of forcing them to be an 'ipfw' rules file. This allows one to
determine interface addresses dynamically, etc. The rule is if the
file referenced by ${firewall_type} is executable, it is sourced, but
if it is just readable, it is used as input to 'ipfw' like before.
o Put back in {} removed during over-zealous cleanup of gratuitous
debugging output during preparation for the commit. Due to the
missing {}, writes on extended attributes always silently failed.
Doh.
o Don't unlock the target vnode if it's the backing vnode, as we
don't lock the target vnode if it's the backing vnode.
before I rip out the scheduler - whilst v. nice 'n all, it is doing the
wrong job. We need something that sends commands to the card atomically
so dhcp etc. works right.
I've renamed and moved a lot of the scheduler code so that it is all
in one place and all starts with ray_cmd_
ray_stop has some debugging crap left in - to be deleted rsn
extattr.h to be included. This fixes the broken ext2fs build as of
the import of extattr code.
Also added $FreeBSD: $ to a couple of files that didn't have them,
without which I couldn't commit this fix.
Reported by: "George W. Dinolt" <gdinolt@pacbell.net>
support. Changes are rather simplifications of the SCRIPTS
interface (prior to complexifying it again;) ), dead code
removes and comment fixes.
Code removed:
- Handling of kernel variables referenced from SCRIPTS.
- Handling of selection without ATN.
Slightly rewritten:
- Handling of illegal phase (4/5) and data overrun conditions.
Simplifications:
- Extended error flag and bits now only set from the C code.
- Move the extended error status (xerr_status) and nego
status (nego_status) outside the data structure accessed
by SCRIPTS (struct dsb).
- Get rid of the script status field (scr_st).
- Only patch SCR_NO_OP SCRIPTS instructions to adapt SCRIPTS
to actual chip capabilities.
Cosmetic changes:
- Miscellaneous comments in SCRIPTS.
- FreeBSD_4_Bus define replaced by FreeBSD_Bus_Io_Abstraction.
Exceptions:
Vinum untouched. This means that it cannot be compiled.
Greg Lehey is on the case.
CCD not converted yet, casts to struct buf (still safe)
atapi-cd casts to struct buf to examine B_PHYS
attributes (recently committed). Using extattrctl, the extended attribute
service may be started and stopped for specific file systems; specific
attributes may be enabled or disabled, and the backing file for each
attribute configured. Also, backing files may be initialized.
Reviewed by: adrian, bp, freebsd-fs, the unthanked masses
Obtained from: TrustedBSD
(name, value) pairs to be associated with inodes. This support is
used for ACLs, MAC labels, and Capabilities in the TrustedBSD
security extensions, which are currently under development.
In this implementation, attributes are backed to data vnodes in the
style of the quota support in FFS. Support for FFS extended
attributes may be enabled using the FFS_EXTATTR kernel option
(disabled by default). Userland utilities and man pages will be
committed in the next batch. VFS interfaces and man pages have
been in the repo since 4.0-RELEASE and are unchanged.
o ufs/ufs/extattr.h: UFS-specific extattr defines
o ufs/ufs/ufs_extattr.c: bulk of support routines
o ufs/{ufs,ffs,mfs}/*.[ch]: hooks and extattr.h includes
o contrib/softupdates/ffs_softdep.c: extattr.h includes
o conf/options, conf/files, i386/conf/LINT: added FFS_EXTATTR
o coda/coda_vfsops.c: XXX required extattr.h due to ufsmount.h
(This should not be the case, and will be fixed in a future commit)
Currently attributes are not supported in MFS. This will be fixed.
Reviewed by: adrian, bp, freebsd-fs, other unthanked souls
Obtained from: TrustedBSD Project
This gets rid of a bogus cast of NULL in setbuf().
Lets us know the buffer malloc failed.
Reworks the manpage a bit to make it more mdoc(7) compliant, adds
examples.
connections, after SYN packets were seen from both ends. Before this,
it would get applied right after the first SYN packet was seen (either
from client or server). With broken TCP connection attempts, when the
remote end does not respond with SYNACK nor with RST, this resulted in
having a useless (ie, no actual TCP connection associated with it) TCP
link with 86400 seconds TTL, wasting system memory. With high rate of
such broken connection attempts (for example, remote end simply blocks
these connection attempts with ipfw(8) without sending RST back), this
could result in a denial-of-service.
PR: bin/17963
incorrectly attach itself to ThunderLAN adapters which happen to have
a PHY who's model number happens out to be 0.
Problem reported by: Peter L. Thomas <Pete@painless-computing.com>
(which is actually a CATC Netmate).
Gee. I don't know why people make such a fuss over supporting USB ethernet
NICs. This is easier than collecting graft.
