(1) "ipf -T" is broken for fetching single entries and
(2) loading rules with numbered collections does not order insertion right.
(3) stats aren't accumulated for hash table memory failures
Approved by: re (dwhite)
the UMA "trash" allocator is used - this ensures that any writes to a freed
mbuf should provoke a panic.
Only enabled under INVARIANTS, of course.
Approved by: re (scottl)
for rand(3), not random(3). random(3) is defined to return values between
0 and 2^31-1, so add a local RANDOM_MAX constant to this file that is
defined as 2^31-1 and use that in place of RAND_MAX.
Reviewed by: bde
Approved by: re (dwhite)
MFC after: 1 week
cached state. Otherwise, a subsequent call to devinfo_init() would succeed
without reading the device tree from the kernel thinking that the cached
state was up to date since the generation count was the same. However,
since the cached state was actually free'd, attempts to examine the tree
after the second devinfo_init() would fail.
Reported by: Juho Vuori juho dot vuori at kepa dot fi
Submitted by: Stefan Farfeleder stefan at fafoe dot narf dot at
Approved by: re (dwhite)
MFC after: 1 week
was a separator character immediately before it. This wasn't likely to
happen in #-lines, but we might as well get it right. Also fix it so
that "" and "" will create a zero-length argument.
Approved by: re (blanket `env')
Compliance Definition. On sparc64, GCC emits _Qp_cmp() calls for its
__builtin_isfoo() functions which are used for C99's isfoo() macros.
Approved by: re(dwhite)
PR: 73782
start with a '/', they are more supported (by POSIX and SUSv3) than
filenames which have an '=' in them.
Noticed by: tjr
Approved by: re (blanket `env')
portability issues. Also note that for amd64, a hack is used to work
around gcc optimization (thanks to cognet@).
Reviewed by: mux (mentor)
Approved by: re (dougb)
for kldstat to ever print "IP Filter" (the module is called "ipfilter"
and modules don't have anything like a description), so this function
would always return false. That would cause prestart to attempt to
load the module even if it's already loaded, which would fail and
prevent the rules from being loaded.
Approved by: re (dwhite)
using my own script to handle it. I wrote my own partially because
of all the quoting-issues involved with testing what I wanted to test,
and partially because this lets me commit one script and one data file,
instead of one-file-per-regression-test.
This suite was good enough for my initial testing (and it did help me
find a few bugs that would have otherwise been missed). I'm not sure
how well it will work in general use, but I figured I might as well
commit it. It won't *hurt* to have it available. At the worst, people
can just ignore it.
Approved by: re (blanket `env')
apart a string, and supports some text substitutions. This can be
used to provide all the flexibility (and more!) that was lost by recent
changes to how the kernel parses #!-lines in shell scripts.
The '-P' option provides a way to specify an alternate set of directories
to use when searching for the 'utility' program to run. This way you can
be sure what directories are used for that search, without changing the
value of PATH that the user has set. Note that on FreeBSD 6.0, this
option is worthless unless the '-S' option is also used.
Approved by: re (blanket `env')
without checking it for an equals-sign. If it starts with a slash, then
it cannot be a request to set the value of a valid environment variable.
Approved by: re (blanket `env')
it does not happen until all single-letter options are processed. This will
be important for the -S option, which will be coming soon.
Approved by: re (blanket `env')
#!-line had multiple whitespace characters after the interpreter name, and
it did not have any options, then the code would do nasty things trying to
process a (non-existent) option-string which "ended before it began"...
Submitted by: Morten Johansen
Approved by: re (dwhite)