The ioctl DIOCRCLRASTATS provides the functionality of clearing stats
not only for the whole table for for addresses stored in that table. The
functionality was missing from pfctl, though. Add it now.
PR: 282877
Obtained from: OpenBSD, kirill <kirill@openbsd.org>, e496dff3a7
MFC after: 3 weeks
The loop doesn't check for overflow of the event buffer, which can
easily happen if other tests are running in parallel (the bectl tests in
particular trigger devd events).
When that overflow occurs, a funny thing can happen: the loop ends up
trying to read 0 bytes from the socket, succeeds, and then prints its
buffer to stdout. It does this as fast as possible, eventually timing
out. Then, because kyua wants to log the test's output, it slurps the
output file into memory so that it can insert it into the test db. This
output file is quite large, usually around 8GB when I see it happen, and
is large enough to trigger an OOM kill in my test suite runner VM.
Fix the test: use a larger buffer and fail the test if we fill it before
both events are observed. Also don't print the output buffer on every
loop iteration, since unlike the seqpacket test that will just print the
same output over and over.
Reviewed by: imp, asomers
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D47625
The full mandoc warnings were:
skipping paragraph macro: PP after SS
skipping paragraph macro: PP after SH
The rendered output (in ascii and html) is not affected by this commit.
Fixes made by script in https://github.com/Tarsnap/freebsd-doc-scripts
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Reviewed by: jlduran, mhorne
MFC after: 1 week
Sponsored by: Tarsnap Backup Inc.
Pull Request: https://github.com/freebsd/freebsd-src/pull/1524
We removed IP fast forwarding a while ago, so this is no longer relevant.
The netlink interface always sets the nexthop interface as V_loif, so users
don't need to worry about it either.
Reported by: Jim Thompson
Reviewed by: melifaro
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D47528
It was disabled by default in fe52b7f60e. We planned to (but did not)
remove the option before FreeBSD 14. Remove it now, for FreeBSD 15.
Relnotes: Yes
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31558
Include the IP address in the message when a hashnode add error occurs.
This helps to identify the ippool.conf statement that the error occurred.
MFC after: 1 week
Replace inet_ntoa(3) with inet_ntop(3). This supporting the printing of
IPv6 IP addresses in addition to IPv4 IP addresses in error message.
MFC after: 1 week
When a node in a tree is discovered in error, i.e. duplicate, the
IP address of the node is printed but no closing bracket completes
the node in the message. Fix this.
MFC after: 1 week
As with when printing errors for failed poolnodes, printing the hash
node (IP address) only leads to speculation which hash pool the failed
add occurred. This is especially useful when the same IP address is
listed in multiple hash pools.
MFC after: 1 week
Printing the pool node (IP address) only leads to speculation which
pool the failed add occurred. This is especially useful when the same
IP address is listed in multiple pools.
MFC after: 1 week
Avoid overrunning the message buffer when printing an ippool btree error.
We do this in two ways. First we increase the message buffer from 80 to
255 bytes and secondly we replace strcat(3) with strlcat(3).
MFC after: 1 week
nvmecontrol {admin,io}-passthru's -r option doesn't take an argument,
so the tests which added one failed because they tried to open /dev/0.
MFC after: 1 week
In order to create vnet jails, atf_python needs root privileges.
However, once the vnet is created, its privileges inside the vnet can be
demoted, as these tests should not require root in order to pass.
Reviewed by: markj
Approved by: emaste (mentor)
Fixes: 4efaf43c6f ("ping: Require root user for pytests")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D42175
Declare some regex patterns as a raw string by prepending `r`.
Reviewed by: markj
Approved by: emaste (mentor)
Differential Revision: https://reviews.freebsd.org/D42174
Align some of pinger() defaults with Scapy to facilitate debugging when
printing packets.
No functional change intended.
Reviewed by: emaste, kp
Approved by: emaste (mentor)
Differential Revision: https://reviews.freebsd.org/D47159
Scapy now only accepts known options with IPOption(), so our unknown
option must be passed raw.
While here, prefer the named options for EOL and NOP.
Reviewed by: emaste, kp
Approved by: emaste (mentor)
Differential Revision: https://reviews.freebsd.org/D47160
Rather than probing all namespace IDs up to cdata.nn for the devlist
command, fetch the active namespace list and iterate over that. This
can be much quicker on Fabrics controllers which often advertise a
large cdata.nn value to support adding additional namespaces at
runtime.
Reviewed by: chuck
Reported by: Neven Z <nevenzfr@gmail.com>
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D47355
Split out helper functions for scan_namespace and scan_controller.
While here, replace sprintf() calls with snprintf() and avoid
leaking the contoller fd if read_controller_data() fails.
Reviewed by: chuck, imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D47354
This does not change the rendered ascii at all.
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Reviewed by: mhorne, Alexander Ziaee <concussious.bugzilla@runbox.com>
MFC after: 3 days
Sponsored by: Tarsnap Backup Inc.
Pull Request: https://github.com/freebsd/freebsd-src/pull/1473
So users do not have to contact the source code to tell whether a
variable is a jail prison / vnet one or not.
Reviewed by: cy (previous version), markj, jamie (for #jails)
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D47107
When the system is very busy, and the ATA hard disk drives are
overloaded due to reading dodgy sectors, it can take several seconds to
drain the NCQ set of commands to send this command to the drive. Up the
timeout from 5s to 10s out of an abundance of caution, but also to allow
monitioring software that uses camcontrol identify to not fail
needlessly.
Sponsored by: Netflix
These were reported by `mandoc -T lint ...` as errors.
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Reviewed by: mhorne, Alexander Ziaee <concussious.bugzilla@runbox.com>
Sponsored by: Tarsnap Backup Inc.
Pull Request: https://github.com/freebsd/freebsd-src/pull/1472
The value of MAXPAYLOAD in the re-applied commit is not right. Back
this out until it's had a proper review.
This reverts commit b88df1e893.
Requested by: maxim, glebius
The leading tab is always required, regardless of the configuration of
`syncdev` or `syncpeer`, as `maxupd`, `defer` and `version` all require
it.
Reviewed by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D47112
The ping tests were originally broken by an unrelated isue that
is now fixed ( 2926c25942 ).
THanks to kp@ for fixing the test and Jose Luis Duran for pinting it out.
This reverts commit 7bc0cb91a2.
Scapy 2.6.0 now appears to parse the IPOption during construction, and it then
gets confused at a single-byte option. IP Options typically contain at least a 1
byte type and 1 byte length. Avoid this by just returning the raw bytes, rather
than an IPOption object.
MFC after: 1 week
Reviewed by: Jose Luis Duran <jlduran@gmail.com>
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D47151
Only super-user could specify a packet size larger than the default 56 bytes.
This restriction was added by Matt Dillon in 1998 during the BEST days [0].
This restriction doesn't exist in ping IPV6 or on NetBSD, OpenBSD and Linux.
UMS [1] uses this feature to estimate the client's bandwidth to optimize the
streaming experience.
[0] DFGit 526f06b278
[1] UMS: https://github.com/UniversalMediaServer/UniversalMediaServer
Obtained from: DragonFlyBSD
Differential Revision: https://reviews.freebsd.org/D45774
These were reported by `mandoc -T lint ...` as warnings:
- unusual Xr order
- unusual Xr punctuation
Fixes made by script in https://github.com/Tarsnap/freebsd-doc-scripts
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Reviewed by: mhorne, Alexander Ziaee <concussious.bugzilla@runbox.com>
Sponsored by: Tarsnap Backup Inc.
Pull Request: https://github.com/freebsd/freebsd-src/pull/1464
As of 2015 (commit b8c19fd719) the fdisk man page claimed the command
is obsolete, but had no explicit mention of removal. Add another note
that follows our current deprecation notice format.
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47067
These were reported by `mandoc -T lint ...` as errors.
The rendered output (in ascii and html) is not affected by this commit.
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Reviewed by: mhorne
MFC after: 3 days
Sponsored by: Tarsnap Backup Inc.
Pull Request: https://github.com/freebsd/freebsd-src/pull/1448
These were reported by `mandoc -T lint ...` as errors; this commit only
handles unnecessary .Ed commands.
The rendered output (in ascii and html) is not affected by this commit.
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Reviewed by: mhorne
MFC after: 3 days
Sponsored by: Tarsnap Backup Inc.
Pull Request: https://github.com/freebsd/freebsd-src/pull/1435
When soft updates began being enabled by default that change carried
over to mdmfs(8) which does not want or need them. This fix ensures
that they are only enabled in mdmfs(8) when requested with the -U flag.
Reported by: Ivan Rozhuk
Tested by: Ivan Rozhuk
PR: 279308
MFC after: 1 week
Reduces code and fixes a bunch of bugs with fragment handling not being in sync
with the rest of the ruleset.
Much feedback from mpf, bluhm & markus
Thanks to Tony Sarendal for help with testing
ok bluhm; various previous versions ok henning, claudio, mpf, markus
Note that while this changes the order of src addr/src port/dst addr/dst port
skips this doesn't actually affect the kernel/userspace ABI. The kernel always
recalculates skip steps. As a result we have to fix one of the pfctl parser
tests. Note that this is an order change that does not affect what packets are
acceppted or dropped.
Obtained from: OpenBSD, mcbride <mcbride@openbsd.org>, 04c69899a7
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46705
Ignore DHCP options 124 and 125 to shut up the warning messages.
These options are defined in the RFC 3925.
PR: 281361
Reviewed by: jrm (mentor), otis (mentor), thj
Tested by: jlduran@gmail.com
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D46760