| Age | Commit message (Collapse) | Author |
|---|
|
services installed by the ports system (for now).
It only uses pgrep/pkill to handle these processes. A manual page will
come later.
'put it in' deraadt@
|
|
|
|
ok deraadt@
|
|
ok deraadt@ gilles@
|
|
Previously if the quick rm -rf failed, find was not run, so some files
were not removed. Looks good to tedu@.
|
|
Also copy the generated RSA key for isakmpd into the iked directory; this
way we share the same RSA key by default.
ok deraadt@ jsg@
|
|
It needs to be started before the routing daemons.
In this way every new prefix learnt by them already has a label associated.
discussed with and ok'ed by claudio@
|
|
the default setting in rc.conf.
ok deraadt
|
|
root. If anyone wants to use this in a siteXX.tgz file, please be sure to
*concatenate* to the file -- not replace it -- since the installer is going
to be using this file itself.
discussed with todd and halex
|
|
|
|
of the network daemons so that it can be used if another daemon stops
in its tracks.
ok claudio markus sthen
|
|
have to pass those options. this makes amd much easier to restart by
hand (though it still remains a nasty daemon do that with)
ok millert
|
|
attempts to "ifconfig carp down" noticed by david@.
- use non-descriptive variables names rather than $if/$junk to encourage
people reading the code to think what it's doing; many of the output lines
are not interface names.
ok david@
|
|
|
|
Spotted by deraadt@. These were used to bring down carp ifaces
cleanly; replace with shell features.
ok deraadt@, henning@. "Much mo' better" blambert@.
|
|
|
|
to make logging to syslog work with php for example.
ok deraadt@, henning@
|
|
arches. ok todd@ beck@
|
|
ok deraadt@
|
|
behaviour here replace by an explicit set reassemble yes no-df.
noticed by Valery Masiutsin <val.masutin at gmail dot com>
|
|
|
|
on each host and end up conflicting, so they never sync anyways.
ok dlg henning
|
|
SSH2-RSA size; ok hshoexer@, no objection from miod@
|
|
|
|
spamd-setup hanging if there are various (network?) issues and the system
not proceeding to multiuser so that this can be debugged. We do not use
& for startup in /etc/rc because this makes the spamd-setup a child of the
rc scripts after bootup (that is gross)
Problem reported in PR 5864, change discussed with beck, ok millert
|
|
contents of /etc/services so as to avoid randomly allocating
source ports that correspond to well-known services. Auto-filling
of the baddynamic tables is performed before reading sysctl.conf,
so it is still possible to add or subtract ports, or override the
autofilling entirely there.
Note that this requires a new kernel and /sbin/sysctl.
feedback markus@ ok markus@ deraadt@ millert@
|
|
"just get it in" deraadt
|
|
|
|
ok deraadt@ beck@ reyk@ phessler@
|
|
ok deraadt@ dlg@
|
|
|
|
randomisations (among other things) benefit from it. We still try again
after /var has been definitely mounted in case it is on NFS;
ok deraadt@
|
|
approved by deraadt@, ok thib@
|
|
fixes spamlogd with pflogd disabled.
ok henning
|
|
has been loaded. Otherwise, states that are received during the
initial bulk update mismatch the correct pf-checksum and
do not attach to the rules.
Problem identified by david@. Fix done in collaboration.
OK henning@
|
|
what the daemon does - it is a relayer that pays attention to the status
of pools of hosts; not a status checkers that happens to do some relaying
|
|
|
|
|
|
start.
ok dlg@
|
|
/etc/*.if files.
okay reyk@, deraadt@, krw@...
|
|
in /etc/fstab instead of using some weird homegrown scripts.
No support for boot time mounting yet, so "noauto" is still needed.
original idea from david@
help and discussion todd@ bluhm@ beck@, manpage help jmc@
ok simon@ tedu@ bluhm@ todd@, "looks good" thib@
|
|
receivers can cold start in the time it takes the boot process to get
close to starting ntpd. Even if the gps is not ready or the fix is not
valid, at least the sensor has been created; ntpd won't have to wait
a few minutes before scanning for the sensor. This makes using GPS as
the sole source of time a bit easier.
ok deraadt
|
|
|
|
as disscussed with jmc and millert.
ok millert@
|
|
1) config files move to /etc/mail
2) -g option goes away in spamd-setup and spamd - greylisting is now the default
3) option change to spamd, -b addr becomes -l addr.
4) -b option in spamd-setup and spamd to turn on old blacklisting mode.
Man page shortly to be flensed to make this easier to explain
ok deraadt@ millert@
|
|
(if the file /var/account/acct does not exist it will be created)
ok mk@
|
|
ok miod@, henning@
|
|
|
|
This makes it readable by unprivileged uses, simplifying configuration,
and there is no reason for it to be secret.
ok msf deraadt hshoexer
|
|
rc checks pflog0 existance before starting pflogd0, pbly to not print an
error message on pflog-less kernels... ugh. ok mcbride
|
