diff options
author | bmah <bmah@FreeBSD.org> | 2001-06-04 18:57:54 +0000 |
---|---|---|
committer | bmah <bmah@FreeBSD.org> | 2001-06-04 18:57:54 +0000 |
commit | a29bf32a53fc6422fd252b926210c5085102c70d (patch) | |
tree | 54cee80e7f69c75750a50fd928821259513660e9 /release | |
parent | a28a87bd618dab10608015d41de272cc70121161 (diff) | |
download | FreeBSD-src-a29bf32a53fc6422fd252b926210c5085102c70d.zip FreeBSD-src-a29bf32a53fc6422fd252b926210c5085102c70d.tar.gz |
New release notes: ti(4) and xl(4) VLAN fixes, RFC 1323/1644 workaround
for old terminal services, IP multicast on VLAN devices works, IPv4
fragmentation denial-of-service mitigation, diskcheckd(8).
Diffstat (limited to 'release')
-rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/article.sgml | 26 | ||||
-rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/common/new.sgml | 26 | ||||
-rw-r--r-- | release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml | 26 |
3 files changed, 78 insertions, 0 deletions
diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml index de9bffe..8e55594 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml @@ -316,6 +316,12 @@ and Addtron. Jumbograms and TCP/IP checksum offload on receive are supported, although hardware VLAN filtering is not.</para> + <para>The &man.xl.4; driver now supports reception of VLAN + tagged frames (on the <quote>Cyclone</quote> or newer + chipsets). &merged;</para> + + <para>The &man.ti.4; driver correctly masks VLAN tags. &merged;</para> + </sect3> <sect3> @@ -371,6 +377,12 @@ <para>TCP now has RFC 1323 extensions enabled by default in &man.rc.conf.5;. &merged;</para> + <para>RFC 1323 and RFC 1644 TCP extensions are now disabled for a + connection in progress if no response has been received by the + third SYN segment sent. This behavior tries to work around + (very old) terminal servers with buggy VJ header compression + implementations.</para> + <para>A new sysctl <literal>net.inet.ip.check_interface</literal>, which is on by default, causes IP to verify that an incoming packet arrives on an interface that has an address matching the @@ -405,6 +417,9 @@ packets, since the default behaviour is to increment a counter for each packet sent.</para> + <para>IP multicast now works on VLAN devices. Several other + bugs in the VLAN code have also been fixed.</para> + </sect3> <sect3> @@ -787,6 +802,11 @@ <para>Initial sequence numbers in TCP are more thoroughly randomized (see security advisory FreeBSD-SA-01:39). &merged;</para> + + <para>The new <varname>net.inet.ip.maxfragpackets</varname> sysctl + variable limits the amount of memory that can be consumed by IPv4 + packet fragments, which defends against some denial of service + attacks.</para> </sect2> <sect2> <title>Userland Changes</title> @@ -1375,6 +1395,12 @@ <para>&man.whois.1; now directs queries for IP addresses to ARIN.</para> + <para>A new utility &man.diskcheckd.8; has been added; it is a + daemon which runs in the background, reading entire disks to find + any read errors on those disks. Its behavior at startup time can + be controlled by the <varname>diskcheckd_enable</varname> variable + in &man.rc.conf.5;.</para> + <sect3> <title>Contributed Software</title> diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml index de9bffe..8e55594 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml @@ -316,6 +316,12 @@ and Addtron. Jumbograms and TCP/IP checksum offload on receive are supported, although hardware VLAN filtering is not.</para> + <para>The &man.xl.4; driver now supports reception of VLAN + tagged frames (on the <quote>Cyclone</quote> or newer + chipsets). &merged;</para> + + <para>The &man.ti.4; driver correctly masks VLAN tags. &merged;</para> + </sect3> <sect3> @@ -371,6 +377,12 @@ <para>TCP now has RFC 1323 extensions enabled by default in &man.rc.conf.5;. &merged;</para> + <para>RFC 1323 and RFC 1644 TCP extensions are now disabled for a + connection in progress if no response has been received by the + third SYN segment sent. This behavior tries to work around + (very old) terminal servers with buggy VJ header compression + implementations.</para> + <para>A new sysctl <literal>net.inet.ip.check_interface</literal>, which is on by default, causes IP to verify that an incoming packet arrives on an interface that has an address matching the @@ -405,6 +417,9 @@ packets, since the default behaviour is to increment a counter for each packet sent.</para> + <para>IP multicast now works on VLAN devices. Several other + bugs in the VLAN code have also been fixed.</para> + </sect3> <sect3> @@ -787,6 +802,11 @@ <para>Initial sequence numbers in TCP are more thoroughly randomized (see security advisory FreeBSD-SA-01:39). &merged;</para> + + <para>The new <varname>net.inet.ip.maxfragpackets</varname> sysctl + variable limits the amount of memory that can be consumed by IPv4 + packet fragments, which defends against some denial of service + attacks.</para> </sect2> <sect2> <title>Userland Changes</title> @@ -1375,6 +1395,12 @@ <para>&man.whois.1; now directs queries for IP addresses to ARIN.</para> + <para>A new utility &man.diskcheckd.8; has been added; it is a + daemon which runs in the background, reading entire disks to find + any read errors on those disks. Its behavior at startup time can + be controlled by the <varname>diskcheckd_enable</varname> variable + in &man.rc.conf.5;.</para> + <sect3> <title>Contributed Software</title> diff --git a/release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml index de9bffe..8e55594 100644 --- a/release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml +++ b/release/doc/en_US.ISO_8859-1/relnotes/common/new.sgml @@ -316,6 +316,12 @@ and Addtron. Jumbograms and TCP/IP checksum offload on receive are supported, although hardware VLAN filtering is not.</para> + <para>The &man.xl.4; driver now supports reception of VLAN + tagged frames (on the <quote>Cyclone</quote> or newer + chipsets). &merged;</para> + + <para>The &man.ti.4; driver correctly masks VLAN tags. &merged;</para> + </sect3> <sect3> @@ -371,6 +377,12 @@ <para>TCP now has RFC 1323 extensions enabled by default in &man.rc.conf.5;. &merged;</para> + <para>RFC 1323 and RFC 1644 TCP extensions are now disabled for a + connection in progress if no response has been received by the + third SYN segment sent. This behavior tries to work around + (very old) terminal servers with buggy VJ header compression + implementations.</para> + <para>A new sysctl <literal>net.inet.ip.check_interface</literal>, which is on by default, causes IP to verify that an incoming packet arrives on an interface that has an address matching the @@ -405,6 +417,9 @@ packets, since the default behaviour is to increment a counter for each packet sent.</para> + <para>IP multicast now works on VLAN devices. Several other + bugs in the VLAN code have also been fixed.</para> + </sect3> <sect3> @@ -787,6 +802,11 @@ <para>Initial sequence numbers in TCP are more thoroughly randomized (see security advisory FreeBSD-SA-01:39). &merged;</para> + + <para>The new <varname>net.inet.ip.maxfragpackets</varname> sysctl + variable limits the amount of memory that can be consumed by IPv4 + packet fragments, which defends against some denial of service + attacks.</para> </sect2> <sect2> <title>Userland Changes</title> @@ -1375,6 +1395,12 @@ <para>&man.whois.1; now directs queries for IP addresses to ARIN.</para> + <para>A new utility &man.diskcheckd.8; has been added; it is a + daemon which runs in the background, reading entire disks to find + any read errors on those disks. Its behavior at startup time can + be controlled by the <varname>diskcheckd_enable</varname> variable + in &man.rc.conf.5;.</para> + <sect3> <title>Contributed Software</title> |