On Thu, Jul 18, 2019 at 09:46:58AM +0200, Alexandr Nedvedicky wrote:
> Hello,
>
> I've just realized my suggestion [1] to lteo@ was not complete. The single
> atomic_cas() used as I've suggested is not sufficient measure. The code
> should also do a non-atomic test to check, whether the rule is
This syncs the pf(4) man page with the latest net/pfvar.h (r1.490).
ok?
Index: pf.4
===
RCS file: /cvs/src/share/man/man4/pf.4,v
retrieving revision 1.91
diff -u -p -r1.91 pf.4
--- pf.418 Feb 2019 13:11:44 - 1.91
On Tue, May 21, 2019 at 01:07:10PM -0400, Ted Unangst wrote:
> I have a coming change which will need to access both the calling user and
> target users' passwd entries. In order to accomplish this, we need to switch
> to the reentrant flavor of getpwuid. No behaviorial change, but I think this
>
On Sun, May 19, 2019 at 02:39:20PM -0400, Jake Champlin wrote:
> Revision 1.23 added unveil to tetris, yet left two unused variables in
> scores.c
> Removes unused vars in scores.c, that were added to tetris.c in v1.23
Fixed, thanks!
> Index: scores.c
>
This makes acpi_loadtables() ensure that rsdp->rsdp_rsdt exists before
attempting to to use it.
ok?
Index: acpi.c
===
RCS file: /cvs/src/sys/dev/acpi/acpi.c,v
retrieving revision 1.365
diff -u -p -r1.365 acpi.c
--- acpi.c 11
This diff modifies divert_packet() to increment the divs_errors counter
on if_get failure so that users will be aware of it via netstat(1).
The same thing is done for divert6_packet().
While here, it also modifies divert_output() to move m_freem(m) below
divstat_inc(divs_errors). This is purely
On Fri, Jan 19, 2018 at 02:18:08PM -0700, Theo de Raadt wrote:
> > > On Fri, Jan 19, 2018 at 08:24:23PM +, Stuart Henderson wrote:
> > > > To be honest though, unless it's in the way of something, I'm not sure
> > > > it's
> > > > worth removing.
> > >
> > > If those constatns are in ports
Nothing uses PF_TRANS_ALTQ anymore, so zap it.
ok?
Index: pfvar.h
===
RCS file: /cvs/src/sys/net/pfvar.h,v
retrieving revision 1.470
diff -u -p -r1.470 pfvar.h
--- pfvar.h 29 Dec 2017 17:05:25 - 1.470
+++ pfvar.h
The pf(4) DIOCX{BEGIN,COMMIT,ROLLBACK} calls support two ruleset types:
PF_TRANS_RULESET and PF_TRANS_TABLE.
However, their switch statements in pf_ioctl.c only check for
PF_TRANS_TABLE and do not check PF_TRANS_RULESET at all.
This diff adds explicit checks for PF_TRANS_RULESET to those switch
This syncs the struct declarations in pf.4 with the latest net/pfvar.h
(r1.465 at the time of writing).
ok?
Index: pf.4
===
RCS file: /cvs/src/share/man/man4/pf.4,v
retrieving revision 1.87
diff -u -p -r1.87 pf.4
--- pf.430
In 2014, mpi@ substituted n_time, n_long, and n_short with their equivalent
u_int_* types throughout the network stack to remove the dependency on
:
http://marc.info/?l=openbsd-tech=140523875001860=2
As mentioned in his mail, trpt(8) is the only program in userland that uses
n_time. The
This imports pcap_set_immediate_mode() from mainline libpcap, which allows
a libpcap-based program to process packets as soon as they arrive.
ok?
Index: pcap-bpf.c
===
RCS file: /cvs/src/lib/libpcap/pcap-bpf.c,v
retrieving revision
When the openssl(1) prime command is asked to check the primality of a
decimal number, it changes it to hex in the output which is a little
confusing:
$ openssl prime 976110468996539
377C46DC41DBB is prime
The following diff fixes this so that it will always show the original
number in the
This diff removes redundant defines in two files.
In s_socket.c, SOCKET_PROTOCOL is defined as IPPROTO_TCP, but it's only
used once.
In s_time.c, NO_SHUTDOWN is always defined, so there is no need for a
bunch of NO_SHUTDOWN #ifdef blocks.
No binary change.
ok?
Index: s_socket.c
On Wed, Sep 09, 2015 at 11:17:55AM -0500, Brent Cook wrote:
> On Wed, Sep 9, 2015 at 10:15 AM, Todd C. Miller
> <todd.mil...@courtesan.com> wrote:
> > On Wed, 09 Sep 2015 10:02:17 -0400, Lawrence Teo wrote:
> >> In s_time.c, NO_SHUTDOWN is always defined, so there
This removes several unused defines in openssl(1). No binary change.
ok?
Index: ca.c
===
RCS file: /cvs/src/usr.bin/openssl/ca.c,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 ca.c
--- ca.c22 Aug 2015 16:36:05 -
I have applied this along with the other amdcf(4) diff you sent, thanks!
On Thu, Sep 03, 2015 at 08:41:25PM -0400, Rob Pierce wrote:
> href tar and cpio?
>
> Index: 58.html
> ===
> RCS file: /cvs/www/58.html,v
> retrieving revision
Committed, thanks.
On Mon, Apr 06, 2015 at 07:30:46PM +0200, Jan Stary wrote:
Any comments?
On Mar 29 22:24:41, h...@stare.cz wrote:
The diff below fixes what seem to be errors in pcap.3,
either in factuality or markup or grammar.
Jan
--- pcap.3.orig Sun Mar 29
On Wed, Mar 04, 2015 at 09:08:21PM -0700, Ryan T May wrote:
I found a minor typo in the manpage for fread(3).
Thanks,
Ryan May
Fixed, thanks!
Index: fread.3
===
RCS file: /cvs/src/lib/libc/stdio/fread.3,v
retrieving
m_act was the historical name of m_nextpkt, and was already deprecated
at the time DI of 4.4BSD was published. Nothing in our tree uses it,
so I would like to propose removing it. Both FreeBSD and NetBSD have
removed theirs.
I have tested this with make build+release. I also partially tested
libpcap has a use after free (found via LLVM).
pcap_close() currently looks like this:
void
pcap_close(pcap_t *p)
{
if (p-opt.source != NULL)
free(p-opt.source);
pcap_cleanup_bpf(p);
free(p);
}
The bug affects libpcap programs that enable monitor mode on
The bpf(4) man page's SEE ALSO section lists this as a reference:
McCanne, S. and Jacobson, V., An efficient, extensible, and
portable network monitor.
That paper is most likely an unpublished draft because it can't be found
online. The only reference I found to it is in a 1992
This diff replaces goto fail in tcpdrop with a proper usage() to be
consistent with other programs in the tree.
ok?
Index: tcpdrop.c
===
RCS file: /cvs/src/usr.sbin/tcpdrop/tcpdrop.c,v
retrieving revision 1.15
diff -u -p -r1.15
On Tue, Dec 30, 2014 at 07:44:51AM +0100, Claudio Jeker wrote:
On Tue, Dec 30, 2014 at 12:00:38AM -0500, Lawrence Teo wrote:
tcpdrop makes two getaddrinfo() calls:
if ((gaierr = getaddrinfo(laddr1, port1, hints, laddr)) != 0)
errx(1, %s port %s: %s, addr1, port1
tcpdrop makes two getaddrinfo() calls:
if ((gaierr = getaddrinfo(laddr1, port1, hints, laddr)) != 0)
errx(1, %s port %s: %s, addr1, port1,
gai_strerror(gaierr));
if ((gaierr = getaddrinfo(faddr2, port2, hints, faddr)) != 0) {
Make divert_output() do an m_pullup only if truly needed.
ok?
Index: netinet/ip_divert.c
===
RCS file: /cvs/src/sys/netinet/ip_divert.c,v
retrieving revision 1.31
diff -u -p -r1.31 ip_divert.c
--- netinet/ip_divert.c 5 Dec 2014
On Fri, Dec 12, 2014 at 03:32:31PM +0100, Ingo Schwarze wrote:
Hi Kaspars,
Kaspars Bankovskis wrote on Fri, Dec 12, 2014 at 03:22:16PM +0200:
Function arguments in synopsis for pcap_inject and pcap_sendpacket are
a bit messed up by comma. Types updated from actual code.
And some .An
divert_output() has a basic sanity check to ensure that the m_pkthdr.len
for reinjected packets is not shorter than the minimum length based on
the protocol:
if (p_hdrlen m-m_pkthdr.len off + p_hdrlen)
goto fail;
off is the length of the IP header, and p_hdrlen is the
On Fri, Jul 11, 2014 at 12:20:00PM +0200, Alexander Hall wrote:
On 07/10/14 06:30, Lawrence Teo wrote:
About a month ago, I sent a diff that allows ftp(1) to set its
User-Agent.
Based on feedback from halex@ and deraadt@, I have changed it so that
the User-Agent can be set via a -U
On Fri, Jul 11, 2014 at 05:46:02PM +0200, Alexander Hall wrote:
On 07/11/14 17:35, Lawrence Teo wrote:
On Fri, Jul 11, 2014 at 12:20:00PM +0200, Alexander Hall wrote:
On 07/10/14 06:30, Lawrence Teo wrote:
About a month ago, I sent a diff that allows ftp(1) to set its
User-Agent.
Based
This diff simplifies divert_output() further by removing the csum_flag
variable and setting the checksum flag in pkthdr directly (the variable
was originally there to help with zeroing the checksum, but we've now
determined that zeroing the checksum is unnecessary so that variable
is no longer
Packets that are reinjected via a divert(4) socket will have their IP
and protocol checksums recalculated, since the userspace application
could have modified them.
Currently, these checksums are manually recalculated by divert_output().
But now that the new checksum offloading system is in
About a month ago, I sent a diff that allows ftp(1) to set its
User-Agent.
Based on feedback from halex@ and deraadt@, I have changed it so that
the User-Agent can be set via a -U command-line option instead of an
environment variable.
I have also fixed a conflict with guenther@'s recent fetch.c
The current divert(4) implementation allocates an mbuf tag in pf_test()
to store the divert port specified by a divert-packet PF rule.
The divert_packet() function then looks up that mbuf tag to retrieve the
divert port number before sending the packet to userspace.
As far as I can tell, this
The way tcpdump displays bad checksums is annoyingly inconsistent.
Here's an example where tcpdump is showing two packets: one with a
bad IP checksum, and another with a bad TCP checksum (emphasis mine):
Bad IP checksum
14:38:42.489639 192.168.30.1.20 192.168.30.70.80: S [tcp sum ok]
0:0(0) win
On Thu, Jun 12, 2014 at 06:32:00PM +0200, Alexander Hall wrote:
On June 11, 2014 6:18:19 AM CEST, Lawrence Teo l...@openbsd.org wrote:
This diff allows ftp(1) to change the User-Agent for HTTP(S) URL
requests via the FTPUSERAGENT environment variable (personally I prefer
HTTPUSERAGENT
This diff allows ftp(1) to change the User-Agent for HTTP(S) URL
requests via the FTPUSERAGENT environment variable (personally I prefer
HTTPUSERAGENT but FTPUSERAGENT is what's used by ftp(1) on other BSDs).
This is useful when fetching URLs that are sensitive to the User-Agent,
such as sites
Marchetto mich...@openbsd.org
+.\ Copyright (c) 2012-2014 Lawrence Teo l...@openbsd.org
.\
.\ Permission to use, copy, modify, and distribute this software for any
.\ purpose with or without fee is hereby granted, provided that the above
.\ copyright notice and this permission notice appear
On Thu, Aug 08, 2013 at 12:12:39AM -0500, joshua stein wrote:
Running tcpdump with no -i arg finds a good interface to listen on
by default on many machines, but on my laptop it finds pflog0 before
urtwn0. Can we skip pflog interfaces like loopbacks?
I got reminded of this diff while working
This changes a few malloc()+memset() calls to calloc().
OK?
Index: gencode.c
===
RCS file: /cvs/src/lib/libpcap/gencode.c,v
retrieving revision 1.36
diff -u -p -r1.36 gencode.c
--- gencode.c 9 Oct 2010 08:14:36 - 1.36
Committed, thanks!
On Sun, Mar 09, 2014 at 06:39:21PM +0100, Alexander Bluhm wrote:
OK bluhm@
On Sun, Mar 02, 2014 at 05:45:15AM -0800, Loganaden Velvindron wrote:
On Wed, Feb 12, 2014 at 09:11:41PM +0100, Alexander Bluhm wrote:
On Wed, Feb 12, 2014 at 10:10:36AM -0800, Loganaden
On Fri, Mar 07, 2014 at 10:22:59AM -0700, Theo de Raadt wrote:
* Ted Unangst t...@tedunangst.com [2014-03-07 07:40]:
On Thu, Mar 06, 2014 at 23:56, Lawrence Teo wrote:
pf_check_congestion() simply checks if ifq-ifq_congestion is non-zero,
and returns 1 or 0 accordingly. It is only
pf_check_congestion() simply checks if ifq-ifq_congestion is non-zero,
and returns 1 or 0 accordingly. It is only called by pf_test_rule().
Since what pf_check_congestion() does is very trivial and pf_test_rule()
is its only user, would it make sense to remove it and let
pf_test_rule() check
This diff simplifies the verification of ICMP checksums in
pf_check_proto_cksum() by letting it use the same in4_cksum() call that
is used for TCP and UDP checksums.
As a bonus, since in4_cksum() doesn't need that m_data/m_len dance the
code becomes much shorter as well.
OK?
Index: pf.c
This checks the return values of strdup() calls in tcpdrop(8).
OK?
Index: tcpdrop.c
===
RCS file: /cvs/src/usr.sbin/tcpdrop/tcpdrop.c,v
retrieving revision 1.12
diff -u -p -r1.12 tcpdrop.c
--- tcpdrop.c 24 Oct 2013 02:55:50 -
Our tcpdump has the ability to detect bad TCP and UDP checksums with the
-v flag, but not ICMP and ICMPv6 checksums. Here are two diffs to let
tcpdump detect bad ICMP/ICMPv6 checksums, which should help when
debugging issues caused by such checksums. :)
The first diff (below) is simply a
On Fri, Oct 18, 2013 at 03:27:09PM -0400, Lawrence Teo wrote:
Back in August I sent a diff to fix ICMP checksum calculation in
in_proto_cksum_out() and in_delayed_cksum() in cases where the ICMP
checksum field is not in the first mbuf of an mbuf chain (original post
at http://marc.info/?l
Now that the M_ICMP_CSUM_* flags are actually used in the kernel by PF
(specifically pf_check_proto_cksum() and pf_cksum()), document them in
the mbuf(9) man page.
OK?
Index: mbuf.9
===
RCS file: /cvs/src/share/man/man9/mbuf.9,v
On Sat, Oct 19, 2013 at 04:43:07PM +0200, Alexander Bluhm wrote:
On Fri, Oct 18, 2013 at 03:27:09PM -0400, Lawrence Teo wrote:
Back in August I sent a diff to fix ICMP checksum calculation in
in_proto_cksum_out() and in_delayed_cksum() in cases where the ICMP
checksum field
@ with the following feedback:
On Fri, Aug 09, 2013 at 02:21:29AM +0200, Alexander Bluhm wrote:
On Mon, Aug 05, 2013 at 10:28:57AM -0400, Lawrence Teo wrote:
Index: ip_output.c
===
RCS file: /cvs/src/sys/netinet/ip_output.c,v
retrieving
When storing a state file (pfctl -S statefile), pfctl_state_store()
returns without freeing the inbuf pointer.
And if the state table is empty, it doesn't close the file before
returning.
This diff fixes both bugs. OK?
Index: pfctl.c
This diff ensures that PF one shot rules can only be used inside anchors
and not in the main ruleset.
OK?
Index: sbin/pfctl/parse.y
===
RCS file: /cvs/src/sbin/pfctl/parse.y,v
retrieving revision 1.624
diff -u -p -u -p -r1.624
On Wed, Aug 07, 2013 at 03:39:59AM +0200, Alexander Bluhm wrote:
Hi,
I have just removed a bunch of useless include netinet/in_var.h
from the machine independent drivers. I suspect that they are also
not needed in the architecture specific network drivers. Unfortunately
I don't have any
in_proto_cksum_out() currently calculates ICMP checksums like this:
hlen = ip-ip_hl 2;
icp = (struct icmp *)(mtod(m, caddr_t) + hlen);
icp-icmp_cksum = 0;
icp-icmp_cksum = in4_cksum(m, 0, hlen,
ntohs(ip-ip_len) - hlen);
However this won't work if the
in6_delayed_cksum() incorrectly assumes that the ICMPv6 header or
checksum field is in the first mbuf of an mbuf chain before setting it
to 0. This diff fixes it.
OK?
Index: ip6_output.c
===
RCS file:
This diff fixes two errors on the pf(4) man page:
1. DIOCSETSTATUSIF has not used struct pfioc_if since pf_ioctl.c rev
1.234; it now uses struct pfioc_iface. Since the definition of
pfioc_iface is already listed under DIOCIGETIFACES, I moved the
description of DIOCSETSTATUSIF below
Here are two small fixes to the pf(4) man page to make pfioc_natlook
and pfr_addr match net/pfvar.h.
OK?
Index: pf.4
===
RCS file: /cvs/src/share/man/man4/pf.4,v
retrieving revision 1.74
diff -u -p -r1.74 pf.4
--- pf.410
Currently, ICMP(v4) checksums are calculated using in_cksum(), which
requires the following m_data/m_len dance:
hlen = ip-ip_hl 2;
m-m_data += hlen;
m-m_len -= hlen;
icp = mtod(m, struct icmp *);
icp-icmp_cksum = 0;
icp-icmp_cksum = in_cksum(m,
BUFCACHEPERCENT has been set to 20 by default for a while now, so bump
it in the options(4) man page accordingly.
OK?
Index: options.4
===
RCS file: /cvs/src/share/man/man4/options.4,v
retrieving revision 1.231
diff -u -p -r1.231
This diff syncs the PF reason codes on the tcpdump(8) man page with
PFRES_NAMES in net/pfvar.h.
OK?
Index: tcpdump.8
===
RCS file: /cvs/src/usr.sbin/tcpdump/tcpdump.8,v
retrieving revision 1.79
diff -u -p -r1.79 tcpdump.8
---
This diff documents my recent checksum recalculation changes for
divert(4):
http://marc.info/?l=openbsd-cvsm=136543514928571w=2
I have also made the text more specific to clarify that divert sockets
are only applicable to PF rules with the divert-packet parameter,
with an explicit note that it
The ftp(1) man page has a paragraph in BUGS that warns against using
ftp(1) with 4.2BSD servers. I doubt anyone would connect to an 4.2BSD
server today, so is there any reason not to remove it?
Lawrence
Index: ftp.1
===
RCS file:
On Thu, Mar 28, 2013 at 03:34:50PM +0100, Patrik Lundin wrote:
I noticed that md5(1) returns 0 when you target a file that does not
exist:
=
$ md5 foobar
md5: cannot open foobar: No such file or directory
$ echo $?
0
=
This seems wrong according to the man page, and I have
On Thu, Mar 21, 2013 at 04:13:35PM +, Christian Weisgerber wrote:
Lawrence Teo l...@openbsd.org wrote:
The checksum flags listed in the mbuf(9) man page do not match the ones
in mbuf.h. In addition, the m_pkthdr.csum variable name should be
m_pkthdr.csum_flags.
The following
On Mon, Mar 04, 2013 at 11:37:32PM -0500, Lawrence Teo wrote:
Brief background: divert(4) sockets can be used to send packets to a
userspace program. The program can inspect the packets and decide to
either reinject them back into the kernel or drop them.
According to the divert(4) man page
Brief background: divert(4) sockets can be used to send packets to a
userspace program. The program can inspect the packets and decide to
either reinject them back into the kernel or drop them.
According to the divert(4) man page, The packets' checksums are
recalculated upon reinjection. This
The bind_lease() function has several strdup() calls for the domainname
and nameservers variables, but their return values are not checked.
In my tests, dhclient won't crash even if these strdup() calls return
NULL; however, if one of those variables become NULL as a result, the
search or
On Thu, Dec 13, 2012 at 12:07:42PM +0100, Joerg Zinke wrote:
Am 11.12.2012 um 04:12 schrieb Lawrence Teo l...@openbsd.org:
There are a number of calloc() and strdup() calls in the
apply_defaults() and clone_lease() functions whose return values are not
checked. If they happen to return
In the unlikely event that a NULL device is passed to the
priv_pcap_live() function, it will just set the error buffer and
continue, causing a segfault.
The diff below fixes this bug by ensuring that the function returns
NULL in this situation.
Comments/OK?
Lawrence
Index: privsep_pcap.c
Quick background: In pflogd(8), the if_exists() function tests if a
given pflogX interface exists. It returns 1 (if it exists) or 0 (if
not).
This diff fixes two issues with if_exists():
1. if_exists() opens a socket to test the pflogX interface exists. If
the interface does not exist, the
I think the current pcap-filter(3) man page belongs in section 7, since
it does not describe library functions like the other man pages in
section 3. It is more similar to the man pages in section 7.
The mainline libpcap's source distribution will try to install the
pcap-filter man page in
Here's a revised version of the diff that was done with a lot of
discussion with and help from jmc@.
This is what the diff does:
* In both usage and the man page synopsis, combine the http and https
usage formats into the following so that it is less verbose:
ftp [-C] [-c cookie] [-o
We maintain our own tcpdump, so remove the sentence in the BUGS section
that asks users to send bug reports to mainline tcpdump.
While here, fix the following mandoc -Tlint warnings:
tcpdump.8:603:2: WARNING: skipping paragraph macro
tcpdump.8:610:2: WARNING: skipping paragraph macro
ok?
This is a small follow-up diff to haesbaert@'s recent commit that
enables HTTP Basic authentication in ftp(1):
* In the AUTO-FETCHING FILES section of the ftp(1) man page, describe
what [user:password@] does when used with HTTP and HTTPS URLs.
* Fix usage formatting to match man page SYNOPSIS
On Mon, Aug 13, 2012 at 09:07:52AM +0200, David Coppa wrote:
On Sun, Aug 12, 2012 at 11:34 PM, Ingo Schwarze schwa...@usta.de wrote:
Hi Ted,
Ted Unangst wrote on Tue, Jul 24, 2012 at 08:57:59PM -0400:
The vmwh package is very handy, but somewhat hard to discover.
Can we add a little
On Mon, Aug 13, 2012 at 04:06:28PM +0100, Stuart Henderson wrote:
On 2012/08/13 10:51, Lawrence Teo wrote:
OK for me as well; I prefer the version that spells out the port
name as sysutils/vmwh
We direct users towards packages not ports.
Good point.. thank you, I need to remember
On Sun, Jul 22, 2012 at 09:42:03PM -0400, Brad Smith wrote:
Mention RFC 6106 in the rtadvd.conf(5) man pages SEE ALSO section.
OK
Index: rtadvd.conf.5
===
RCS file: /home/cvs/src/usr.sbin/rtadvd/rtadvd.conf.5,v
retrieving
On Thu, May 31, 2012 at 12:07:18AM -0400, Lawrence Teo wrote:
pfctl's -P flag (introduced in OpenBSD 5.1) makes pfctl print ports
using their names in /etc/services. It was originally intended to be
used with -sr.
The diff extends it to make it work with -ss.
Example:
# pfctl -P -ss
On Sat, Jul 07, 2012 at 03:17:30PM +0200, Matthieu Herrb wrote:
On Sat, Jul 07, 2012 at 12:47:32PM +0200, Peter Hessler wrote:
ressurecting an old patch.
OK from me, anyone else?
With my sysadmin-deplying-IPv6-at-my-dayjob hat, I'd love to see that
go in, but I can't test it before
This diff adds support for the Winbond W83627UHG chip, as found on the
Lanner FW-7539 appliance. This diff was ported from DragonFly BSD:
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/245ec76bc1613b22cf282526fa9931e4c16e4237
Here is the sysctl hw.sensors output on that Lanner
This diff fixes a few grammar/punctuation issues and missing words
on the ssl(8) man page. I have also added some text to make it flow
better.
ok?
Index: ssl.8
===
RCS file: /cvs/src/share/man/man8/ssl.8,v
retrieving revision 1.50
This diff modifies the default ssl_certificate and ssl_certificate_key
values in nginx.conf to match the ssl(8) man page.
ok?
Index: nginx.conf
===
RCS file: /cvs/src/usr.sbin/nginx/conf/nginx.conf,v
retrieving revision 1.3
diff -u
pfctl's -P flag (introduced in OpenBSD 5.1) makes pfctl print ports
using their names in /etc/services. It was originally intended to be
used with -sr.
The diff extends it to make it work with -ss.
Example:
# pfctl -P -ss
all tcp 192.168.6.7:ssh (172.16.88.25:6688) - 172.16.88.22:49622
The inet(3) man page has always felt messy to me, where the words
function and routine are used interchangeably to describe the
various functions in inconsistent ways. This extra verbiage makes it
somewhat harder to look up the descriptions of functions.
Since it is understood that this man page
On Mon, Mar 19, 2012 at 12:50:12PM +0100, Marc Espie wrote:
On Wed, Mar 07, 2012 at 12:31:48AM -0500, Lawrence Teo wrote:
This simple diff makes pkg_add and pkg_delete include their PID when
logging to syslog. This is useful when trying to determine whether
several packages were added
I sent a diff to update libpcap in base in November 2011 [1]. Here's
the latest version that fixes a bug I found after running regression
tests on all pcap-based ports in the ports tree.
If anyone would like to test the diff, the programs in base that link to
libpcap and would also require
On Tue, May 15, 2012 at 08:06:43PM +0100, Stuart Henderson wrote:
On 2012/05/15 14:19, Lawrence Teo wrote:
If anyone would like to test the diff, the programs in base that link to
libpcap and would also require testing are:
- /usr/libexec/spamlogd
- /usr/sbin/pppd
- /usr/sbin/tcpdump
This diff changes the sha1(1) man page to recommend the use of
sha256(1). It uses language that is similar to the md5(1) man page.
Thoughts?
Lawrence
Index: sha1.1
===
RCS file: /cvs/src/bin/md5/sha1.1,v
retrieving revision 1.29
This diff fixes the error message for one of the log_it() calls in cron
(was probably a pasto). While here, also fix the style for two other
log_it() calls.
Lawrence
Index: cron.c
===
RCS file: /cvs/src/usr.sbin/cron/cron.c,v
On Fri, May 04, 2012 at 11:34:02PM +0200, Erik Lax wrote:
Hi,
I noticed that tcpbench sometimes crashes when using -n and -b combined,
this is because of a double-free in the client initialization loop.
This is consistently reproducible for me, if I run tcpbench -s in one
session and
On Fri, Apr 27, 2012 at 12:45:01PM +0100, Stuart Henderson wrote:
On 2012/04/27 00:51, Lawrence Teo wrote:
The diff below fixes pfctl so that it will show the 'authpf/*' anchor
as intended:
This is extremely useful for relayd/ftp-proxy too.
I agree. I bumped into this bug while writing
The pfctl(8) man page says:
By default, recursive inline printing of anchors applies only to
unnamed anchors specified inline in the ruleset. If the anchor
name is terminated with a `*' character, the -s flag will
recursively print all anchors in a brace delimited block. For
On Wed, Apr 18, 2012 at 11:58:26PM -0400, Lawrence Teo wrote:
This diff adds a -s flag to ftp(1) to let the user specify the
source IP address of the connection. This is useful when using
ftp(1) over VPN tunnels or when an alternate source IP is required
to fetch a file from a FTP/HTTP/HTTPS
On Wed, Apr 18, 2012 at 11:36:49PM -0400, Lawrence Teo wrote:
This simple diff adds a check to the add_nat() function in
ftp-proxy(8) to ensure that nat_range_high is defined before
proceeding to create the PF NAT rule. I think the original author
may have intended to do this since
This simple diff adds a check to the add_nat() function in
ftp-proxy(8) to ensure that nat_range_high is defined before
proceeding to create the PF NAT rule. I think the original author
may have intended to do this since there is an existing check for
nat_range_low.
Technically, all calls to
The inet(3) man page has always been rather difficult to read for
me, primarily because the order of the inet_* functions in the
DESCRIPTION section is not the same as their order in SYNOPSIS.
In addition, the descriptions of various functions are grouped
together in large paragraphs, making it
This diff adds a -s flag to ftp(1) to let the user specify the
source IP address of the connection. This is useful when using
ftp(1) over VPN tunnels or when an alternate source IP is required
to fetch a file from a FTP/HTTP/HTTPS server due to access control
policies.
The -s flag is present in
This simple diff makes pkg_add and pkg_delete include their PID when
logging to syslog. This is useful when trying to determine whether
several packages were added (or removed) by the same pkg_add (or
pkg_delete) process.
Here is some sample output:
Mar 3 22:15:17 obsd-amd64 pkg_add[3530]:
On Mon, Mar 05, 2012 at 12:43:07AM +0100, Ingo Schwarze wrote:
http://www.manpagez.com/man/7/pcap-filter/
http://www.tcpdump.org/release/libpcap-1.2.1.tar.gz
Please consider adding it to the distribution.
From cursory inspection, it looks like OpenBSD is using a fork of
libpcap 0.4 or
The following example code in the queue(3) man page to delete all
elements in a tail queue generates a warning in gcc and clang.
while (np = TAILQ_FIRST(head)) {
TAILQ_REMOVE(head, np, entries);
free(np);
}
Here's a demo:
===BEGIN===
$ cat tailq.c
1 - 100 of 123 matches
Mail list logo
