b06f8fd325
add a commented out scrub example
ok frantzen@
22 years ago
4938721619
regen.
22 years ago
580d3a1491
this is better.
22 years ago
6cc3fafaf7
Add gpr, i386 only; this may change in the near future to something more
generic as /dev/smartcard or similar.
deraadt@ ok.
22 years ago
7878b8988c
merge nat.conf here as well
add more simple filter rule examples
"commit it" deraadt@
22 years ago
649c27a936
No more nat.conf; blessed by deraadt
22 years ago
4a71305849
this goes away
22 years ago
0e62974bea
we no longer do this. why was it edited incorrectly?
22 years ago
2192c38981
More nat.conf(5) -> pf.conf(5) updates
22 years ago
6fe302298c
Not much point supplying /boot by itself.
22 years ago
b116be5994
sync
22 years ago
af6adb6295
add bpf0 to ramdisk target
22 years ago
5d21ae4712
another bit that got missed
22 years ago
0b36d72022
pfctl -f instead of -N/-R, ok deraadt@
22 years ago
cb9854a47e
Update to the latest and greatest from arla.
22 years ago
e33b71da5e
Remove startup stuff for Kerberos 4 servers.
ok deraadt@
22 years ago
04869e8b3d
rm trailing whitespace
22 years ago
c9c7aafc44
sync
22 years ago
d551db44ea
remove the `real' Id string in generated output, keeps conflicts down
miod@ ok, requested a long time ago by misc
22 years ago
3cf01bfdce
spool dirs should be group daemon, mode 0775
22 years ago
919740d17e
clear /var/authpf on bootup - ensure we don't kill things we shouldn't
22 years ago
f58c32557d
make /var/authpf owned and writable by group authpf
22 years ago
5732c0634b
authpf group, for authpf
22 years ago
ab52f4dc26
Path to 'bootpd' is /usr/sbin. From dfa@solo.ee
millert@ ok
22 years ago
c2f347299e
try to avoid DNS here
22 years ago
55de6b1276
fix mkr for libssl changes
22 years ago
9d4d2a0ba0
spaces to tab
22 years ago
077a4540c0
ecn is disabled by default, so show the option enabled.
deraadt@ ok.
22 years ago
2d8129083e
comma splice
22 years ago
5450292f2d
No dm -> no dm.conf.
22 years ago
950d3e558c
space nits
22 years ago
b05f19e325
Not that kvm parts are removed, run rpc.rstatd and rpc.rusers as
nobody. While I do not like running things as nobody since the step
up is very small, we use this for other daemons in inetd. And it is
still a small step.
22 years ago
a7dcd109ec
more dm parts going away; pjanzen
22 years ago
2b48205e68
Sigh, add the rule in the right place (not just when NFS is used).
From Dries Schellekens
22 years ago
06074e6554
Allow incoming ssh connections in the initial temporary rule set that's
active before /etc/pf.conf is loaded, just in case loading fails (and
leaves the inital set active). ok deraadt@
22 years ago
d5b88bb46c
The troll strikes.. The troll strikes.. The dungeon master dies.distrib/sets/lists
22 years ago
8596724be4
Check for S/Key entries in /etc/skey, not /etc/skeyeys; David Krause
We could use skeyinfo(1) to check but this is much cheaper.
22 years ago
375cf50538
oops, missed another file
22 years ago
4c9dd51369
create /etc/authpf and /var/authpf dirs
22 years ago
7c43b8257a
fake sync (not yet using MAKEDEV.md)
22 years ago
463de9c0b4
remove MAKEDEV.local finally
22 years ago
f62f2f05e8
blob for splassert.
suggested by deraadt@.
22 years ago
c34dad9012
update user list; spotted by hshoexer@yerbouti.franken.de
22 years ago
116ff68285
Add systrace devices until vax is converted to new MAKEDEV scheme (soon)
22 years ago
c6a403457d
Regen.
22 years ago
351878830a
Add systrace support to all the remaining architectures.
Tested by various people on various platforms, I'm willing to fix any
breakage this causes.
ok niels@ deraadt@ and mickey@ (after his comments were applied)
22 years ago
060427ae7f
ignore non-existent cases where '$if' evaluates to '*'.
From Andr� Lucas <andre@ae-35.com>, fixes pr # 2658.
'Looks good' from miod@, millert@, and krw@.
22 years ago
109a1e6940
show net.inet.tcp.ecn option
22 years ago
01d97ccb6b
Replace skeykeys entry with proper skey entry. Pointed out by mickey@
22 years ago
efacb2c139
sync
22 years ago
henning