First one was incorrectly loading entries -- we were treating each file as
a mount, which resulted in huge mess. I have no excuse for how I didn't
catch this earlier.
Second, use the table name we create for the Veriexec sysctl node and not
the fixed "table0".
Both are fileassoc(9) integration fallout.
Both available for IPv4 and IPv6.
Basic implementation test results are available at
http://netbsd-soc.sourceforge.net/projects/ecn/testresults.html.
Work sponsored by the Google Summer of Code project 2006.
Special thanks to Kentaro Kurahone, Allen Briggs and Matt Thomas for their
help, comments and support during the project.
Fix MOBILE encapsulation. Add many debugging printfs (mainly
concerning UDP mode). Clean up the gre(4) code a bit. Add the
capability to setup UDP tunnels to ifconfig. Update documentation.
In UDP mode, gre(4) puts a GRE header onto transmitted packets,
and hands them to a UDP socket for transmission. That is, the
encapsulation looks like this: IP+UDP+GRE+encapsulated packet.
There are two ways to set up a UDP tunnel. One way is to tell the
source and destination IP+port to gre(4), and let gre(4) create
the socket. The other way to create a UDP tunnel is for userland
to "delegate" a UDP socket to the kernel.
auto flag, which queries all local harddisks for swap partitions/
wedges and adds/removes them as swap device, a -f option to use the
first found swap device as dump device, and a -o option to only
auto-configure the dump device, but leave swap alone.
Add a -n option to make swapctl only say what it would do, but not
change any system state.
struct disklabel.
Functionality lost:
1. struct disklabel used to be updated to contain bsize, fsize, cpg.
This information was used to locate the alternative superblock in
the filesystem if the primary superblock was corrupted. We need
to find a new place to store this information if we need this
functionality.
2. On vax SMD drives that contained bad sector lists, the newfs program
knew how to get the offset and skip to the correct location in order
to place the label.
so that we don't run multiple fsck's on the same spindle at the same time!
- Add some partition getting utilities that are wedge aware (soon to be able
to use the native geometry ioctl), so that we can fsck wedges.
is NOT disarmed when wdogctl closes the watchdog device. The -x
mode protects against the case where the kernel kills wdogctl,
sshd, and other essential userland programs (due to memory exhaustion,
for example), lobotomizing a mission-critical NetBSD system and
necessitating an operator visit to reboot it.
dogcow