This can be useful, when net.inet.ip.fw.dyn_keep_states is enabled, but
after rules reloading some state must be deleted. Added new flag '-D'
for such purpose.
Retire '-e' flag, since there can not be expired states in the meaning
that this flag historically had.
Also add "verbose" mode for listing of dynamic states, it can be enabled
with '-v' flag and adds additional information to states list. This can
be useful for debugging.
Obtained from: Yandex LLC
MFC after: 2 months
Sponsored by: Yandex LLC
This was a typo for wdc. Eliminate it since it was in error. People
should use either 'wdc' or 'hgst' for the vendor from now on. 'hgst'
works for all versions this functionality is present for.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
Move the Intel specific log pages (including the one that samsung
implements) to intel.c. Add comment to the samsung vendor that it will
be going away soon.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
Eliminage redundant spaces and nvmecontrol at start of all the usage
strings. Update the usage printing code to add them back when
presenting to the user. Allow multi-line usage messages and print
proper leading spaces for lines starting with a space.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
Provide a usage() function that takes a struct nvme_function pointer
and produces a usage mssage. Eliminate all now-redundant usage
functions. Propigate the new argument through the program as needed.
Use common routine to print usage.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
If the dispatched function doesn't exit, then we get can get a
spurious function not found message. They all do exit, but this is a
little cleaner.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
These are all hgst/wdc specific, so move them into the wdc.c to live
with the wdc command.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
For the upcoming move of vendor specific code into vendor specific
files, make the common logpage routines global and move them to
nvmecontrol.h.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
Move logpage function def to header. Convert all the logpage_function
elements to elements of the linker set. Leave them all in logpage.c
for the moment.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
More commands will be added to nvmecontrol. Also, there will be a few
more vendor commands (some of which may need to remain private to
companies writing them). The first step on that journey is to move to
using linker sets to dispatch commands. The next step will be using
dlopen to bring in the .so's that have the command that might need
to remain private for seamless integration.
Similar changes to this will be needed for vendor specific log pages.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
SELECTIVE MIRRORING
If your network has network traffic analyzer connected to your host
directly via dedicated interface or remotely via RSPAN vlan, you can
selectively mirror some ethernet layer2 frames to the analyzer.
...
report the check-hash failure and offer to search for and use
alternate superblocks. Prior to this fix fsck_ffs would simply
report the check-hash failure and exit.
Reported by: Julian H. Stacey <jhs@berklix.com>
Tested by: Peter Holm
Sponsored by: Netflix
Those two manual pages are already referencing each other in the HISTORY
sections, which people might skip. Mention those manual pages explicitly in
the SEE ALSO sections. Also, remove a reference to be(1) from libbe(3).
Reviewed by: bcr
Approved by: krion (mentor, implicit), mat (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D18136
Observed in a CI test image, bectl_create test will run and be marked as
skipped because the module is not loaded. The first zpool invocation will
automagically load the module, but bectl_create is still skipped. Subsequent
tests all pass as expected because the module is now loaded and everything
is OK.
MFC after: 3 days
These tests operate on a file-backed zpool that gets created in the kyua
temp dir. root and ZFS support are both required for these tests. Current
tests cover create, destroy, export/import, jail, list (kind of), mount,
rename, and jail.
List tests should later be extended to cover formatting and the different
list flags, but for now only covers basic "are create/destroy actually
reflected properly"
MFC after: 3 days
Add an undocumented -r option preceding the bectl subcommand to specify a BE
root to operate out of. This will remain undocumented for now, as some
caveats apply:
- BEs cannot be activated in the pool that doesn't contain the rootfs
- bectl create cannot work out of the box without the -e option right now,
since it defaults to the rootfs and cross-pool cloning doesn't work like
that (IIRC)
Plumb the BE root through to libbe(3) so that some things -can- be done to
it, e.g.
bectl -r tank/ROOT create -e default upgrade
bectl -r tank/ROOT mount upgrade /mnt
this aides in some upgrade setups where rootfs is not necessarily ZFS, and
also makes it easier/possible to regression-test bectl when combined with a
file-backed zpool.
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D18029
Rather than using a special value to denote "use the default router",
treat the absence of the -g option to mean the same thing. The
in-kernel netdump client will always attempt to reach the server
directly before falling back to the configured gateway anyway. This
change makes it cleaner to support a hostname value for -g.
Reviewed by: cem
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D18025
document the libufs interface for fetching and storing inodes.
The undocumented getino / putino interface has been replaced
with a new getinode / putinode interface.
Convert the utilities that had been using the undocumented
interface to use the new documented interface.
No functional change (as for now the libufs library does not
do inode check-hashes).
Reviewed by: kib
Tested by: Peter Holm
Sponsored by: Netflix
Now an interface name can be specified for nptv6 instance instead of
ext_prefix. The module will track if_addr_ext events and when suitable
IPv6 address will be added to specified interface, it will be configured
as external prefix. When address disappears instance becomes unusable,
i.e. it doesn't match any packets.
Reviewed by: 0mp (manpages)
Tested by: Dries Michiels <driesm dot michiels gmail com>
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D17765
For example, in case of super-user:
$ sudo ping -s -64 127.0.0.1
PING 127.0.0.1 (127.0.0.1): -64 data bytes
ping: sendto: Invalid argument
For unprivileged user:
$ ping -s -64 127.0.0.1
ping: packet size too large: 18446744073709551552 > 56: Operation not permitted
Fix this by switching from strtoul() to strtol() for integer arguments
and adding explicit checks for negative values.
MFC after: 1 month
It produces incompatibility when rules listing is used again to
restore saved ruleset, because "ip6" keyword produces separate opcode.
The kernel already has the check and only IPv6 packets will be checked
for matching.
PR: 232939
MFC after: 3 days
There is no need to check if capdns is NULL.
If we will build the system without casper all cap_gethostaddr will be
replaced by the standard functions.
Make it clear that ipfw action set for layer2 frames it a bit limited.
PR: 59835
Reviewed by: yuripv
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D17719
The buffer is already zeroed in compile_rule() function, and also it
may contain configured F_NOT flag in o.len field. This fixes the filling
for "not icmp6types" opcode.
PR: 232939
MFC after: 3 days
tcpdump can capture packet traces from the usb bus. usbus[0-9] are
registered as ifnet devices so this can work. When these devices come
up, devd was trying to run pccard_ether on those interfaces, which
didn't exist and generated an error.
program to use the libufs library interface. No functional change
(as for now the libufs library does not do inode check-hashes).
Reviewed by: kib
Sponsored by: Netflix
This change defines the RA "6" (IPv6-Only) flag which routers
may advertise, kernel logic to check if all routers on a link
have the flag set and accordingly update a per-interface flag.
If all routers agree that it is an IPv6-only link, ether_output_frame(),
based on the interface flag, will filter out all ETHERTYPE_IP/ARP
frames, drop them, and return EAFNOSUPPORT to upper layers.
The change also updates ndp to show the "6" flag, ifconfig to
display the IPV6_ONLY nd6 flag if set, and rtadvd to allow
announcing the flag.
Further changes to tcpdump (contrib code) are availble and will
be upstreamed.
Tested the code (slightly earlier version) with 2 FreeBSD
IPv6 routers, a FreeBSD laptop on ethernet as well as wifi,
and with Win10 and OSX clients (which did not fall over with
the "6" flag set but not understood).
We may also want to (a) implement and RX filter, and (b) over
time enahnce user space to, say, stop dhclient from running
when the interface flag is set. Also we might want to start
IPv6 before IPv4 in the future.
All the code is hidden under the EXPERIMENTAL option and not
compiled by default as the draft is a work-in-progress and
we cannot rely on the fact that IANA will assign the bits
as requested by the draft and hence they may change.
Dear 6man, you have running code.
Discussed with: Bob Hinden, Brian E Carpenter
When users mark an interface to not use aliases they likely also don't
want to use the link-local v6 address there.
PR: 201695
Submitted by: Russell Yount <Russell.Yount AT gmail.com>
Differential Revision: https://reviews.freebsd.org/D17633
