| Age | Commit message (Collapse) | Author |
|---|
|
|
|
deny from any prefix-set mynetworks or-longer
ok claudio, feature discussed with job and deraadt
|
|
Initial diff from Clemens Goessnitzer on tech@
Feedback and ok tb@
|
|
|
|
This makes it possible to use bgpd -nv in regress with unknown rdomains.
|
|
rather than a confusing set of flags.
ok gilles@
|
|
places and so prefix-sets look a lot better. Currently commas are not allowed
but they will come back soon.
OK benno@
|
|
OK benno@
|
|
Merge host_v{4,6}() into much simpler host_ip() using just getaddrinfo().
host_dns() uses the same procedure.
OK naddy
|
|
that much problem with the regress test which writes its stuff on stdout.
|
|
and fixed with/by claudio@
|
|
|
|
ok yasuoka@ jca@
|
|
|
|
|
|
prefix addr/plen to a prefix-set spec addr/plen prefixlen min - max (a
prefix including prefixlen range). Every addr/plen pair is a node in the
trie and the prefixlen is added as a bitmask to those nodes.
For the lookup the any match is OK, there is no need to do longest or
best prefix matching.
Inspiration for this solution comes from the way bird implements this
which was done by Ondrej Zajicek santiago (at) crfreenet.org
OK benno@
|
|
ok claudio@
|
|
RFC 7230 states that a server MUST NOT do so.
At least relayd chokes on this.
Pointed out & diff by Carlin Bingham (cb AT walcyrge.org), thanks!
OK benno
|
|
ok claudio@
|
|
"looks good" gilles@ halex@
|
|
Diff from fukaumi at soum.co.jp
ok mpi
|
|
|
|
Not strictly needed but better to have both initialized.
|
|
|
|
AS numbers in source-as, AS and transit-as filterstatements. These table
use bsearch to quickly verify if an AS is in the set or not.
The filter syntax is not fully set in stone yet.
OK denis@ benno@ and previously OK deraadt@
|
|
doing tokenizing on spaces and correctly ignore comments.
This should make this feature in general more robust.
OK benno@
|
|
|
|
Simplify the RDE logic this way and make it possible to load such ranges
into a much faster lookup trie for prefix-sets.
When printing the config bgpd tries to use the nices way to express the rule:
e.g. match from any prefix 18.0.0.0/8 prefixlen 8 - 32
becomes match from any prefix 18.0.0.0/8 or-longer
Apart from that there is no user visible change because of this.
OK sthen@
|
|
OpenBSD coding practices (fork+exec/privsep/pledge/...). It is only
intended to replace the lpd(8) daemon for the moment, not the lpr(1),
lprm(1), lpq(1) and lpc(8) commands.
This is a work in progress. The server part should be fairly functionnal,
but the printer part is not complete: remote printers should work, for
local printers it depends on the setup. Anyway, at this point it's better
in the tree than rotting on my disk.
ok deraadt@
|
|
ok gilles@
|
|
OK phessler@
|
|
of doing the condition before calling aspath_match() just pass the neighbor-as
down to as_compare() which then has all needed data for the lookup. While
doing this also remove one of the as fields in struct filter_as since the
min/max fields can be reused for unary operations.
OK denis@ phessler@
|
|
ok solene
|
|
ok eric@
|
|
it is currently terminal and then do the length check. If that one triggers
do a treat-as-withdraw but at the same time drop the bad attribute since it
is better to not have invalid attributes in the Adj-RIB-In since most code
does not expect that.
OK benno@
|
|
|
|
|
|
|
|
ok gilles@
|
|
are recorded.
Be more specific and list those readmes in alphabetic order at end.
|
|
with the other MTA which assume a permfail unless the exit status is one
of a specific set. make smtpd honour the same exit statuses as postfix.
note that all errors that occur before the user mda is executed (fork, pipe
and related) are still considered tempfail, only errors coming from the mda
itself are handled as permfail.
this commit is a temporary solution as i believe the SIGCHLD handler is way
more complex than it should be and we'll simplify it after 6.4 is out.
ok eric@
|
|
can be used instead of doing direct fiddling around with struct in_addr.
Use it in a few cases where it makes the code more similar between INET
and INET6 case.
OK denis@
|
|
|
|
|
|
two sets of functions smtp_check_<verb> and smtp_proceed_<verb>. we
use the check functions to validate that verb is acceptable at this
point of a session and proceed to actually move the session forward
ok eric@
|
|
ok eric@
|
|
ok gilles
while here, fix some spelling at eol whitespace introduced in previous;
|
|
|
|
- the +auth specifier is removed: it is implied by the presence of an
auth label in the rest of the string
- secure:// is removed: use smtp+tls:// or smtps://
- tls:// is replaced by smtp+tls://
- smtp:// becomes SMTP with opportunistic STARTTLS
- smtp+tls:// becomes SMTP with mandatory STARTTLS
Adjust your config file accordingly.
ok gilles@
|
|
only a user-part was supplied.
ok millert@ and eric@
|
