| Age | Commit message (Collapse) | Author |
|---|
|
|
|
OK brad@
|
|
|
|
initial getinfo(), and remove a few superfluous warnings there.
ok deraadt@
|
|
flows export data gathered from pf states.
initial implementation by Joerg Goltermann <jg@osn.de>, guidance and many
changes by me. 'put it in' theo
|
|
argument after that command, check if it is a keyword, and if it is,
that means the original command really has no argument. Get it?
Now.. replace -m with media (no options), and -M with chan (no options).
Try 'ifconfig -a media chan' on a wireless & ethernet machine after this.
ok henning, reyk, thanks for the comments from others
|
|
ok mbalmer@
|
|
Not sure what's more surprising: how long it took for NetBSD to
catch up to the rest of the BSDs (including UCB), or the amount of
code that NetBSD has claimed for itself without attributing to the
actual authors.
OK deraadt@
|
|
Implementation from NetBSD. Ported via FreeBSD's version in trunk^Wlagg(4).
This is still work in progress. Tested with a HP ProCurve 3500.
OK reyk@
|
|
even the unicast address of the remote carp peer. this especially
helps when the multicast carp advertisements are causing problems in
the network (some crappy switches don't do well with multicast), there
are conflicts with VRRP, or the policy of the network does not allow
multicast (most Internet eXchange points didn't allow carped OpenBGP
routers because of the multicast advertisements).
discussed with many
ok mpf@
|
|
as host byte order in userland. ifconfig didn't get this and always printed
the pfsync syncpeer on little endian machines because the check to prevent
printing the default address assumed the wrong byte order.
ok claudio@ rainer@
|
|
in progress and some bits need to be cleaned up but will be in-tree for
convenience.
ok claudio@, norby@
|
|
|
|
handshake protocols (both supplicant and authenticator state
machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity
Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication
protocols and thus only PSK authentication (using pre-shared
keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK
protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should
work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4),
rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8):
wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@
ok deraadt@
|
|
ok mpf@, chl@
"i agree with the diagnosis" oga@
|
|
Instead of using the same IP on multiple interfaces, carp has to be
configured with the new "carpnodes" and "balancing" options.
# ifconfig carp0 carpnodes 1:0,2:100,3:100 balancing ip carpdev sis0 192.168.5.50
Please note, that this is a flag day for anyone using carp balancing.
You'll need to adjust your configuration accordingly.
Addititionally this diff adds IPv6 NDP balancing support.
Tested and OK mcbride@, reyk@.
Manpage help by jmc@.
|
|
ok mpf@
|
|
ok mpf@ henning@
|
|
that is kept in a list per carp interface. This is the huge first
step necessary to make carp load balancing nice and easy. One carp
interface can now contain up to 32 virtual host instances.
This doesn't do anything useful yet, but here is how an ifconfig
for multiple entries now looks like:
# ifconfig carp2 carpnodes 5:0,6:100 192.168.5.88
carp2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5e:00:01:05
carp: carpdev sis0 advbase 1
state MASTER vhid 5 advskew 0
state BACKUP vhid 6 advskew 100
groups: carp
inet 192.168.5.88 netmask 0xffffff00 broadcast 192.168.5.255
OK mcbride@
|
|
Suggestions from mpf@ and canacar@
ok deraadt mpf canacar
|
|
|
|
|
|
|
|
from the interface name, this allows constructs like:
ifconfig vlan15 vlandev smth0
ok reyk@, ``makes sense'' henning@
|
|
ok henning, mbalmer.
|
|
ok henning@
|
|
prefixlen specification when using this form.
man page bits by jmc.
ok henning@, ``looks sane'' djm@.
|
|
which will be used for new interface routes. For example,
ifconfig em0 10.1.1.0 255.255.255.0 rtlabel RING_1
will set the new interface address and attach the route label RING_1 to
the corresponding route.
manpage bits from jmc@
ok claudio@ henning@
|
|
mask in that case. initially from rivo nurges <rix@estpak.ee>, but changed
quite a bit. this has annoyed me so long that I wonder why I hadn't fixed
that earlier... input & ok markus deraadt, manpage also jmc
|
|
|
|
'SGIOCGIFMEDIA'.
Noticed by Stuart Henderson.
|
|
__KAME__ should suffice (__KAME__ should be nuked too?)
|
|
access point. Does the same as nwid "" but since we have -nwkey for nwkey
etc. this is nice for consistency.
ok mbalmer reyk
man stuff also ok jmc
|
|
From Peter Philipp <peter underscore philipp at freenet dot de>.
OK deraadt@.
|
|
counter by more than one. manpage help by jmc, ok mcbride mpf deraadt
|
|
|
|
help from claudio@, and ok claudio@ mickey@ mpf@
|
|
fix that by rearranging spaces in printf format strings
ok claudio@ mpf@ mickey@
|
|
|
|
and "nwflag nobridge" to prevent inter-station communications.
"hidenwid" will also work with wi(4) to replace the old -E 3 option of
wicontrol.
ok damien@ jmc@
|
|
driver reports a RSSI Max value, print the signal quality as a
percentage instead of the arbitrary "dB" value, this also applies to
the output of ifconfig -M (scan/node list).
ok damien@ jsg@
|
|
|
|
|
|
|
|
doalias is < 0. This fixes the problem where ifconfig em0 delete 10.0.0.1
created a 0.0.0.0/0 route entry and created a total mess because of that.
Diff from markus@ OK beck@ markus@
|
|
As a first user, move the global carp(4) demotion counter
into the interface group. Thus we have the possibility
to define which carp interfaces are demoted together.
Put the demotion counter into the reserved field of the carp header.
With this, we can have carp act smarter if multiple errors occur.
It now always takes over other carp peers, that are advertising
with a higher demote count. As a side effect, we can also have
group failovers without the need of running in preempt mode.
The protocol change does not break compability with older
implementations.
Collaborative work with mcbride@
OK mcbride@, henning@
|
|
We need to figure out a better way to fix this.
Brought up by markus@ OK beck@
|
|
invocation, not both.
This change ensures that a delete does not also do an add.
Fixes stupid problem where deleting the last address with
ifconfig delete addr
worked differently than
ifconfig addr delete
where the first way would re-add an address of 0.0.0.0/0 after deleting
the address.
ok claudio@, krw@
|
|
manual pages pppoe(4) and sppp(4) for examples.
the spppcontrol(8) utility is not required anymore and will probably
be removed in the near future.
ok deraadt@
|
|
ok henning@
|
