summaryrefslogtreecommitdiffstats
path: root/etc/network.subr
Commit message (Collapse)AuthorAgeFilesLines
...
* Upgraded launchpad for kerberos. Noe kerberos IV OR kerberos 5markm2001-07-281-9/+26
| | | | may be started at boot for kerberos servers.
* Create gif devices in the "gifconfig" stage while configuring them.brooks2001-07-021-1/+1
| | | | | | Reviewed by: ru, ume Obtained from: NetBSD MFC after: 1 week
* Fix misindented esac.schweikh2001-06-161-1/+1
| | | | MFC after: 1 week
* Sync with recent KAME.ume2001-06-111-1/+1
| | | | | | | | | | | | | | | | | | This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks
* Add a missing \nbrian2001-06-101-1/+1
| | | | | | Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de> PR: 28014 MFC after: 1 week
* Move gif_interfaces from an IP6 option to a regular IP option.brian2001-06-031-0/+23
| | | | | | PR: 26543 Submitted by: Brooks Davis <brooks@one-eyed-alien.net> MFC after: 3 weeks
* Restore the RSA host key to /etc/ssh/ssh_host_key.obrien2001-05-181-8/+3
| | | | Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
* Link /etc/ssh/ssh_host_key to /etc/ssh/ssh_host_rsa_key to deal withjesper2001-05-161-2/+7
| | | | | | | gratutious changes in the latest SSH Reviewed by: obrien Approved by: obrien
* s/ssh_host_key/ssh_host_rsa_key/ since that is what openssh uses nowpeter2001-05-091-2/+2
| | | | after a mergemaster.
* Axe TCP_RESTRICT_RST. It was never a particularly good idea except for a fewdes2001-03-191-7/+0
| | | | | | | very specific scenarios, and now that we have had net.inet.tcp.blackhole for quite some time there is really no reason to use it any more. (second of three commits)
* Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) andalfred2001-03-191-112/+118
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | associated changes that had to happen to make this possible as well as bugs fixed along the way. Bring in required TLI library routines to support this. Since we don't support TLI we've essentially copied what NetBSD has done, adding a thin layer to emulate direct the TLI calls into BSD socket calls. This is mostly from Sun's tirpc release that was made in 1994, however some fixes were backported from the 1999 release (supposedly only made available after this porting effort was underway). The submitter has agreed to continue on and bring us up to the 1999 release. Several key features are introduced with this update: Client calls are thread safe. (1999 code has server side thread safe) Updated, a more modern interface. Many userland updates were done to bring the code up to par with the recent RPC API. There is an update to the pthreads library, a function pthread_main_np() was added to emulate a function of Sun's threads library. While we're at it, bring in NetBSD's lockd, it's been far too long of a wait. New rpcbind(8) replaces portmap(8) (supporting communication over an authenticated Unix-domain socket, and by default only allowing set and unset requests over that channel). It's much more secure than the old portmapper. Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded to support TI-RPC and to support IPV6. Umount(8) is also fixed to unmount pathnames longer than 80 chars, which are currently truncated by the Kernel statfs structure. Submitted by: Martin Blapp <mb@imp.ch> Manpage review: ru Secure RPC implemented by: wpaul
* * Add an eval so that ipnat_flags=">/dev/null" works, per the PRdougb2000-12-171-3/+5
| | | | | | | * Do some line length and specify full path cleanups while I'm here PR: conf/22937 Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
* Apply a more consistent style to the echo statements in /etc/ scripts.dougb2000-12-171-10/+10
| | | | | | | | | | * Put quotes around each line * Single quotes for lines with no variable interpolation * Double quotes if there is * Capitalize each word that begins a line * Make echo -n 'Doing foo:' ... echo '.' more of a standard No functionality changes
* Fixed the reporting of ip_portrange_{first|last}.ru2000-10-121-2/+2
|
* Add copyright notices. Other systems have been barrowing our /etc filesobrien2000-10-081-0/+25
| | | | w/o giving any credit.
* This brings support for IP Filter into rc.network and rc.conf withdarrenr2000-10-061-0/+31
| | | | | | | | | | | | the appropriate documentation added to rc.conf(5). If all goes well with this over the next few weeks, the PR will be closed with the pullup of patches back to 4-STABLE. PR: 20202 Submitted by: Gerhard Sittig <Gerhard.Sittig@gmx.net> Reviewed by: Darren Reed <darrenr@freebsd.org> Approved by: Darren Reed <darrenr@freebsd.org> Obtained from: Gerhard Sittig <Gerhard.Sittig@gmx.net>
* Use su -m instead of just su to avoid reading the users login profilebrian2000-09-281-1/+1
|
* Add nsswitch support. By creating an /etc/nsswitch.conf file, you cannectar2000-09-061-0/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | configure FreeBSD so that various databases such as passwd and group can be looked up using flat files, NIS, or Hesiod. = Hesiod has been added to libc (see hesiod(3)). = A library routine for parsing nsswitch.conf and invoking callback functions as specified has been added to libc (see nsdispatch(3)). = The following C library functions have been modified to use nsdispatch: . getgrent, getgrnam, getgrgid . getpwent, getpwnam, getpwuid . getusershell . getaddrinfo . gethostbyname, gethostbyname2, gethostbyaddr . getnetbyname, getnetbyaddr . getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr = host.conf has been removed from src/etc. rc.network has been modified to warn that host.conf is no longer used at boot time. In addition, if there is a host.conf but no nsswitch.conf, the latter is created at boot time from the former. Obtained from: NetBSD
* Fix a whitespace bogon.jhb2000-08-161-1/+1
|
* Allow a ppp_user specification to run ppp at startupbrian2000-08-101-8/+9
| | | | PR: 20258
* Add to, don't overwrite, user-settable mountd_flags.nbm2000-07-141-1/+1
| | | | | PR: conf/15745 Submitted by: Vivek Khera <khera@kciLink.com>
* Add ip_portrange_first and ip_portrange_last rc.conf/rc.networkdillon2000-06-221-0/+19
| | | | | | | options. This allows you to set the standard dynamic port assignment range prior to any network daemons (like named) starting up, necessary if you are also using a firewall to restrict lower ports. will be MFC'd in a few days
* Add ipsec_enable and ipsec_file options to run IPSEC's setkey programdillon2000-05-161-0/+11
| | | | with the specified configuration file at the appropriate time.
* Remove extraneous ";;" in previous commitkris2000-05-151-1/+0
| | | | Submitted by: jedgar
* Create a DSA host key if one does not already exist, and teach sshd_configkris2000-05-151-1/+6
| | | | about it.
* Add firewall_logging knob to enable/disablle events logging, disabledache2000-05-061-0/+10
| | | | | by default. Needed mainly for ipfw kernel module to enable logging disabled there.
* Add a sysctl to specify the amount of UDP receive space NFS shoulddillon2000-03-271-0/+5
| | | | | | | | | | | reserve, in maximal NFS packets. Originally only 2 packets worth of space was reserved. The default is now 4, which appears to greatly improve performance for slow to mid-speed machines on gigabit networks. Add documentation and correct some prior documentation. Problem Researched by: Andrew Gallatin <gallatin@cs.duke.edu> Approved by: jkh
* cosmetic fix - add a space.jkh2000-02-291-1/+1
|
* Get the order of things right; the keys need to be generatedmarkm2000-02-281-4/+0
| | | | | early to allow entropy to replenish. sshd must start late to catch the full effects of ldconfig.
* Generate new sshd host key when necessary. I'm tired ofjkh2000-02-281-1/+7
| | | | waiting for someone to commit this. :)
* Run sshd at boot time if the sysadmin wants it. Also installmarkm2000-02-241-0/+7
| | | | ssh[d] config files in the right place.
* Approved by: jkhhm2000-02-061-10/+10
| | | | | | | | | | | Reviewed by: joerg The isdnd is able to listen on a socket for isdnmonitor to connect to it to remotely control it (similar to ppp and pppctl). When this is enabled in the isdnd config file, it will fail currently because isdnd is started before the network interfaces are configured. It is necessary to move the isdnd start after the ifconfig of the network interfaces, then this problem will not occur.
* This is another in Martin Blapp's N-series of mount-related cleanups :)green2000-01-151-0/+7
| | | | | | | | | | | | | Changes are: - rpc.umntall is called at the right places now in /etc/rc* - rpc.umntall timeout has been lowered from two days (too high) to one - verbose messages in rpc.umntall have been clarified - kill double entries in /var/db/mounttab when rpc.umntall is invoked - ${early_nfs_mounts} has been removed from /etc/rc - patched mount(8) -p to print different pass/dump values for ufs filesystems. (last patch recieved from dan <bugg@bugg.strangled.net>) Submitted by: Martin Blapp <mbr@imp.ch>, dan <bugg@bugg.strangled.net>
* xntpd -> ntpd.roberto1999-12-171-1/+1
| | | | Submitted by: ru
* Suport multiple ``ifconfig_*?="DHCP"'' configurations.obrien1999-12-121-11/+19
| | | | | | | | | Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
* Oops, typobrian1999-11-231-1/+1
|
* Add pppoed startup optionsbrian1999-11-231-0/+10
|
* Add network pass4 - after all local (/usr/local/etc/rc.d f.e.)ache1999-11-171-10/+16
| | | | | | daemons started. Move log_in_vain option there. It is needed to avoid lot of connections to port 80 logged on production WWW server prior Apache started from /usr/local/etc/rc.d
* Add single_mountd_enable hook to run mountd but not NFS serverache1999-11-141-0/+17
| | | | Needed for machine with CFS but without real NFS
* Make the firewall file variable space-safe.green1999-09-191-2/+2
|
* Apply a consistent style to most of the etc scripts. Particularly, usesheldonh1999-09-131-377/+551
| | | | | | | | | case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
* Add the net.inet.tcp.restrict_rst and net.inet.tcp.drop_synfin sysctldes1999-09-121-0/+10
| | | | | variables, conditional on the TCP_RESTRICT_RST and TCP_DROP_SYNFIN kernel options, respectively. See the comments in LINT for details.
* -background is also a legitimate ppp mode. Don't change it to -auto.peter1999-09-011-1/+2
|
* $Id$ -> $FreeBSD$peter1999-08-271-1/+1
|
* Catch an extra X on DHCP.jkh1999-08-271-2/+2
| | | | Spotted by the eagle eyes of: Pierre DAVID <Pierre.David@prism.uvsq.fr>
* Style clean-up:sheldonh1999-08-251-60/+60
| | | | | | | | | | | | | | | | * All variables are now embraced: ${foo} * All comparisons against some value now take the form: [ "${foo}" ? "value" ] where ? is a comparison operator * All empty string tests now take the form: [ -z "${foo}" ] * All non-empty string tests now take the form: [ -n "${foo}" ] Submitted by: jkh
* ppp_alias -> ppp_natbrian1999-08-221-3/+3
| | | | Submitted by: Josef L. Karthauser <joe@FreeBSD.org.uk>
* Quieten ppp at startup.brian1999-08-191-2/+2
|
* Add net.inet.icmp.log_redirect and net.inet.icmp.drop_redirect, fordes1999-08-101-1/+11
| | | | | | | respectively logging and dropping ICMP REDIRECT packets. Note that there is no rate limiting on the log messages, so log_redirect should be used with caution (preferrably only for debugging purposes).
* Start ppp before natd, not afterwards.brian1999-07-261-18/+18
| | | | Submitted by: Josef L. Karthauser <joe@uk.FreeBSD.org>
OpenPOWER on IntegriCloud