- Correct some problems with packet construction.
+--------+------------+----------+-------------+---------+
| | | | | |
| IP Hdr | MINICMPLEN | phdr_len | TIMEVAL_LEN | payload |
| | | | | |
+--------+------------+----------+-------------+---------+
| | | |
|<- IP ->|<------- ICMP -------->|<------ datalen ------>|
My previous changes tried to mess around with 'datalen' instead of
modifying 'phdr_len'.
I'm including this nice ASCII diagram (from Maxim) to further clarify things
in CVS history.
Submitted by: Maxim Konovalov <maxim@macomnet.ru>
when WARNS was increased recently, but __printf0like() has been
temporarily disabled for 8 months.
Fixed related style bugs (disordered declaraction and silly type for
maxpayload -- assume 16-bit ints like the rest of ping.c).
- Use it in atacontrol(8) when listing ATA devices instead of
stopping at the first ENXIO received.
This makes atacontrol list work on my sparc64 where the two ATA
channels I have are numbered 2 and 3.
Reviewed by: sos
This is aimed at creating floppies during cross-releases.
For different endianness machines, a tool like bswapfs(8)
is necessary to make the generated floppies readable on
the target machine. While here, fixed unaligned access
on Alphas.
Tested on: i386, alpha
Notable changes:
- Removed the "disktype" argument from the -B only synopsis
form. This form doesn't touch the disk label, and doesn't
use this argument.
- Fixed the first example in the EXAMPLES section. Support
for compatibility slices has been recently dropped from
the GEOM kernels, and a bit later GEOM became standard.
- Removed the buggy notion from rev. 1.37 that disklabel(8)
may be used to define mount points; it cannot. Improve
some DOS partition / FreeBSD slice wording. Among these,
``dangerously-dedicated slice'' was just a nonsense. ;-)
comes in on is the same interface that we would route out of to get to
the packet's source address. Essentially automates an anti-spoofing
check using the information in the routing table.
Experimental. The usage and rule format for the feature may still be
subject to change.
width of fields for packets and bytes counters.
PR: bin/47196
Reviewed by: -audit
Not objected by: luigi, des
o Use %llu instead of deprecated %qu convert specification for ipfw
packets and bytes counters.
Noted by: des
MFC after: 1 month
upper-case alphabetical characters to lower-case ones, and spaces to dashes.
The person who added this when bringing the code from NetBSD has no idea why
he added it, and nobody on freebsd-fs came up with any cases where the icky
part (the conversion of spaces to underscores) was needed. The removal of
the upper-case conversion follows an even more obvious logic: it avoids any
sort of namespace issues. People using StUdLy caps for filesystem names
deserve everything they get. Otherwise, Efs and efs might be totally different
things, but would use the same fsck. And we don't want that, right? That
just provokes the sort of foot-shooting this would prevent.
If you have problems with this, I'll walk you through using sed on your fstab,
cause the only way you could have problems is if you spelled ufs as "UFS".
Most likely, you haven't done that.
MFC after: 1 month
program allows users in the operator group to take filesystem
snapshots. Its first use will be in support of `dump -L'.
Approved by: Technical Review Board <trb@FreeBSD.org>
Sponsored by: DARPA & NAI Labs.
NSWAPDEV limit.
- Don't warn about devices that are not in use in 'swapoff -a'.
- Re-add behavior mistakenly removed in revision 1.44:
If using 'swapon -a', do not warn if the device is already in use.
PR: 46633
Submitted by: Andy Farkas <andyf@speednet.com.au> (in part)
Reviewed by: mike (mentor)
values for the initial inode generation numbers in newfs and for
newly allocated inode generation numbers in the kernel.
Submitted by: Theo de Raadt <deraadt@cvs.openbsd.org>
Sponsored by: DARPA & NAI Labs.
version of such. Differences in filesystems generated were found to be
from 1) sbwrite with the "all" parameter 2) removal of writecache. The
sbwrite call was made to perform as the original version, and otherwise
this was checked against a version of newfs with the write cache removed.
creates a single file named just "boot".
Apart from the fact that the option "-s" is now gone and that "-b" should
be pointed at /boot/boot instead of /boot/boot1, this patch should be
a no-op.
for the disklabel: This facility is OBE.
First of all, we cannot sensibly implement this in a properly stacked
environment.
Second, if we did, it would confuse the heck out of users who
wouldn't be able to "start from scratch" by dd(8)'ing /dev/zero
onto /dev/da0.
Third, the offered protection is not comprehensive: no other software
would respect it.
Fourth and finally, the disklabel is already protected against
tampering if it controls open partitions.
Uselessness of these options discussed with: peter
answer for the euid. As a result, fix it such that setuid scripts or
programs may call route(8) to do work on their behalf.
Reviewed by: ru
MFC after: 3 days
Submitted by: bde
Do not constantify maximum payload size. It is 65467 with -R
(record route), and 65507 without it.
Reviewed by: silence on -net
Proposed by: bde
I am going to MFC rev.1.77 - 1.81 ping.c and rev.1.39 and 1.40 ping.8:
MFC after: 6 months
to create it. A small number of options are not marshalled as they are things
it would be dumb to spit out, as they are used by internal computations, and
newfs may change them, or they may not be directly apparent.
the three configuration ioctls which need a unit number.
Add a "ccd.ctl" device for config operations.
Implement ioctls on ccd.ctl which rely on the explicityly passed
unit numbers.
Update ccdconfig to use the new ccd.ctl interface.
Add code to the kernel to detect old ccdconfig binaries, and whine
about it.
Add code to ccdconfig to detect old kernels, and whine about it.
These two compatibility measures will be retained only for a limited
period since they are in the way of GEOM'ification of ccd.
the configuration of any other disk-like devices.
This is the non-DEVFS part which is normally not used in 5.x, but due
for MFC into 4.x.
PR: bin/28294, bin/32588
MFC after: 1 week
called -r but it takes 512 byte blocks instead of megabytes, and I felt a
megabytes specification would be far more useful so I did not use the same
option character.
This will *greatly* improve dump performance at the cost of possibly
missing filesystem changes that occur between passes, and does a fairly
good job making up for the loss of buffered block devices. Caching is disabled
by default to retain historical behavior.
In tests, dump performance improved by about 40% when dumping / or /usr.
Beware that dump forks and the cache may wind up being larger then you
specify, but a more complex shared memory implementation would not produce
results that are all that much better so I kept it simple for now.
MFC after: 3 days
default-to-deny firewall. Simply turning off IPFW via a preexisting
sysctl does the job. To make it more apparent (since nobody picked up
on this in a week's worth of flames), the boolean sysctl's have been
integrated into the /sbin/ipfw command set in an obvious and straightforward
manner. For example, you can now do 'ipfw disable firewall' or
'ipfw enable firewall'. This is far easier to remember then the
net.inet.ip.fw.enable sysctl.
Reviewed by: imp
MFC after: 3 days
#include <strings.h>
...
foo = (char *)strdup(...);
To:
#include <string.h>
foo = strdup(...);
because the former segfaults on an ia64 since there is no prototype
for strdup() in strings.h. Converting an "int" to a pointer is fatal.
o Expand variables correctly.
o Set variables for each event.
o rewrite event loop to execute the commands in the config file, rather
than the hard wired generic command
o better(?) debug when running -d
o sort vectors of actions so that we just have to search for the first
one to match rather than the best one that matches.
o better attempts to clear all resources used on 'restart'
o Remove now bogus comments
MFC After: 1 centiyear
swapctl functionality. The idea is to create a swapctl command that is
fairly close to the OpenBSD and NetBSD version. FreeBSD does not implement
swap priority (and it would be a mistake if we did) so we didn't bother with
that part of it.
Submitted by: Eirik Nygaard <eirikn@bluezone.no>
Augmented by: dillon (extensively)
Reviewed by: David Schultz <dschultz@uclink.Berkeley.EDU>
after -p except for the last (the ruleset file to process) to the
preprocessor for interpretation. This allows command-line options besides
-U and -D to be passed to cpp(1) and m4(1) as well as making it easier to
use other preprocessors.
Sponsored By: NTT Multimedia Communications Labs
MFC after: 1 week
Make sure sector zero is protected if it contains metadata.
Lower WARNS for gbde to 3 on non-i386 archs. rijndael-fst is evil
but appearntly does the right thing and passes the test-vectors.
MFC Candidate.
for request sizes larger than the sectorsize or for multi-key setups.
See warning mailed to current@ for details of recovery.
Found by: Marcus Reid <marcus@blazingdot.com>
bandwidth for other processes. Since the sleeping is done from
userland, this avoids the locking issues that affected the kernel
version.
The algorithm used here is to measure a moving average of the times
taken by a sample of read operations and then delay 1 in 8 reads
by 16 times the measured average. This should correspond to a factor
of 3 slowdown, but in practice the factor is larger (3.5 to 4) due
to hz rounding effects.
Reviewed by: mckusick
Approved by: re
o improve parsing and lexing
o create data structures based on the parsed file now.
o Still need to rewrite main loop and add regex (still uses hard coded
devd-generic)
o minor man page updates.
# There should be one more commit before rc2
Approved by: re (blanket)
live filesystem. To obtain a consistent dump image, dump takes
a snapshot of the filesystem and then does a dump of the snapshot.
The snapshot is removed when the dump is complete.
Also add an operator warning that the `L' option should be used
if dump is run on a live filesystem without the `L' option being
specified. The alternative would be to silently use a snapshot
any time that a live filesystem is dumped, but this change in
dump semantics seemed too drastic at this time.
Sponsored by: DARPA & NAI Labs.
Approved by: re
only preallocates a small number of inodes. The dump program tries
to scan through all the allocated inodes on a filesystem which
causes bad behavior if they have never been allocated. Thus dump
must calculate the set of inodes that have actually been allocated
and scan only those inodes.
Sponsored by: DARPA & NAI Labs.
other partitiosns. This is necessary when migrating conventional
partitions to Vinum and was broken by recent more stringent overlap
checks. This is arguably the wrong way to do it. A better method
would be to have the loader understand a subset of Vinum partitioning
and allow an install directly to Vinum, but until then, this is the
best we have.
Reviewed by: jhb
Approved by: re (rwatson)
so that fsck does not complain with `SUMMARY BLK COUNT(S) WRONG IN
SUPERBLK' the first time it is run on a new filesystem.
Reported by: Poul-Henning Kamp <phk@freebsd.org>
Sponsored by: DARPA & NAI Labs.
trying to use them. Set a minimum value for numdirs when using an
alternate superblock to avoid spurious numdirs == 0 error. Calculate
new fields when using an alternate superblock from a UFS1 filesystem
to avoid segment faulting.
Sponsored by: DARPA & NAI Labs.
a PMBR. Make sure the create command creates a PMBR as well
(if not already present).
o When parsing the MBR, explicitly check for a PMBR and create
a PMBR map node if one is found.
o When parsing the MBR, recurse to handle extended partitions.
This allows us to flatten nested MBRs when migrating to a
GPT.
o Have the migrate command bail out if it encounters a partition
it doesn't know how to migrate. This avoids data loss.
o Change the output of the show command so that the UUIDs of the
GPT partitions fit on the same line.
o Show when partitions are extended partitions and add the PMBR
type.
Approved by: re (blanket)
of an argument name collision with -O, use -v, and default to whatever
the newfs default is for the platform (generally, UFS1). This is
required to support diskless workstations that use UFS2 for their
mdmfs file systems.
Reviewed by: dd, bmah
Approved by: re (bmah)
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
UUIDs can then be limited to those cases when an alias doesn't exist.
This greatly increases the likelyhood that a sysadmin finishes the
partitioning without intermittent mental breakdowns. Current aliases
are "efi", "swap" and "ufs".
While here, staticize global variables and expand the usage message.
Approved by: re (blanket)
that the kernel will refuse to mount. Specifically it now enforces
the MAXBSIZE blocksize limit. This update also fixes a problem where
newfs could segment fault if the selected fragment size was too large.
PR: bin/30959
Submitted by: Ceri Davies <setantae@submonkey.net>
Sponsored by: DARPA & NAI Labs.
the old 8-bit fs_old_flags to the new location the first time that the
filesystem is mounted by a new kernel. One of the unused flags in
fs_old_flags is used to indicate that the flags have been moved.
Leave the fs_old_flags word intact so that it will work properly if
used on an old kernel.
Change the fs_sblockloc superblock location field to be in units
of bytes instead of in units of filesystem fragments. The old units
did not work properly when the fragment size exceeeded the superblock
size (8192). Update old fs_sblockloc values at the same time that
the flags are moved.
Suggested by: BOUWSMA Barry <freebsd-misuser@netscum.dyndns.dk>
Sponsored by: DARPA & NAI Labs.
prob 0.5 pipe NN ....
due to the generation of an invalid ipfw instruction sequence.
No ABI change, but you need to upgrade /sbin/ipfw to generate the
correct code.
Approved by: re
to net.inet.ip.fw.one_pass.
Add to notes to explain the exact behaviour of "prob xxx" and "log"
options.
Virtually approved by: re (mentioned in rev.1.19 of ip_fw2.c)
It seems a common corruption to have them -ve (I've seen it several times)
and if fsck doesn't fix it, it leads to a kernel pagefault.
Reviewd by: kirk
Submitted by: Eric Jacobs <eaja@erols.com> and me independently.
MFC in: 2 days
PR: bin/40967
Approved by: re
the error "quotacheck: bad inode number 1 to nextinode".
Sponsored by: DARPA & NAI Labs.
Reported-by: Franky <franky@jasna.tarnow.pl> and Matthew Kolb <muk@msu.edu>
take unsigned values.
his allows one to label disk with the number of blocks > 31 bits
(though less then 32 bits)
e.g.
# size offset fstype [fsize bsize bps/cpg]
c: 3125755904 0 unused 0 0 # (Cyl. 0 - 194569*)
d: 3125755840 64 unused 0 0 # (Cyl. 0*- 194569*)
which is needd to test UFS2
<sys/gpt.h>. This avoids having to include both <sys/uuid.h> and
<uuid.h>, which is considered by your friendly committer to be
aestheticly displeasing (= ballyhoo barf barf :-)
Replace ARC4 with SHA2-512.
Change lock-structure encoding to use random ordering rather for obscurity.
Encrypt lock-structure with AES/256 instead of AES/128.
Change kkey derivation to be MD5 hash based.
Watch for malloc(M_NOWAIT) failures and ditch our cache when they happen.
Remove clause 3 of the license with NAI Labs consent.
Many thanks to "Lucky Green" <shamrock@cypherpunks.to> and "David
Wagner" <daw@cs.berkeley.edu>, for code reading, inputs and
suggestions.
This code has still not been stared at for 10 years by a gang of
hard-core cryptographers. Discretion advised.
NB: These changes result in the on-disk format changing: dump/restore needed.
Sponsored by: DARPA & NAI Labs.
getdiskinfo(). For the fixed-disk case, bpb->hid probably isn't
handled correctly, but I'm not sure if this is a serious problem since
the primary use of this program is to format floppy disks.
Reviewed by: phk
o Use DCE compliant UUID functions and provide local
implementations if they don't exist,
o Move dumping of the map to show.c and print the
partition type,
o Some cleanups and rearrangements.
The default GPT partition type is UFS. When no starting block
or size are specified, the tool will create a partition in the
first free space it find (or that fits, depending on the size).
code is directly copied from migrate.c. The intend is to express
migrate in terms of create and add. The functionality to add
partitions is not yet there.
Quoting luigi:
In order to make the userland code fully 64-bit clean it may
be necessary to commit other changes that may or may not cause
a minor change in the ABI.
Reviewed by: luigi
regarding 802.1 MAC and Mandatory Access Control (MAC). Some
potential for confusion remains further in other areas of the
system regarding Message Authentication Codes (MAC).
Requested by: wollman
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
interfaces using the 'mac' argument. Without MAC support in the
kernel, this does not change the behavior of ifconfig.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
result of an incomplete migration. An incomplete migration is
one where the MBR is not turned into a PMBR after creating the
GPT. This early in the game it's more convenient to allow the
inconsistency, because that avoids that we have to destroy the
MBR partitioning for now.
