ipfw: Use proper prototype for SYSINIT functions
The only possible return value of function ipfw_init() is 0. Make it
return void to match the prototype of SYSINIT.
MFC after: 1 week
(cherry picked from commit 1bba2194c8a960235f8eae36e7d3e96f347ce779)
(cherry picked from commit 745b6ca4ed933f9f4c1d314dc7b0aa31e8e9e0de)
bsdinstall.8: Minor maintenance
Replace CD-ROMs with "discs, USBs, or network boot environments"
to both modernize aesthetic and also nudge youths to think at scale.
Since I'm disrupting the flow of these lines anyway, expand the VM
acronym because I think this is one of the first manuals people will
be looking at.
Reset list alignment to seven characters. It was at 19 characters,
and that was not enough to align them all, wasting many extra lines
by crunching all the words over. Seven actually bought us some lines
from six due to avg item size. Tag SPDX.
MFC after: 3 days
Discussed with: ivy, zi
(cherry picked from commit 81d9e08a4df42079d5e163b5991d5d6f3a28d4f0)
ip6_mroute: Remove an unhelpful comment
ifnets already track if_allmulti() calls in the if_amcount field. That
field is older than the comment, so I'm not exactly sure what the intent
was; let's just remove it.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
(cherry picked from commit a45fb94801dffd414bdb1981def0e977ef0c774f)
ip6_mroute: Make MF6CFIND a regular function
This is more natural and corresponds more closely to the v4 multicast
routing code. No functional change intended.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54983
(cherry picked from commit b370fcc716b9cfd4d08e291f0009f02452c84d64)
siftr: refactor batch log processing
Refactoring to perform the batch processing of
log messaged in two phases. First cycling through a limited
number of collected packets, and only thereafter freeing
the processed packets. This prevents any chance of calling
free while in a critical / spinlocked section.
Reviewed By: tuexen
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D42949
(cherry picked from commit a95cd6e4870b79178860e03366c4327e533ecf1e)
ip_mroute: Make privilege checking more consistent
- The v6 socket option and ioctl handlers had no privilege checks at
all. The socket options, I believe, can only be reached via a raw
socket, but a jailed root user with a raw socket shouldn't be able to
configure multicast routing in a non-VNET jail. The ioctls can only
be used to fetch stats.
- Delete a bogus comment in X_mrt_ioctl(), one can issue multicast
routing ioctls against any socket. Note that the call path is
soo_ioctl()->rtioctl_fib()->mrt_ioctl().
I think all of the mroute privilege checks should be done within the
ip(6)_mroute code, but let's first make the v4 and v6 modules
consistent.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
[3 lines not shown]
ip_mroute: Convert to using a regular mutex
The multicast routing code was using spin mutexes for packet counting,
but there is no reason to use them instead of regular mutexes, given
that none of this code runs in an interrupt context. Convert to using
default mutexes.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54603
(cherry picked from commit a265c8b4a5a7c8fdd33e27b8f74bd2a514f82c70)
ip_mroute: EVENTHANDLER_REGISTER does not fail
No functional change intended.
MFC after: 1 week
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
(cherry picked from commit 0f1e1350704af555a4b30136f5f3d16db6f2dc51)
if_ovpn: add interface counters
Count input/output packets and bytes on the interface as well, not just
in openvpn-specific counters.
PR: 292464
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 21d666a19331f31fb6dfa1e370de5a84a1a5cb46)
vtnet: improve consistency
Use sbuf_new_for_sysctl() instead of sbuf_new_auto() when exposing
the flags via sysctl.
(cherry picked from commit 8da838ac31692e381adfc63d83ea49f2adabbf23)
vtnet: expose features via sysctl tree
Right now the 64-bit flags field needs to be casted to a 32-bit field,
because clang warns if more than 32-bits are used.
Once clang is fixed, this restriction will be removed and more bits
will be added.
Reviewed by: markj, Timo Völker
Differential Revision: https://reviews.freebsd.org/D54288
(cherry picked from commit 634d9c0d111b630c3d63a1cf25d15c32a37afab8)
vtnet: expose flags via sysctl tree
Provide the flags used for a vtnet interface via the sysctl tree.
This is mostly used for debugging purposes.
Reviewed by: Timo Völker
Differential Revision: https://reviews.freebsd.org/D54283
(cherry picked from commit e3a0571ad74d8429a95fcae9efc1d91cc109a337)
vtnet: define flags in a consistent way
This allows adding flags in the upper 32 bits in a consistent way.
No functional change intended.
(cherry picked from commit e0c6c4ecfc755b78ac9135033053d2f15c62bf04)
ice(4): Handle allmulti flag in ice_if_promisc_set function
In the ice_if_promisc_set function, the driver currently disables the
IFF_ALLMULTI flag, thereby preventing the activation of multicast mode.
To address this issue, implement appropriate handling to ensure the
flag is managed correctly.
Signed-off-by: Yogesh Bhosale <yogesh.bhosale at intel.com>
Tested by: Gowthamkumar K S <gowtham.kumar.ks at intel.com>
Differential Revision: https://reviews.freebsd.org/D54186
(cherry picked from commit 98bdf63f6e94be42a1787de73608de15bcb3419a)
e1000: Fix setting the promiscuous mode
The variable reg_rctl stores the value read from reg E1000_RCTL. It
may contain bits E1000_RCTL_VFE and E1000_RCTL_CFIEN which control
VLAN hardware filter feature. The promiscuous mode implies all tagged
or untagged packets should be accepted, so the VLAN hardware filter
feature should be disabled when enabling the promiscuous mode.
Calling em_if_vlan_filter_disable() did the task, but later writing
the value of reg_rctl back to the reg E1000_RCTL may restore the
feature.
Move the calling of em_if_vlan_filter_disable() after writing the reg
to fix that.
PR: 292759
Reviewed by: kbowling
Tested by: vova at zote.me
Fixes: 2796f7cab107 e1000: Fix up HW vlan ops
MFC after: 3 days
[4 lines not shown]
pfctl: allow new page character (^L) in pf.conf
PF configuration files can contains many things.
Using the new page characters (i.e. ^L, \014) to mark the beginning
of parts is useful because many editors such as emacs and vim has
facilities to jump next/previous ones.
PR: 86635
MFC after: 2 weeks
Submitted by: MOROHOSHI Akihiko <moro at remus.dti.ne.jp>
Submitted by: Simon Wollwage <rootnode+freebsd at wollwage.com>
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit fc353e5e61fadd6ef618948f417f96381c08239c)
ifconfig: Exit with a non-zero status when SIOCSIFFIB fails
Previously, setting an interface FIB to some invalid value would result
in a warning being printed, but the ifconfig command would exit with
status 0, but this is wrong.
Add a little regression test.
Reviewed by: pouria, zlei, melifaro
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54918
(cherry picked from commit 2ea85a622bcba92a7b58901d6a6e945df3022c4e)
