Any existing config files (using the -f option) will need
to be changed although using the old files will usually result
in an error (partition 0 is invalid).
these are quite extensive additions to the ipfw code.
they include a change to the API because the old method was
broken, but the user view is kept the same.
The new code allows a particular match to skip forward to a particular
line number, so that blocks of rules can be
used without checking all the intervening rules.
There are also many more ways of rejecting
connections especially TCP related, and
many many more ...
see the man page for a complete description.
place rather than updating the main loop's index variables from within
a subroutine and other revolting things like that. Move some more
globals into local variables.
program and it's use of global variables. Somehow, I managed to miss the
most obvious case.. "ifconfig ed0 10.0.0.1" failed (no "inet")
Submitted by: dfr
family inet if not specified. (eg: "ifconfig ed0" down would fail because
no family was specified, even though the up/down status is not per family)
Pointed out by: Wolfgang Helbig <helbig@MX.BA-Stuttgart.De>
- parse command options using getopt for consistancy
- sanitise the command parsing so that it's less like spaghetti
- implement a "-l" option (idea from NetBSD - just list names)
- attempt to clean up the sysctl parsing loop some more. It still needs
to be taken out the back and shot though.
- cut down on global usage, but there's a lot more scope for this.
- make usage string a bit closer to reality (it was missing lots of things)
Unfortunately, I did this for the second time but with the memory of
the NetBSD version still recently in my mind. It's hard to redo simple
changes or getopt stuff without making it look like what you've been
working with a few hours ago.
mount. It is possible to have v3 MOUNT but only v2 NFS, for instance for
a custom user-mode server like CFS.
Reviewed by: "Louis A. Mamakos" <louie@TransSys.COM>
Instead, reverse the order of the testing, so if a symbolic name starts with
a digit, we'll see if we can make a network address out of it first. If
that fails, then we'll call getnet...
options one would normally expect to set the realm, enable encryption,
and whatnot, but this actually is able to contact the remote server,
so at least it's a start. (As a bonus, the stripped static binary is
unquestionably exportable.)
now by default mount the last data track (thus last session), as
opposed to the very first session it has been mounting previously.
This is consistent with the ISO9660 multi-session idea, and the way
other operating systems are working.
There's support to mount arbitrary sessions using the -s option. This
way, you can simulate multi-session CDs on something like vn devices
that don't support CDIO* ioctl commands. You can also force the
historic behaviour with
mount -t cd9660 -o -s=0 /dev/cd0a /cdrom
nfs requests from non-privileged ports.
Change mountd such that it does never set this variable, but only clears
it when run with -n. Also document this in the man page.
a reserved port, so why not the nfs rpc's themselves?
With user allowed mounts, this perhaps needs a closer look, but
on the other hand, a user could already specify the flag.
If normal users should not be able to use resserved ports, the kernel
should check for the flag at mount time.
(presumably because the kernel is old). Moved the declaration of a
variable realated to this sysctl outside of an unrelated ifdef.
Not fixed:
- this sysctl is badly named (nfs occurs twice).
- it's silly to have for FreeBSD in FreeBSD code, especially when
only half of the FreeBSD-dependent code is ifdefed.
in uu_lock(). Add uu_lockerr() for turning the results of
uu_lock into something printable. Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly where it should.
Suggested by: ache@freebsd.org
it's internal malloc() implementation to try and avoid overstepping it's
resource limits (yuk!). Remain using libc's malloc(), but check the
resource limits right before trying to malloc the ramdisk space and leave
some spare memory for libc. In Andrey's words, the internal malloc
was "true evil".. Among it's sins is it's ability to allocate less memory
than asked for and still return success. stdio would just love that. :-)
Reviewed by: ache
I was not sure whether the fs_id fields should be printed in the clear
in case of sniffing over a network login etc. It might be an idea
to have somebody with spare time go through and find any other missing
fields that should be reported.
Definate 2.2.x/2.1.x candidate since it breaks the build.
automatically have random generation numbers. The kenel way of handling those
also changed. Further it is advised to run fsirand on all your nfs exported
filesystems. the code is mostly copied from OpenBSD, with the randomization
chanegd to use /dev/urandom
Reviewed by: Garrett
Obtained from: OpenBSD
something closer to how we used to do it. The Lite2 way is to check the
"fsclean" flag in the superblock and stop there if so (during preen).
We now do the various superblock sanity checks that we used to do before
since it's cheap. We now get the filesystem state summary again instead
of "FILESYSTEM CLEAN; CHECKING SKIPPED" (or whatever).
errors (mis-sorted prototypes, duplicated MNT_NOATIME, duplicated NULL
mntopts fixup).
Updated getopt() usage.
Fixed style bugs in FreeBSD changes (one or two per line for putfsent()
stuff).
- cleanups,
- whiteout support
- bug fixes (chflags missing on a few file types etc)
The dump/restore folks would want to have a closer look at this, the
change is pretty big.
- use new getvfsbyname() interface and mount(2) interface
**DANGER WILL ROBINSON!!** You must be running a -current kernel
from within a week or so in order for this to work!
2578 from Julian A. Likely not strictly needed, but it doesn't hurt
and protects ping against possible buffer overflows if the resolver
were to return large IP addresses.
used spaces to align the second line under the program name.
2) Cache uid after call to setuid(getuid()) so we don't waste a system call
for each packet with a call to getuid for the -v case.
3) Update manual to reflect new restriction on -l from last delta.
Suggested by: bde, Bill Fenner
2) Must be root to run preload (OpenBSD ping.c 1.8)
3) Don't print all replies unless verbose and root (from idea in
OpenBSD ping.c 1.10 and 1.11) to avoid leaking information available
only to root.
4) Remove unused h: from option string to getopt.
5) Make the compiler happy with exit(0) (Lite-2?)
Reviewed by: Dan Cross <tenser@spitfire.ecsel.psu.edu>
Good candidate for 2.2 and 2.1 (as are many of the 1.17 changes).
Do a better job of argument parsing.
Don't permit ping -f to a multicast address (very antisocial).
Don't permit -L, -I, -T options with unicast addresses.
Ensure that we ask for only AF_INET addresses (should close PR#2584).
Return <sysexits.h> error codes for failures. Document this.
Fix man page to identify the author and put sections in correct order.
buffer (so more difficult to exploit but better safe than sorry). Found
by comparing FreeBSD & OpenBSD sources/logs for the auditing process.
Reviewed by: Warner Losh
Obtained from: OpenBSD
Submitted by: Bruce Murphy <packrat@iinet.net.au>
Add '-a' audible flag, so terminal will beep upon receipt of a reply
packet. Useful for debugging ethernet runs, among other things.