- Transparent proxy support.
- PERMANENT_LINK IS NOW OBSOLETE, use redirect_port instead.
- Drop support for early FreeBSD 2.2 versions
- If separate input & output sockets are being used
use them to find out packet direction instead of
normal mechanism. This can be handy in complex environments
with multiple interfaces.
- PPTP redirect support by Dru Nelson <dnelson@redwoodsoft.com> added.
- Logging enhancements from Martin Machacek <mm@i.cz> added.
Obtained from: Ari Suutari <ari@suutari.iki.fi>
Wait4 zombies.
make_devices: Don't try if the /dev directory is mounted read-only.
Create daemon superdevice /dev/vinum/controld.
Format a couple of multiline comments conformant with style(9).
for us.
Rebuild the (almost empty) /dev/vinum directory.
vinum_start: remove superflous "read" parameter when starting with no
parameters.
vinum_stop: without an argument, stop Vinum and remove the kld if
it's idle.
vinum_saveconfig: New command to save configuration.
256 kB instead of 16 kB.
Pointed-out-by: Steve Taylor <staylor@cybernet.com>
Modify description of start command to include 'start' with no
parameters, which reads the config from all drives found on the
system.
the wrong module can cause confusion, including loading both versions
(which conflict with each other) and incorrect ioctls, which cause
unintelligible error messages.
Extend 'start' command: if used without any parameters, vinum scans
all disks known to devstat for vinum drives and reads their
configuration.
the mount is completely active, causing the next few commands attempting
to manipulate data on the mount to fail. mount_mfs's parent now tries
to wait for the mount point st_dev to change before returning, indicating
that the mount has gone active.
to be written to /etc.
The only essential change is in paths.h, so any third-party software
written correctly will pick it up in the next rebuild.
Reviewed by: the committers list (actually an old version)
getvfsent() in most cases. (The main exception is when /etc/fstab
still hasn't been converted to use a slice for the root device, the
root device is a SCSI device, and the /dev/sd* inode for this device
still hasn't been renamed to /dev/da*.)
- Comment out the description of the unimplemented replace command
- Explain in even stronger language that resetconfig is not for
everyday use
Motivated by: Marko Schütz <marko@ki.informatik.uni-frankfurt.de>
- Correct the description of the start command (no longer used to
start vinum, just specific objects)
Motivated by: dg
- Remove .TH N commands, which conflict badly with the doc macros,
causing strange headings in nroff output and endless loops in troff.
The current version produces warning messages with some screen
sizes, and will be fixed when I have time.
Bug-report: docs/9328 (nroff)
Reported-by: joerg (troff)
- Add gotcha info for the setupstate keyword and the use of label and
resetconfig.
- Add bug entry for the warning messages introduced by fixing
docs/9328.
- Add references to web pages on Vinum
In the words of the submitter:
"The patch below allows to ping from any address on the multihomed host.
The man page is also updated, the text was cutted from traceroute(8)."
Submitted by: Ruslan Ermilov
PR: 6832
It just replace u_long with u_int32_t and shouldn't affect on i386.
Without this patch,
- unaligned accesses occur
- permission denied randomly
Submitted by: Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
- Describe subdisk attachment in more detail
- Describe new 'makedev' command
- Correct use of 'partition' and 'slice'
- Describe 'setupstate' keyword
- Include performance guidelines for striped plexes
- Correct numerical values in examples
- Add examples for disklabel(8)
- Clarify problems creating Vinum drives on inappropriate partitions
Prodded by: NAGANUMA Yasuhiro <y_naga@carat.rim.or.jp> (slices and
partitions)
Submitted by: Kirk McKusick <mckusick@McKusick.COM>
Obtained from: Mckusick, BSDI and a host of others
This exactly matches Kirks sources imported under the
Tag MCKUSICK2. These are as supplied by kirk with one small
change needed to compile under freeBSD.
Some FreeBSD patches will be added back, though many have been
added to Kirk's sources already.
This allows for more flexible ipfw configuration files using
`variables' to describe frequently used items in the file, like the
local IP address(es), interface names etc. Both m4 and cpp are useful
and supported; with m4 being a little more unusual to the common C
programmer, things like automatic rule numbering can be achieved
fairly easy.
While i was at it, i've also untangled some of the ugly style inside
main(), and fixed a bug or two (like not being able to use blank lines
when running with -q).
A typical call with preprocessor invocation looks like
ipfw -p m4 -Dhostname=$(hostname) /etc/fwrules
Someone should probably add support for this feature to /etc/rc.firewall.
I don't have access to a BSD/OS machine to check the veracity of the
magic number. However, no harm will be done by the commit and since
someone was motivated enough to file a PR, I'm committing the change.
PR: 7629
Submitted by: Jos Backus <jbackus@plex.nl>
unused static inlines in headers without -O.
Fixed missing libraries in DPADD.
Use .PATH instead of a symlink farm.
Removed bogus dependency of util.c on statetext.h (only util.o depends
on it). Removed rule for building statetext.h. The dependency was used
to get statetext.h built, but statetext.h is a non-generated source file
so it doesn't need building. This fixes an annoying message for the null
build and use of `make' instead of ${MAKE} to do the null build.
Fixed some style bugs.
and we don't use the frags info, so why bother? More to the point, it
seems to result in an EXDEV error when the label is written out and we
lose because of it (don't know why though). This is a work-around and
is marked as such.
that any transactions in front of the stop command get flushed to disk
first. This will have no effect on devices that have tagged queueing
turned off, or don't support tagged queueing.
Reviewed by: gibbs
print out a one line description/dump of every SCSI CDB sent to a
particular debugging target or targets.
This is a good bit more useful than the other debugging modes, I think.
Change some things in LINT to note the availability of this new option.
Fix an erroneous argument to scsi_cdb_string() in scsi_all.c
Reviewed by: gibbs
which caused the reference count of a directory to get doubly
decremented.
PR: bin/8030
Reviewed by: nate
Submitted by: Don Lewis <Don.Lewis@tsc.tdk.com>
<= 64 KB. Was able to dump/restore with block sizes of 96, 128 and
200. using systat -vmstat I noticed transfer blocksizes <= 64KB,
so physio's limits aren't touched.
Since this check was originally from me, I feels safe now to back it
out.
===================================
HARP | Host ATM Research Platform
===================================
HARP 3
What is this stuff?
-------------------
The Advanced Networking Group (ANG) at the Minnesota Supercomputer Center,
Inc. (MSCI), as part of its work on the MAGIC Gigabit Testbed, developed
the Host ATM Research Platform (HARP) software, which allows IP hosts to
communicate over ATM networks using standard protocols. It is intended to
be a high-quality platform for IP/ATM research.
HARP provides a way for IP hosts to connect to ATM networks. It supports
standard methods of communication using IP over ATM. A host's standard IP
software sends and receives datagrams via a HARP ATM interface. HARP provides
functionality similar to (and typically replaces) vendor-provided ATM device
driver software.
HARP includes full source code, making it possible for researchers to
experiment with different approaches to running IP over ATM. HARP is
self-contained; it requires no other licenses or commercial software packages.
HARP implements support for the IETF Classical IP model for using IP over ATM
networks, including:
o IETF ATMARP address resolution client
o IETF ATMARP address resolution server
o IETF SCSP/ATMARP server
o UNI 3.1 and 3.0 signalling protocols
o Fore Systems's SPANS signalling protocol
What's supported
----------------
The following are supported by HARP 3:
o ATM Host Interfaces
- FORE Systems, Inc. SBA-200 and SBA-200E ATM SBus Adapters
- FORE Systems, Inc. PCA-200E ATM PCI Adapters
- Efficient Networks, Inc. ENI-155p ATM PCI Adapters
o ATM Signalling Protocols
- The ATM Forum UNI 3.1 signalling protocol
- The ATM Forum UNI 3.0 signalling protocol
- The ATM Forum ILMI address registration
- FORE Systems's proprietary SPANS signalling protocol
- Permanent Virtual Channels (PVCs)
o IETF "Classical IP and ARP over ATM" model
- RFC 1483, "Multiprotocol Encapsulation over ATM Adaptation Layer 5"
- RFC 1577, "Classical IP and ARP over ATM"
- RFC 1626, "Default IP MTU for use over ATM AAL5"
- RFC 1755, "ATM Signaling Support for IP over ATM"
- RFC 2225, "Classical IP and ARP over ATM"
- RFC 2334, "Server Cache Synchronization Protocol (SCSP)"
- Internet Draft draft-ietf-ion-scsp-atmarp-00.txt,
"A Distributed ATMARP Service Using SCSP"
o ATM Sockets interface
- The file atm-sockets.txt contains further information
What's not supported
--------------------
The following major features of the above list are not currently supported:
o UNI point-to-multipoint support
o Driver support for Traffic Control/Quality of Service
o SPANS multicast and MPP support
o SPANS signalling using Efficient adapters
This software was developed under the sponsorship of the Defense Advanced
Research Projects Agency (DARPA).
Reviewed (lightly) by: phk
Submitted by: Network Computing Services, Inc.
Host ATM Research Platform (HARP), Network Computing Services, Inc.
This software was developed with the support of the Defense Advanced
Research Projects Agency (DARPA).
Add -v flag to newfs:
-v Specify that the partition does not contain any slices, and that
newfs should treat the whole partition as the file system. This
option is useful for synthetic disks such as ccd and vinum.
standard places ("/etc/objformat", ${OBJFORMAT}, argv) for an
indication of the user's preferred object file format. This
consolidates some code that was starting to be duplicated in more
and more places.
Use the new function in ldconfig.
Note: I don't think that gcc should use getobjformat(), even though
it could. The compiler should limit itself to functions that are
widespread, to ease porting and cross-compilation.
MAP_FAILED.
Don't try to extend the mapping in place if it is too short.
There's no guarantee it will be possible. Remap the file instead.
Put in a few style fixes.
Submitted by: Bruce Evans <bde>
a different file than the a.out hints, namely, "/var/run/ld-elf.so.hints".
These hints consist only of the directory search path. There is
no hash table as in the a.out hints, because ELF doesn't have to
search for the file with the highest minor version number. (It
doesn't have minor version numbers at all.)
A single run of ldconfig updates either the a.out hints or the ELF
hints, but not both. The set of hints to process is selected in
the usual way, via /etc/objformat, or ${OBJFORMAT}, or the "-aout"
or "-elf" command line option. The rationale is that you probably
want to search different directories for ELF than for a.out.
"ldconfig -r" is faked up to produce output like we are used to,
except that for ELF there are no minor version numbers. This should
enable "ldconfig -r" to be used for checking LIB_DEPENDS in ports
even for ELF.
I implemented the ELF functionality in a new source file, with an
eye toward eliminating the a.out code entirely at some point in
the future.
extremely useful for networking testing. Other options secured from
user-level D.O.S. attacks. -f, -s now root-only. -i wait times < 1.0
root-only. -c count limited to 100 and defaults to 16 when ping run
by non-root user.
bug was the cause of the 'freeing free frag' panics that people have been
seeing with FreeBSD/alpha. I have a similar patch to newfs but I've not
finished testing it.
support, which need a final "\n". I only observed one line of
mangled output, but I think there is another one which suffers
from the same problem, and thus I provide a patch that covers
both.
PR: 7483
Reviewed by: phk
Submitted by: Stefan Esser <se@FreeBSD.org>
Convert 1000000 usec to 1 sec 0 usec.
Use provided safe malloc (rtmalloc()) instead of malloc(): exit on allocation
failure.
Correct use of .Nm
Add usage() and use errx().
- nonstandard sector sizes didn't work because the sector size in the
ASCII label was not read before a (default, wrong) sector size was used.
- the exit status was 0 after exiting early due to an invalid ASCII label.
Abort `disklabel -B...' if the secondary bootstrap doesn't fit.
contain code that compare a char pointer with a char. As this
doesn't make much sense, it looks very much as if a '*' has been
dropped by mistake. I have made no analysis of the possible
consequences of the problem.
PR: 7319
Reviewed by: phk
Submitted by: Anders Thulin <Anders.X.Thulin@telia.se>
in rev.1.9). fsck uses the per-partition ffs-related information
in the label to find alternate superblocks when the main superblock
is hosed. Rev.1.9 broke this by deleting the code that wrote the
label.
PR: 2537
xref: fsck/setup.c rev.1.8
d_packname in in-core labels, so they are garbage if d_packname is
initialized in the dummy label for the whole disk. dsopen() will soon
initialize d_packname to "fictitious" if it is not already initialized.
Fixed nearby error handling. Rev.1.7 apparently confused Perror()
with perror().
them as ints. Among other bugs, doing so at best caused benign
overflow followed by fatal sign extension on machines with 32-bit
ints and 64-bit longs.
Any packet that can be matched by a ipfw rule can be redirected
transparently to another port or machine. Redirection to another port
mostly makes sense with tcp, where a session can be set up
between a proxy and an unsuspecting client. Redirection to another machine
requires that the other machine also be expecting to receive the forwarded
packets, as their headers will not have been modified.
/sbin/ipfw must be recompiled!!!
Reviewed by: Peter Wemm <peter@freebsd.org>
Submitted by: Chrisy Luke <chrisy@flix.net>
a "negative" option. This makes it equivalent to /not/ specifying "-c".
The compile time default is /not/ to have the NFSMNT_NOCONN flag set, so
"-o conn" should never be needed---truly a deprecated option :-).
PR: 6905.
with export lines where the same hostname was specified more than once
(this happens a lot with netgroups sometimes). Recently I discovered
that it needs to be hacked to deal with multiple instances of the
same IP address too.
I've been using this modification locally for several months with no
hassles.
(a) Note that the default securelevel value is -1, in -current and -stable.
(b) Mention kernel sysctl variable that controls securelevel.
(c) Add warning the `fsck' will fail if securelevel >= 2.
(d) Suggest end of /etc/rc as the right place to raise securelevel.
and one spelling fix.
PR: 2850