead. This makes it impossible for an attacker to hide the CPU load
  by triggering 4 samplings in short succession when the system is idle.
- After reaching the steady-state, the system will always report the
  average CPU load of the last 60 sampled seconds.
- Untangling of call graph.

PR:		kern/130222
Tested by:	Julian Dunn <jdunn@aquezada.com>
		Gustau Pérez <gperez@entel.upc.edu>
		Jürgen Weiß <weiss@uni-mainz.de>
MFC after:	2 weeks

I'm unsure if some MIB standard states this must be the load average
for, eg. 300s, it looks like net-snmp isn't even bothering to implement
the CPU load reporting at all.
2010-10-28 20:18:26 +00:00
joel
dd1fff9bcb Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while
translating these manual pages.  Minor corrections by me.

Submitted by:	Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
2010-08-16 15:18:30 +00:00
joel
f4e8725880 Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
syrinx
3d55aa81d7 Connect the snmp_wlan(3) module to the build.
Sponsored by:	The FreeBSD Foundation
2010-07-26 16:26:26 +00:00
syrinx
566d7d1a53 Bring in a SNMP module to support monitoring cloned wireless interfaces
via bsnmpd(1). The module implements a private BEGEMOT-WIRELESS-MIB.

Sponsored by:	The FreeBSD Foundation
Reviewed by:	philip@
Approved by:	philip@
2010-07-26 16:16:39 +00:00
simon
8665304c8d Make failed open of /dev/mdctl in the bsnmpd hostres module non-fatal.
This makes it possible to use the hostres module when bsnmpd is not
running as root.

MFC after:	1 week
2010-07-24 10:04:35 +00:00
uqs
e644199c18 mdoc: consistently spell our email addresses <foo@FreeBSD.org>
Reviewed by:	ru
2010-05-19 08:57:53 +00:00
syrinx
72d5a23b38 Now actually implement reading/refreshing/returning data from the pfTablesAddrTable
and modify the BEGEMOT-PF-MIB to add support for IPV6 address' statistics in the PF
tables via pfTablesAddrNetType and pfTablesAddrNet. While here, upgrade the
pf_tree.def file to the new format that includes enumerated values. Also make sure
to return SNMP_ERR_NOSUCHNAME for ALTQ objects, if ALTQ is disabled, so that the agent
will know to skip the pfAltq subtree when servicing GETNEXT requests from SNMP clients
(otherwise snmpwalk on begemotPf would stop at the pfAltq subtree with bsnmpd returning
SNMP_ERR_GENERR).
2010-03-24 16:07:33 +00:00
syrinx
6d63213ed5 Make sure the snmp_pf module will first refresh its entires if necessary,
then find a specific entry, and get the requested value. So far, it found
the specific entry, refreshed the entry list if necessary, and got the
requested value from the found entry. The problem is that refreshing nukes
all old entries and replaces them with new ones and the obtained entry
pointer was no longer valid after the refresh.

Reviewed by:		bz, philip
MFC after:		1 week
2010-03-19 09:53:25 +00:00
syrinx
52f973a7e8 Add support for retrieving labeled pf filter rule counters.
PR:		bin/132847
Submitted by:	Szalai Andras <szalai (dot) bandi (at) gmail.com>
2010-03-18 14:54:31 +00:00
uqs
4a10ff6f04 Remove redundant WARNS?=6 overrides and inherit the WARNS setting from
the toplevel directory.

This does not change any WARNS level and survives a make universe.

Approved by:        ed (co-mentor)
2010-03-02 18:44:08 +00:00
ed
57d10a6e95 Port all applications in usr.sbin/ from libulog to utmpx. 2010-01-13 18:17:53 +00:00
ed
073cafdd42 The last big commit: let usr.sbin/ use WARNS=6 by default. 2010-01-02 11:07:44 +00:00
ed
079b8fb0b1 Let the snmp_hostres module use utmpx.
Approved by:	harti
2009-12-24 17:55:47 +00:00
syrinx
c9b899f968 Make sure enough memory is allocated for a struct pft_entry when
refreshing the list of pf tables.

OKed by:	philip
MFC after:	1 week
2009-12-05 13:45:21 +00:00
attilio
9dd892aeae Collapse devinfo_state_t with device_state_t in order to avoid a
structure replication and improve manteneability.

Reviewed by:	jhb, imp
Tested by:	Riccardo Torrini <riccardo at torrini dot org>
2009-11-15 16:44:43 +00:00
kensmith
9c2c634ee9 Bump the version of all non-symbol-versioned shared libraries in
preparation for 8.0-RELEASE.  Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.

Reviewed by:    kib
Approved by:    re (rwatson)
2009-07-19 17:25:24 +00:00
kmacy
1f84699fcf add zfs oid to bsnmpd
PR: bin/129360
Submitted by:	Ulrich Spoerlein
2009-05-17 05:54:25 +00:00
bms
51d165db04 Only build the bsnmpd netgraph module if MK_NETGRAPH_SUPPORT is set. 2008-10-02 14:26:56 +00:00
philip
d9cb06bec0 Use INSERT_OBJECT_INT_LINK_INDEX macro instead of TAILQ_INSERT_TAIL when
filling the table of ALTQ queues retrieved from the kernel.

It is possible for the kernel to return the queues not by pa.altq.qid order.
When this happens, pf_snmp would only partially fill its table.

PR:		bin/120974
Submitted by:	Mykola Dzham <i -at- levsha.org.ua>
MFC after:	3 days
2008-06-01 14:09:54 +00:00
syrinx
fea5330c6b Keep the snmp_bridge(3) module up to date with if_bridge(4) and add an
object to control the value of the new 'PRIVATE' bridge members' flag.
While here, remove stale '__unused' compiler directives.

Reviewed by:	bz
Approved by:	re (bmah), bz (mentor)
2007-08-08 19:27:50 +00:00
mlaier
83807ec50d Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
rafan
5fd49d94d5 - Bump share library version which were missed in last bump
Reported by: 	     jhb
Discussed with:	     deischen, des, doubg, harti
Approved by:	     re (kensmith)
2007-06-18 18:47:54 +00:00
pjd
2ee778fb99 s/destory/destroy/ (except for the code in contrib/). 2007-04-16 12:31:35 +00:00