| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Pointed out by: Philippe Charnier <charnier@lirmm.fr>
|
| |
|
|
|
|
|
|
| |
if making a interface route, and it's a P2P link,
then also automatically lable it as an llinfo entry so that
gated and friends don't clobber it..
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
now completely consistent across all IP protocols and should be quite a
bit faster.
Use getprotoname() extensively, performed minor cleanups of admin utility.
The admin utility could use a good kick in the pants.
Basicly, these were the minimal changes I could make to the code
to get it up to tollerable shape. There will be some future commits
to clean up the basic architecture of the firewall code, and if
I'm feeling ambitious, I may pull in changes like NAT from Linux
and make the firewall hooks comletely generic so that a user can
either load the ipfw module or the ipfilter module (cf Darren Reed).
Discussed with: fenner & alex
|
|
|
|
|
|
| |
Abort if a file is still present, and make output file mode 0600.
Reviewed by: bde
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submitted by: archie@whistle.com
This patch allows true interface routing to be controlled
from the command line..
you can now do:
route add default -interface ppp0
even if you have no clue what the address at the other end is..
this is part of a set of changes that allow true "unnumbered links"
such as netcom run between their sites..
In practice you should assign the address from one of your ethernet
interfaces to the local side of the P2P link so that IP doesn't
say that the packet comes from 255.255.255.255, but
there is no need whatsoever to assign an address of any kind
to the remote end of the link.. useful for frame relay links etc also.
|
|
|
|
| |
its's proven to be quite reliable.
|
| |
|
|
|
|
| |
Reviewed by: pst
|
|
|
|
| |
slight cleanups
|
|
|
|
|
|
| |
Submitted by: fenner (with modifications by me)
Bring in the interface unit wildcard flag fix from rev 1.15.4.8.
|
|
|
|
| |
Submitted by: Julian H Stacey
|
| |
|
|
|
|
|
|
|
|
| |
Check that the major and minor are valid.
Don't print `.' at the end of error messages.
Fixed all warnings from "cc -Wall".
|
|
|
|
|
|
|
|
|
| |
Note, this is not really a security risk, because the buffer in question
is a static variable in the data segment and not on the stack, and hence
cannot subert the flow of execution in any way. About the worst case was
that if you pinged a long hostname, ping could coredump.
Pointed out on: bugtraq (listserv@netspace.org)
|
|
|
|
|
| |
proper error-checking can be done, and octal and hexadecimal
numbers are allowed.
|
|
|
|
| |
slight cleanups on yesterday's patches
|
|
|
|
|
|
|
|
| |
the obsolete() function to convert dump-style args to getopt-style
args doesn't check to see that 'f' really has an argument following
the option string in argv[1].
Submitted-By: jmacd
|
|
|
|
|
|
|
| |
the real ../mount/getmntopts.c and ../mount/mntopts.h
Closes PR#1419
Submitted by: rhh@stealth.ct.picker.com (Randall Hopper)
|
|
|
|
| |
appletalk cleanups
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
inspired by SunOS version of mount which uses option -p to
indicate that the mount information should be printed in fstab
format.
This is a neat way to create a new fstab file to use later when
one has modified the mount points or mount options or added or
removed mount some mount points. You just type
mount -p > /etc/fstab.new
and there is your new fstab file ready to be used though you
will of course have to add any necessary noauto flags manually.
[Committers note: This also seems to do the wrong thing for AMD
mounts, but in the more average case this is a nifty feature nonetheless
and one can always edit the bogus entries out]
Submitted-By: Jukka Ukkonen <jau@jau.csc.fi>
|
| |
|
|
|
|
| |
Submitted-By: Kent Vander Velden <graphix@iastate.edu>
|
|
|
|
|
|
| |
This stuff should not be too destructive if the IPDIVERT is not compiled in..
be aware that this changes the size of the ip_fw struct
so ipfw needs to be recompiled to use it.. more changes coming to clean this up.
|
| |
|
| |
|
|
|
|
|
| |
Obtained from: Whistle Communications
patches to allow ifconfig to work with appletalk addresses etc.
|
|
|
|
| |
I guess we should have a single place for this??
|
|
|
|
|
|
|
| |
control program to control the facility of the bootblocks
to fetch a default bootstring from a fixed location on the disk.
See the manpage for more info.
|
| |
|
| |
|
|
|
|
|
|
|
| |
Prevent ALL protocol from being used with port specifications.
Allow 'via' keyword at any point in the options list. Disallow
multiple 'via' specifications.
|
|
|
|
| |
Submitted by: nate
|
|
|
|
|
|
|
|
| |
of /0 to have the desired effect. Normalize IP addresses that
won't match a given mask (i.e. 1.2.3.4/24 becomes 1.2.3.0/24).
Submitted by R. Bezuidenhout <rbezuide@mikom.csir.co.za>
Code formatting and "frag" display fixes.
|
|
|
|
| |
on filesystems > 2GB (which causes the disk slice code to call Debugger!!)
|
|
|
|
|
|
| |
if statements, #if 0 some unused code, use off_t in calls to read/
write_disk, fix a printf format, remove unused variables, and
#include necessary files.
|
| |
|
|
|
|
| |
Found by: Aage Robekk <aagero@aage.priv.no>
|
|
|
|
|
|
|
| |
disklabel(8) to the kernel (dsopen()). Drivers should initialize the
hardware values (rpm, interleave, skews). Drivers currently don't do
this, but it usually doesn't matter since rotational position stuff is
normally disabled.
|
| |
|
| |
|
|
|
|
| |
Submitted by: "Philippe Charnier" <charnier@lirmm.fr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Filter based on ICMP types.
- Accept interface wildcards (e.g. ppp*).
- Resolve service names with the -N option.
- Accept host names in 'from' and 'to' specifications
- Display chain entry time stamps with the -t option.
- Added URG to tcpflags.
- Print usage if an unknown tcpflag is used.
- Ability to zero individual accounting entries.
- Clarify usage of port ranges.
- Misc code cleanup.
Closes PRs: 1193, 1220, and 1266.
|
| |
|
|
|
|
|
|
|
|
|
| |
This covers the security problem descibed in SA-96:10 and Jeff says that
when we upgrade to Lite2 (which fixes this problem), mount no longer needs
to be setuid, so we'll never be going back.
Submitted by: hsu
Reviewed by: pst
|
|
|
|
|
| |
even work. Until pst wakes up, best action deemed to be the simple disabling
of this command.
|
|
|
|
| |
as argv[0].
|
| |
|