Age | Commit message (Collapse) | Author |
|
manpage nits jmc@, fixes jose@; ok deraadt@
|
|
extracted using a small client. Useful for diskless systems.
much feedback from deraadt@, canacar@, jmc@, jakob@ ; ok deraadt@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
that need it include that
|
|
so many parts of bgpd are not at all interested in the session specific peer
structs... allows for some further cleaning
|
|
with fgets() (which does). Using fgetln() doesn't make a huge amount
of sense since passwd entries are required to be short and mustn't contain
NULs. This also fixes a bus error on sparc64 (caused by passing a pointer
to an int when a pointer to size_t was expected) found by pvalchev@.
Tested and OK pvalchev@
|
|
|
|
|
|
|
|
that means that the callers can (and must) coope with closed connections
themselves, what is exactly the desired behaviour.
|
|
have to do the imsg_read in a loop as well.
|
|
|
|
|
|
cleanup code. from kame
|
|
|
|
|
|
|
|
|
|
restore afterwards
help & ok theo
|
|
ok theo
|
|
|
|
ok and help theo
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
right now it only connects to bgpd and prints a list of neighbors and their
status; that will change.
|
|
|
|
only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back
the struct peer for all neighbors.
will be used by bgpdctl
|
|
|
|
imsg into the buffer. since imsg_get by definition only returns one imsg we
missed the next imsg(s) until the next poll event on the socket in question,
building up a queue on that socket. didn't show up as a problem yet...
factor out imsg_read, which reads into the buffer. imsg_get now entirely
operates on the buffers and does not read(2) itself.
make all callers cope by calling imsg_read on poll events and calling
imsg_get in a loop until all imsgs are processed.
|
|
causes a conflicht with upcoming changes
|
|
instead of aborting outright with loads of files unregistered...
|
|
1) PF should do the right thing when unplugging/replugging or cloning/
destroying NICs.
2) Rules can be loaded in the kernel for not-yet-existing devices
(USB, PCMCIA, Cardbus). For example, it is valid to write:
"pass in on kue0" before kue USB is plugged in.
3) It is possible to write rules that apply to group of interfaces
(drivers), like "pass in on ppp all"
4) There is a new ":peer" modifier that completes the ":broadcast"
and ":network" modifiers.
5) There is a new ":0" modifier that will filter out interface aliases.
Can also be applied to DNS names to restore original PF behaviour.
6) The dynamic interface syntax (foo) has been vastly improved, and
now support multiple addresses, v4 and v6 addresses, and all userland
modifiers, like "pass in from (fxp0:network)"
7) Scrub rules now support the !if syntax.
8) States can be bound to the specific interface that created them or
to a group of interfaces for example:
- pass all keep state (if-bound)
- pass all keep state (group-bound)
- pass all keep state (floating)
9) The default value when only keep state is given can be selected by
using the "set state-policy" statement.
10) "pfctl -ss" will now print the interface scope of the state.
This diff change the pf_state structure slighltly, so you should
recompile your userland tools (pfctl, authpf, pflogd, tcpdump...)
Tested on i386, sparc, sparc64 by Ryan
Tested on macppc, sparc64 by Daniel
ok deraadt@ mcbride@
|
|
From: Patrick Latifi <pat@eyeo.org>
|
|
all three) after buf_open failure. as this does not happen normally (except
for in out of memory cases) it wasn't noticed.
|
|
From: Patrick Latifi <pat@eyeo.org>
|
|
detected a closed connection which caused an fsm call which causes a
deallocation of said ressources
(that was long for "missing return")
|
|
|
|
|