Commit Graph

10817 Commits

Author SHA1 Message Date
wiz
8f7d248eb8 Wording, typo fixes. 2014-05-15 23:52:32 +00:00
rmind
e05005e0b3 NPF: imply SYN-only check for the stateful rules by default (when inspecting
TCP packets).  Many users trip here.  This behaviour can be overriden with the
explicit "flags" keyword, but other configuration does not really make sense.
2014-05-15 02:34:29 +00:00
rmind
7da3b338d7 npftest: fix the example in the README file. 2014-05-14 21:46:50 +00:00
mrg
4460048395 don't apply "ptyfsoldnodes" if /dev/pts does not exist, even if ptyfs
is listed in /etc/fstab.  without this, postinstall happily removes
all your ptys leaving you with none at all.  return an error if we
have ptyfs in /etc/fstab, but no /dev/pts.
2014-04-25 00:23:26 +00:00
christos
5f78e43780 Pass a file pointer to write data instead of writing to stdout.
No functional change.
2014-04-24 17:22:41 +00:00
christos
29f735df08 remove -v no/op 2014-04-22 15:55:16 +00:00
khorben
fa8ee723bd Use base 10 when logging the exit status or exit signal for sub-processes,
instead of hexadecimal.
2014-04-05 23:36:10 +00:00
gson
815d09e5bc When daemonizing, delay the parent exit until the daemon is ready to
provide service.  Fixes a race that is a third possible cause of
PR misc/48282, in addition to the ones in rpc.rquotad and nfsd that
were fixed earlier.
2014-04-04 12:45:59 +00:00
christos
ef020f85b5 say why we can't use the password or the group databases. 2014-03-31 00:00:22 +00:00
skrll
217c0eb552 Build everything on all arm variants 2014-03-30 07:29:22 +00:00
joerg
d101c0e239 Fix syntax (hi apb!) 2014-03-29 22:45:31 +00:00
apb
34bb1ddc72 Add a statuslen argument to get_pr_status(), and use it
as the length in a call to strlcpy().  The previous code would
have used the size of a pointer as the length.
2014-03-29 18:54:36 +00:00
apb
a88920f53c sizeof(pointer) is not a good buffer length to pass to strlcat.
Introduce a new variable, clntpathmaxlen, to hold the correct
buffer length, and pass that to strlcat.

The incorrect buffer length would have caused <filename>.<hostname>
lookups to fail.
2014-03-29 18:23:00 +00:00
gson
da700ef1b2 When daemonizing, delay the parent exit until the daemon is
ready to provide service.  Fixes one of the race conditions
of PR misc/48282.
2014-03-29 13:50:53 +00:00
skrll
3cebbec2c7 Simplify 2014-03-29 09:36:18 +00:00
joerg
778b2846d2 Don't modify format string, use asprintf to format the original msg and
syslog the result.
2014-03-25 21:07:59 +00:00
joerg
005b3ff4b3 Don't cast to time_t just to implicitly cast to uint32_t next. 2014-03-25 17:17:44 +00:00
hannken
f3cf481632 - Make VI_XLOCK, VI_CLEAN and VI_LOCKSHARE private to kern/vfs_*.c.
- Make vwait() static.
- Add  vdead_check() to check a vnode for being or becoming dead.

Discussed on tech-kern.

Welcome to 6.99.38
2014-03-24 13:42:40 +00:00
riastradh
c14008e496 Don't choke on an assertion for an RSDT with a null address entry. 2014-03-20 14:39:43 +00:00
roy
263486c97b If IPv6 is disabled for an interface, mark all addresses as tentative.
If enabled, check for a duplicated link-local address and abort enabling
as per RFC 4862, section 5.4.5. If allowed to enable, perform DAD
on the tentative addresses.

Taken from FreeBSD.
2014-03-20 13:34:35 +00:00
dsl
0f00e137a7 Change previous to use uint32_t for 'interval'.
The value is a random interval in usec obtained by reducing a uint32_t
  value modulo 1000000 (multiplied by a delay in seconds of 1).
The value is then being split into secs+usec and assigned to a timeval
  (and an interval).
With -Wsign-conversion the type has to be either an unsigned 32bit
  type, or a signed 64bit one.  This is just plain stupid.
Warning about conversions between signed and unsigned types really
  only makes sense if the compiler is dynamically tracking the domain
  of the value.
2014-03-18 20:39:55 +00:00
christos
23b7b4606f use time_t for time 2014-03-18 19:30:09 +00:00
riastradh
6cb10275d0 Merge riastradh-drm2 to HEAD. 2014-03-18 18:20:35 +00:00
christos
5fe0c59dd8 KNF, bump warns, fix warnings to print the program name. 2014-03-18 00:16:49 +00:00
riastradh
4ec7cf26b7 Convert right-recursive rules to left-recursive ones.
This should obviate the need for the workaround of a large stack in
order to handle many rules.

No change in the resulting plists.

ok rmind
2014-03-15 15:22:37 +00:00
rmind
f1567f86d3 npfctl_bpf_cidr: another buf fix in handling IPv6 masks (bug found on ARM). 2014-03-15 08:46:01 +00:00
rmind
167f6f25d6 NPF: add support for "stateful-ends". 2014-03-14 11:29:44 +00:00
martin
4765e08d28 Fix wrong variable name, PR bin/48647 from Jim Bernard. 2014-03-08 16:36:24 +00:00
joerg
5c4c6caf71 Make the abs() use check non-fatal for a bogus use in the LFS cleanerd. 2014-03-04 21:06:47 +00:00
joerg
4f76b089a9 Don't use abs on unsigned values. 2014-02-27 17:43:35 +00:00
joerg
33ddbd4a4d Expect long long to be larger than uint32_t and use llabs after casting
the uint32_t.
2014-02-27 17:43:02 +00:00
skrll
6d3ceb1d61 Rename NetBSD/hp700 to NetBSD/hppa.
Unfortunately our VCS isn't very helpful here.
2014-02-24 07:23:38 +00:00
szptvlfn
4893e5b805 Update URL 2014-02-19 09:13:21 +00:00
rmind
27b83b3d9e npfctl_print_nat: fix the byte-order of the port. 2014-02-19 01:43:16 +00:00
rmind
247d861365 npfctl: take into account all addresses when multiple interfaces are
specified in a set of elements.
2014-02-17 00:45:24 +00:00
jmmv
d90ac76afc Fix path to atf-run.hooks after import of atf-0.19.
Problem found by martin@.  Not spotted by me, I think, because I always use
postinstall on an etc.tgz file and forgot about this code path.
2014-02-15 01:54:17 +00:00
rmind
a732dba5fc G/C some todo items 2014-02-14 02:01:12 +00:00
rmind
d199f930bb Document NAT algorithm option in the grammar of "map". 2014-02-14 01:52:58 +00:00
rmind
068cee2998 NPF: add support for IPv6-to-IPv6 Network Prefix Translation (NPTv6),
as per RFC 6296.  Add a unit test.  Also, bump NPF_VERSION.

Thanks to S.P.Zeidler for the help with NPTv6 work!
2014-02-13 03:34:40 +00:00
rmind
82f6ff32b1 npfctl_bpf_cidr: fix a bug in handling of smaller IPv6 masks. 2014-02-13 00:42:01 +00:00
rmind
1e2389ed0b npfctl_print_table: add a "cdb" type. 2014-02-12 01:42:50 +00:00
chs
49d6a7c368 in update_db(), extract the full list of files to update from the db
before actually updating anything, since changing the db while the query
that extracts the list of files is still in progress results in
the extraction query failing before it finds everything.
2014-02-10 00:23:36 +00:00
rmind
8b83480d27 NPF:
- Adjust the syntax - remove "inet" keyword in favour of more explicit
  "inet4" for the address family.  Consistent with "inet6" for IPv6.
- Adjust and improve the man page a little bit.
2014-02-08 01:20:09 +00:00
rmind
8274d601f9 NPF: add support for static (stateless) NAT. 2014-02-07 23:45:22 +00:00
christos
61a4b10e07 fix vax build. 2014-02-06 18:48:09 +00:00
wiz
83d796ca12 Update count. Add serial comma. 2014-02-06 07:36:36 +00:00
rmind
ffcdc4af8d Add support for CDB based NPF tables. 2014-02-06 02:51:28 +00:00
rmind
e43f79569a npftest: fix previous harder - pass and use libc's random(3). 2014-02-05 03:49:48 +00:00
rmind
bb1fedd189 npftest: fix the failure of NAT test -- adjust for RUMP's conversion to
the in-kernel CPRNG (hi pooka!).
2014-02-05 03:30:13 +00:00
rmind
55b0c96054 - npfctl: fix table IDs (breakage since the table naming was added).
- libnpf: remove npf_table_exists_p() from public API.
2014-02-03 02:21:52 +00:00