| Age | Commit message (Collapse) | Author |
|---|
|
attributes (this is now required by pf_rule_test().
ok sthen henning
|
|
|
|
|
|
|
|
for the new priority queueing implementation. valid range is 0 to 7. the old
trick for priorizing empty ACKs etc remains thru the latter notation
ok ryan mpf sthen plus pea testing and halex and claudio reading
|
|
`net.pipex.enable' to enable PIPEX. By default, pipex is disabled
and it will not process packets from wire. Update man pages and
update HOWTO_PIPEX_NPPPD.txt for testers.
discussed with dlg@, ok deraadt@ mcbride@ claudio@
|
|
- Did not include PF_SKIP_RDOM
- Changed order of address and ports.
|
|
packages _only_. One is not supposed to add any base scripts in it.
naddy@ doesn't care (I think he does care but he won't admit it)
ok robert@
(I'll add something to current.html in a few)
|
|
|
|
|
|
|
|
been implicit for years now.
ok henning@
|
|
a bunch of bugs with fragment handling not being in sync with the
rest of the ruleset.
Much feedback from mpf, bluhm & markus
Thanks to Tony Sarendal for help with testing
ok bluhm; various previous versions ok henning, claudio, mpf, markus
|
|
behaves as if SO_KEEPALIVE was set on all TCP sockets, forcing keepalives
to be sent every net.inet.tcp.keepidle half-seconds.
In conjunction with a keepidle value greatly reduced from the default,
this can be useful for keeping sessions open if you are stuck on a network
with short NAT or firewall timeouts.
Feedback from various people, ok henning@ claudio@
|
|
type (if not specified) to "use" instead of "require".
(since they will not get a key...)
ok mikeb claudio
|
|
place it was missing. Delete now redundant calls to DIOCGDINFO when
getting physical disk info in disklabel(8) and fdisk(8).
Reminded by a fdisk discussion with Andres Perera on tech@.
ok deraadt@
|
|
|
|
a ffs frag size can be less than the d_secsize of the disk. Make
sure amd64 writedisklabel() puts the disklabel where readdoslabel()
will read it. Tweak i386/amd64 installboot/biosboot so sectors are
indeed used where sectors are claimed.
Lets me fdisk, newfs, mount and installboot onto 2048 and 4096
byte sector devices. Other filesystem utilites will still hold
surprises.
Note that actually booting from such devices will await BIOSen that
acknowledge such devices as bootable.
ok guenther@
|
|
|
|
even though -interface is the same as -iface.
OK jmc@
|
|
|
|
|
|
link_addr() since the function looks at sa_len internally.
This should solve issues with using -ifp modifier because
the aflen was often to small.
|
|
|
|
|
|
i added that button many many many years ago since the order (options, scrub,
nat, filter) was enforced back then, which I hated. now we had that turned
off for ages, and with the scrub and nat rulesets being gone, there is very
little reason to enforce an order at all. so let's get rid of it.
introducing this button was one of my very early commits to openbsd... feels
a bit strange to remove it now :)
ok ryan dlg theo
|
|
|
|
|
|
print that as flag then
|
|
ok mcbride@ henning@
|
|
When BN_bn2bin converts a bignum to the binary representation
it skips leading zeroes if there are any. To accommodate the
difference with the protocol we need to prepend those zeroes
ourselves.
|
|
flags in the monitor case. Brought up on the mailing list some long
time ago.
|
|
|
|
|
|
same variety...
|
|
|
|
ok deraadt jmc krw
|
|
changed on the fly now.
ok sthen deraadt
|
|
|
|
|
|
1k block when we're supposed to.
fix from tyr@poczta.fm in pr 6609
ok otto@
|
|
i386. Stop abusing it on other archs for controling a shutdown by
pressing the soft power button:
* Add a MI sysctl hw.allowpowerdown; if set to 1 (the default) it
allows a power button shutdown.
* Make acpi(4)/acpibtn(4) honor hw.allowpowerdown.
* Switch the various power button intercepts on landisk, sgi, sparc64
and zaurus over to hw.allowpowerdown.
* Garbage collect the machdep.kbdreset sysctl on all archs other than
amd64 and i386.
ok miod@
|
|
discussed with lots of people, tested by naddy@,
"move fast" deraadt@
|
|
the standard OpenBSD-style parse.y handle continuing lines with backslashes,
paying particular attention to how comments are handled (which can cause
nasty side-effects if you're not expecting it).
Most wording from jmc@, with suggestions from fgsch@, marc@, Richard Toohey,
patrick keshishian and Florian Obser, ok jmc@.
|
|
|
|
And files can be smaller (e.g. 512 bytes like /usr/mdec/mbr) than
a disk sector (e.g. 4096 bytes on pirofti's external disk drive).
So relax the length test on the read() result to < DEV_BSIZE (the
amount of data we actually want) instead of < secsize (the minimum
size that read() will accept).
'fdisk -e' and 'fdisk -i' now work on devices with sector sizes
greater than DEV_BSIZE.
|
|
it skips leading zeroes if there are any. To accommodate the
difference with the protocol we need to prepend those zeroes
ourselves.
Fixes PR 6601, tested by Pawel Wieleba, sthen, otto.
Huge thanks to Pawel for spending nearly a week testing diffs.
ok sthen
|
|
|
|
ok sthen
|
|
found in my tree, obviously forgotten to commit at some point...
|
