Commit Graph

3760 Commits

Author SHA1 Message Date
mason 662fbfe2f1 Removed redundant / extra prototypes. 2000-07-12 22:36:12 +00:00
ad a90951c0f1 Xr newsyslog. 2000-07-11 12:43:50 +00:00
itojun 608c7038b1 sync with latest kame. wording and .Nm/.Xr clearifications. 2000-07-10 08:58:31 +00:00
mellon 803abd7fc5 Actually fix a bug I thought I'd alread fixed 2000-07-09 07:04:10 +00:00
itojun f85b415274 sync with more recent kame.
- fix memory leak with realloc()
- warn if we see packets with junk outside of IPv6 prefix length
- cosmetic
2000-07-09 03:06:18 +00:00
mellon f1157334e4 Oops, fix one more conflict. 2000-07-08 20:53:57 +00:00
mellon d1340e80d6 Fix conflicts in latest import. 2000-07-08 20:52:11 +00:00
mellon f1127576c6 Latest revision of the ISC DHCP Distribution, with many bug fixes. 2000-07-08 20:40:10 +00:00
itojun b44d184dec permit square-bracket notation (as in RFC2732) for the first element
in inetd.conf.  otherwise, we'll have (minor) problem putting IPv6 address in.
sync with kame.

[::1]:ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
2000-07-08 01:55:24 +00:00
itojun bbef2fbaac errx?/warnx? audit. do not pass variable alone, use %s. idea from openbsd 2000-07-07 15:10:32 +00:00
itojun 7bf16d3ecc explicitly check if the address family is supported, by using socket(2). 2000-07-07 14:56:45 +00:00
enami 2fffbc9c4c No space is allowed between owner and optional :group. 2000-07-07 13:21:32 +00:00
itojun fed1a1bf38 warnx?/errx? audit (don't pass variable alone). from openbsd. 2000-07-07 12:22:32 +00:00
itojun 7ebfc079d9 syslog() audit - do not use it with a variable alone. from openbsd 2000-07-07 11:39:41 +00:00
hubertf 0379a1727a remove/hide some debugging code 2000-07-06 16:06:36 +00:00
itojun 19a4d0910c sync with sys/netinet/icmp6.h change (no bitfield for router renumber).
more logging.  improve error handling/garbage collection.  sync with kame.
2000-07-06 12:37:56 +00:00
enami 3268786888 - Process all passed option rather than ignoring silently except the first one.
- Centerize the check whether an interface is specified.
- Print maximum data length.
- Swap wi_type and wi_code in struct wi_table so that wi_type matches with
  wi_type in wi_req.
2000-07-06 03:37:26 +00:00
itojun 4941865cd4 setproctitle fix. from openbsd 2000-07-05 22:21:15 +00:00
hubertf 7ca7a7f658 Only calculate MD5 checksum for plain files.
As a side effect, fixes handlink of links to dirs.
2000-07-05 20:18:16 +00:00
hubertf 2b35b3d322 * Move comment around a bit
* Document some return code
2000-07-05 20:17:04 +00:00
itojun 31431ac193 always use %s for setproctitle. from openbsd-current 2000-07-05 17:59:58 +00:00
msaitoh f6f00e2615 remove extra period in SEE ALL section 2000-07-05 15:45:28 +00:00
itojun 358c3cf8dc more change on getaddrinfo error handling.
XXX enami, I admit it is not a good thing to check the error code from
getaddrinfo.  it is sometimes mandatory, however.  gai_strerror message
can be too generic in some cases.  we can't really extend getaddrinfo,
as it was not invented by kame (see RFC2553)
2000-07-05 12:43:06 +00:00
matt 3ab02a8704 More #include <stdlib.h> string, etc. cleanup 2000-07-04 20:27:35 +00:00
thorpej 6851dd879b Update ifconfig example to show that the interface has to be created. 2000-07-04 20:08:32 +00:00
itojun e9bf9cf7a1 allow faithd(8) to be invoked via inetd(8), just like tcpd (of tcp_wrappers).
sync with kame.

benefits: allows us to access-control inbound traffic by using hosts.allow(5).
possible drawbacks: inetd mode has no chance for multi-connection-per-single-
process enhancement.  current faithd(8) needs 1 process per 1 connection
anyways.
2000-07-04 13:28:13 +00:00
itojun 798ee6865c add faithd(8) support. with "faith/tcp6" protocol specification,
it will open a socket with setsockopt(IPV6_FAITH).
2000-07-04 13:25:39 +00:00
itojun 9282955dca emit more friendly message on nonexistent service name.
From: enami
2000-07-04 09:33:55 +00:00
enami e9aaacc880 If the line wasn't for the client we are looking for, skip it.
While I'm here, I indented the continuation line properly.
2000-07-04 08:18:44 +00:00
itojun 0b740ef377 beautify SYNOPSIS section with .Bk - .Ek pair.
correctly describe "no option" behavior (show 802.11 setting).
add comment about statistics update delay (-o).

TODO: should put \n after sentences
2000-07-04 05:20:03 +00:00
itojun 0f20cdad3f check for mux service by ISMUX(), not by != NORM_TYPE
(the assumption can bite us if we extend se_type to have more cases).
2000-07-03 23:40:59 +00:00
itojun ee1989a0d1 remove duplicated ipsec setup code. we always call setup() on
socket reinitialization (like SIGHUP).
sync with kame.
2000-07-03 23:37:17 +00:00
enami 6412403c8a Fix few typos. 2000-07-03 10:16:10 +00:00
enami 8ab9946e10 Substitute the cross reference to portmap(8) with rpcbind(8). 2000-07-03 10:06:24 +00:00
itojun 1f62fd302f add more security notice about relaying rsh/rlogin taffic. (sync with kame) 2000-07-03 08:37:20 +00:00
enami d985c8daa6 Don't hardcode like "[ -v 1|2|3|4 ]". 2000-07-03 08:31:22 +00:00
enami 511d11787c Use .Ar macro for the flag arguments. 2000-07-03 05:21:19 +00:00
itojun f244aa6821 correct usage of route(8) in example. 2000-07-02 09:17:30 +00:00
jwise ea7e9f5176 Fix minor thinko in previous. Make sure we close and keep closed all
sockets in the situation where all of the following are true:

	* /etc/syslogd.conf contained forwarding actions when we were
	  started up or when we last received a HUP

	* /etc/syslogd.conf has had all forwarding actions removed

	* we are running with -s

and we receive a HUP.
2000-07-02 02:15:34 +00:00
augustss 826490bf58 Indicate that the device argument is not mandatory. 2000-07-02 00:55:47 +00:00
itojun a847ca3ad6 be more careful about arg to errx?/warnx? (do not pass variable directly,
it may contain "%").  from openbsd, via kame.
2000-06-30 18:58:42 +00:00
jwise 37b8137c99 Remove caveat about behavior of `syslogd -s' when forwarding rules are
present -- this behavior has been fixed.
2000-06-30 18:52:24 +00:00
jwise 9b22831fbc Fix opening/closing of sockets when receiving a HUP, and /etc/syslog.conf
has been changed from having forwarding actions to having none, or vice versa.
2000-06-30 18:45:04 +00:00
jwise ccb04760be Improve behavior of `syslogd -s'.
Even if we are forwarding, don't bind to udp/514 if running with `-s'.
2000-06-30 18:22:54 +00:00
jwise 20abf1785a Back out and redo previous at Bill Sommerfeld's <sommerfeld@netbsd.org>
request:

	instead of the -S flag, fix the -s flag to not open a socket
	if there are no forwarding rules in /etc/syslog.conf

The behavior of syslogd when -s is specified and there are forwarding rules
should still be made cleaner.
2000-06-30 18:03:50 +00:00
thorpej 0ef2c35ee6 gifconfig(8) is obsolete; functionality has been added to
ifconfig(8).
2000-06-30 18:02:32 +00:00
jwise 3258a51b03 1.) bring usage text up to date, and clarify description of `-s' option
in man page and comments -- for some time it has no longer prevents
    an inet socket from being opened, just caused it to be ignored

2.) Fix this problem with `-s' -- syslogd always opens an inet socket, even if
    -s is specified and it has nowhere to send to.  This socket is then
    shutdown(), but there is no way to not have this socket open.

    Users setting up paranoid installations can now specify `-S' which
    prevents any non-unix-domain sockets from being opened, even if
    forwarding is specified in /etc/syslogd.conf.

    As per the previous fix, this is not made the default for `-s', as it
    also prevents syslogd from forwarding log messages.

3.) document the above in the man page and usage.

Justification:  in light of the possibility of future DoS attacks, or the
desire to set up a machine which is relatively uninformative in the face
of port scans, users may quite legitimately want to control what sockets
are open on their machine.  Telling such users that they cannot run
syslogd is non-ideal.
2000-06-30 17:32:43 +00:00
itojun 7f153848ab use %s with syslog, to prevent abuse. from: deraadt (sync with kame) 2000-06-29 01:24:11 +00:00
onoe cb94bf1d45 Update the description of available channel for Japan.
The regulations has been changed to adopt 802.11b since Oct. 99.
For 11Mbps NICs sold in Japan, all DS channels (1..14) are available.
2000-06-28 10:07:05 +00:00
thorpej c1b4b34401 Add support for globbing when matching the host name in the
bootparams(5) file, a'la Solaris.  This is extremely useful
for configuring Jumpstart servers.

From Dan Mercer <dmercer@zembu.com>.
2000-06-28 01:30:56 +00:00