libexec/rc/rc.d/netif: Typo fix

Just fixing a typo ("configuriing" => "configuring").

MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/1484

rc.d: add a service jails config to all base system services

This gives more permissions to services (e.g. network access to
services which require this) when they are started as an automatic
servic

rc.d: add a service jails config to all base system services

This gives more permissions to services (e.g. network access to
services which require this) when they are started as an automatic
service jail.

The sshd patch is important for the sshd-related functionality as
described in the man-page in the service jails part.

The location of the added env vars is supposed to allow overriding them
in rc.conf, and to hard-disable the use of svcj for some parts where it
doesn't make sense or will not work.

Only a subset of all of the services are fully tested (I'm running this
since more than a year with various services started as service jails).
The untested parts should be most of the time ok, in some edge-cases
more permissions are needed inside the service jail.
Differential Revision: https://reviews.freebsd.org/D40371

show more ...

Remove $FreeBSD$: one-line sh pattern

Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/

rc.d/netif: Don't DAD if lo0 is the only IPv6 IF

The code in rc.d/netif waiting for IPv6 Duplicate Address Detection if
any network interfaces support IPv6. Unfortunately, since lo0 *always*
has IP

rc.d/netif: Don't DAD if lo0 is the only IPv6 IF

The code in rc.d/netif waiting for IPv6 Duplicate Address Detection if
any network interfaces support IPv6. Unfortunately, since lo0 *always*
has IPv6 enabled, this means unconditionally sleeping, even on systems
which have no external IPv6 interfaces.

Since we presume that there is little risk of a duplicate address being
assigned on lo0, amend the test to wait only if there is an interface
*other than lo0* which supports IPv6.

Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D40141

show more ...

rc.d/*: Use startmsg instead of echo on start messages

By rc.conf(5), setting rc_startmsgs="NO" should silence start messages.

Fix a few rc scripts by using startmsg.

PR: 255207
Reported by: Jose

rc.d/*: Use startmsg instead of echo on start messages

By rc.conf(5), setting rc_startmsgs="NO" should silence start messages.

Fix a few rc scripts by using startmsg.

PR: 255207
Reported by: Jose Luis Duran <jlduran@gmail.com>
Reviewed by: imp, 0mp
Approved by: imp (src)
Differential Revision: https://reviews.freebsd.org/D34514

show more ...

Retire synchronous PPP kernel driver sppp(4).

The last two drivers that required sppp are cp(4) and ce(4).

These devices are still produced and can be purchased
at Cronyx <http://cronyx.ru/hardware

Retire synchronous PPP kernel driver sppp(4).

The last two drivers that required sppp are cp(4) and ce(4).

These devices are still produced and can be purchased
at Cronyx <http://cronyx.ru/hardware/wan.html>.

Since Roman Kurakin <rik@FreeBSD.org> has quit them, they no
longer support FreeBSD officially. Later they have dropped
support for Linux drivers to. As of mid-2020 they don't even
have a developer to maintain their Windows driver. However,
their support verbally told me that they could provide aid to
a FreeBSD developer with documentaion in case if there appears
a new customer for their devices.

These drivers have a feature to not use sppp(4) and create an
interface, but instead expose the device as netgraph(4) node.
Then, you can attach ng_ppp(4) with help of ports/net/mpd5 on
top of the node and get your synchronous PPP. Alternatively
you can attach ng_frame_relay(4) or ng_cisco(4) for HDLC.
Actually, last time I used cp(4) back in 2004, using netgraph(4)
instead of sppp(4) was already the right way to do.

Thus, remove the sppp(4) related part of the drivers and enable
by default the negraph(4) part. Further maintenance of these
drivers in the tree shouldn't be a big deal.

While doing that, remove some cruft and enable cp(4) compilation
on amd64. The ce(4) for some unknown reason marks its internal
DDK functions with __attribute__ fastcall, which most likely is
safe to remove, but without hardware I'm not going to do that, so
ce(4) remains i386-only.

Reviewed by: emaste, imp, donner
Differential Revision: https://reviews.freebsd.org/D32590
See also: https://reviews.freebsd.org/D23928

show more ...

Follow-up on 51da4b19be1. When booting a system with WITHOUT_IPFILTER
the following warning printed at boot time:

rcorder: requirement `ipfs' in file `/etc/rc.d/netif' has no providers.

Close tha

Follow-up on 51da4b19be1. When booting a system with WITHOUT_IPFILTER
the following warning printed at boot time:

rcorder: requirement `ipfs' in file `/etc/rc.d/netif' has no providers.

Close that using BEFORE rather than REQUIRE for writing down
dependencies of optional components.

show more ...

Revert r366857.

r366857 created a number of problems, tearing down interfaces too
early in shutdown. This resulted in:

- hung ssh sessions when shutting down or rebooting remotely using
shutdown

Revert r366857.

r366857 created a number of problems, tearing down interfaces too
early in shutdown. This resulted in:

- hung ssh sessions when shutting down or rebooting remotely using
shutdown (I've used exec shutdown, for years, as apposed to simply
shutdown).

- NFS mounted filesystems "disappear" prior to unmount.

- dhclient attached to a VLAN on an interface who's parent interface
has already shut down prints errors.

The path forward is to teach lagg(4) and vlan(4) about WOL.

PR: 251531, 251540
PR: 158734, 109980 are broken again
Reported by: jhb, emaste, jtl, Helge Oldach<freebsd_oldach.net>
Martin Birgmeier <d8zNeCFG_aon.at>
MFC after: Immediately
Discussion at: https://reviews.freebsd.org/D27459

show more ...

Destroy cloned interfaces at netif stop, netif restart and shutdown.
This is especially important during shutdown because a child interface
of lagg with WOL enabled will not enable WOL at interface s

Destroy cloned interfaces at netif stop, netif restart and shutdown.
This is especially important during shutdown because a child interface
of lagg with WOL enabled will not enable WOL at interface shutdown and
thus no WOL to wake up the device (and machine).

PR: 158734, 109980
Reported by: Antonio Huete Jimenez <tuxillo at quantumachine.net>
Marat N.Afanasyev <marat at zealot.ksu.ru>
reviewed by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26797

show more ...

When booting a system with WITHOUT_IPFILTER the following errors
are encountered at boot time:

rcorder: requirement `ipfs' in file `/etc/rc.d/netif' has no providers.
rcorder: requirement `ipfilter'

When booting a system with WITHOUT_IPFILTER the following errors
are encountered at boot time:

rcorder: requirement `ipfs' in file `/etc/rc.d/netif' has no providers.
rcorder: requirement `ipfilter' in file `/etc/rc.d/netif' has no
providers.
rcorder: requirement `ipfilter' in file `/etc/rc.d/netwait' has no
providers.
rcorder: requirement `ipfilter' in file `/etc/rc.d/net_watchdog' has no
providers.
rcorder: requirement `ipfilter' in file `/etc/rc.d/securelevel' has no
providers.

Listing its own requrements in BEFORE rather than use REQUIRE of
non-optional scripts resolves this issue.

The issue was discovered and patched by glebius at Netflix.

Submitted by: glebius
Reported by: glebius
MFC after: 1 week

show more ...

Move the rc framework out of sbin/init into libexec/rc.

The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update bec

Move the rc framework out of sbin/init into libexec/rc.

The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update because an rc script was touched.
(a follow-up commit will make init its own package)
* having rc in its own place will allow more easy replacement
of the rc framework with alternatives, such as openrc.

Discussed with: brd (during BSDCam), kmoore
Requested by: cem, bz
PR: 231522
Approved by: re (gjb)

show more ...

Move rc startup scripts from etc/ to sbin/init/

This keeps most startup scripts as CONFS per discussion on src-committers from
back during BSDCan.

Approved by: will (mentor)
Differential Revision:

Move rc startup scripts from etc/ to sbin/init/

This keeps most startup scripts as CONFS per discussion on src-committers from
back during BSDCan.

Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16466

show more ...

Make netif REQUIRE hostid

As noted in the PR, if etc/rc.d/zvol is removed, netif will be run before
hostid, and the MAC address generated for any bridge devices will be
non-deterministic. Make the M

Make netif REQUIRE hostid

As noted in the PR, if etc/rc.d/zvol is removed, netif will be run before
hostid, and the MAC address generated for any bridge devices will be
non-deterministic. Make the MAC address generated be deterministic for
bridge devices by explicitly REQUIRE'ing hostid.

This fixes up the rest of the PR, inadvertently committed in r299844

MFC after: 1 week
PR: 195188
Sponsored by: EMC / Isilon Storage Division

show more ...

Conditionalize installing etc/rc.d/atm{1,2,3}

`BEFORE: netif` was already in etc/rc.d/atm1, so no additional changes
are needed in that script

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage

Conditionalize installing etc/rc.d/atm{1,2,3}

`BEFORE: netif` was already in etc/rc.d/atm1, so no additional changes
are needed in that script

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division

show more ...

- Add descriptions to most of the rc scripts. Those are mostly taken from their
daemon's manpage and probably improved.
- Consistently use "filesystem" not "file system".

Approved by: bapt, brueff

- Add descriptions to most of the rc scripts. Those are mostly taken from their
daemon's manpage and probably improved.
- Consistently use "filesystem" not "file system".

Approved by: bapt, brueffer
Differential Revision: D452

show more ...

Update only static routes when an interface is specified. This fixed
a bad side-effect reported in PR 202144.

PR: 202144
MFC after: 3 days

Replay r286410. Change KPI of how device drivers that provide wireless
connectivity interact with the net80211 stack.

Historical background: originally wireless devices created an interface,
just li

Replay r286410. Change KPI of how device drivers that provide wireless
connectivity interact with the net80211 stack.

Historical background: originally wireless devices created an interface,
just like Ethernet devices do. Name of an interface matched the name of
the driver that created. Later, wlan(4) layer was introduced, and the
wlanX interfaces become the actual interface, leaving original ones as
"a parent interface" of wlanX. Kernelwise, the KPI between net80211 layer
and a driver became a mix of methods that pass a pointer to struct ifnet
as identifier and methods that pass pointer to struct ieee80211com. From
user point of view, the parent interface just hangs on in the ifconfig
list, and user can't do anything useful with it.

Now, the struct ifnet goes away. The struct ieee80211com is the only
KPI between a device driver and net80211. Details:

- The struct ieee80211com is embedded into drivers softc.
- Packets are sent via new ic_transmit method, which is very much like
the previous if_transmit.
- Bringing parent up/down is done via new ic_parent method, which notifies
driver about any changes: number of wlan(4) interfaces, number of them
in promisc or allmulti state.
- Device specific ioctls (if any) are received on new ic_ioctl method.
- Packets/errors accounting are done by the stack. In certain cases, when
driver experiences errors and can not attribute them to any specific
interface, driver updates ic_oerrors or ic_ierrors counters.

Details on interface configuration with new world order:
- A sequence of commands needed to bring up wireless DOESN"T change.
- /etc/rc.conf parameters DON'T change.
- List of devices that can be used to create wlan(4) interfaces is
now provided by net.wlan.devices sysctl.

Most drivers in this change were converted by me, except of wpi(4),
that was done by Andriy Voskoboinyk. Big thanks to Kevin Lo for testing
changes to at least 8 drivers. Thanks to pluknet@, Oliver Hartmann,
Olivier Cochard, gjb@, mmoll@, op@ and lev@, who also participated in
testing.

Reviewed by: adrian
Sponsored by: Netflix
Sponsored by: Nginx, Inc.

show more ...

Finish reverting r286410 - sorry, I somehow missed this with svn commit.

Change KPI of how device drivers that provide wireless connectivity interact
with the net80211 stack.

Historical background: originally wireless devices created an interface,
just like Ethernet devi

Change KPI of how device drivers that provide wireless connectivity interact
with the net80211 stack.

Historical background: originally wireless devices created an interface,
just like Ethernet devices do. Name of an interface matched the name of
the driver that created. Later, wlan(4) layer was introduced, and the
wlanX interfaces become the actual interface, leaving original ones as
"a parent interface" of wlanX. Kernelwise, the KPI between net80211 layer
and a driver became a mix of methods that pass a pointer to struct ifnet
as identifier and methods that pass pointer to struct ieee80211com. From
user point of view, the parent interface just hangs on in the ifconfig
list, and user can't do anything useful with it.

Now, the struct ifnet goes away. The struct ieee80211com is the only
KPI between a device driver and net80211. Details:

- The struct ieee80211com is embedded into drivers softc.
- Packets are sent via new ic_transmit method, which is very much like
the previous if_transmit.
- Bringing parent up/down is done via new ic_parent method, which notifies
driver about any changes: number of wlan(4) interfaces, number of them
in promisc or allmulti state.
- Device specific ioctls (if any) are received on new ic_ioctl method.
- Packets/errors accounting are done by the stack. In certain cases, when
driver experiences errors and can not attribute them to any specific
interface, driver updates ic_oerrors or ic_ierrors counters.

Details on interface configuration with new world order:
- A sequence of commands needed to bring up wireless DOESN"T change.
- /etc/rc.conf parameters DON'T change.
- List of devices that can be used to create wlan(4) interfaces is
now provided by net.wlan.devices sysctl.

Most drivers in this change were converted by me, except of wpi(4),
that was done by Andriy Voskoboinyk. Big thanks to Kevin Lo for testing
changes to at least 8 drivers. Thanks to Olivier Cochard, gjb@, mmoll@,
op@ and lev@, who also participated in testing. Details here:

https://wiki.freebsd.org/projects/ifnet/net80211

Still, drivers: ndis, wtap, mwl, ipw, bwn, wi, upgt, uath were not
tested. Changes to mwl, ipw, bwn, wi, upgt are trivial and chances
of problems are low. The wtap wasn't compilable even before this change.
But the ndis driver is complex, and it is likely to be broken with this
commit. Help with testing and debugging it is appreciated.

Differential Revision: D2655, D2740
Sponsored by: Nginx, Inc.
Sponsored by: Netflix

show more ...

Add an rc.d script to invoke iovctl(8) during boot

Differential Revision: https://reviews.freebsd.org/D88
Reviewed by: wblock, emaste, allanjude
MFC after: 1 month
Relnotes: yes
Sponsored by:

Add an rc.d script to invoke iovctl(8) during boot

Differential Revision: https://reviews.freebsd.org/D88
Reviewed by: wblock, emaste, allanjude
MFC after: 1 month
Relnotes: yes
Sponsored by: Sandvine Inc.

show more ...

rc.d: load the network config file for netif

r272959 broke compatibility with mfsBSD that stores the default network
config file in /etc/rc.conf.d/network. In order to fix that load the network
conf

rc.d: load the network config file for netif

r272959 broke compatibility with mfsBSD that stores the default network
config file in /etc/rc.conf.d/network. In order to fix that load the network
config file from netif also.

show more ...

Rename s/network/netif/ and set netif_enable for namespace consistency.

Remove more remnants of ng_fec(4).

The ng_create_one() and ng_mkpeer() functions in network.subr are
now not used anywhere, but I left them, since they can be useful
in future in netgraph scripting.

Remove more remnants of ng_fec(4).

The ng_create_one() and ng_mkpeer() functions in network.subr are
now not used anywhere, but I left them, since they can be useful
in future in netgraph scripting.

Submitted by: pluknet

show more ...

Add support for "vnet jname" argument in ifconfig_IF. The vnet keyword
is ignored except for "rc.d/netif vnet{up,down} ifn" because a jail is
usually created after interface initialization on boot t

Add support for "vnet jname" argument in ifconfig_IF. The vnet keyword
is ignored except for "rc.d/netif vnet{up,down} ifn" because a jail is
usually created after interface initialization on boot time.

"rc.d/netif vnetup ifn" moves ifn into the specified jail. It is
designed to be used in other scripts like rc.d/jail, not automatically
invoked during the interface initialization.

Approved by: re (kib)

show more ...

Add epair(4) support in $cloned_interfaces. One should be specified
as "epair0" in $cloned_interfaces and "epair0[ab]" in the others in
rc.conf like the following:

cloned_interfaces="epair0"
ifco

Add epair(4) support in $cloned_interfaces. One should be specified
as "epair0" in $cloned_interfaces and "epair0[ab]" in the others in
rc.conf like the following:

cloned_interfaces="epair0"
ifconfig_epair0a="inet 192.168.1.1/24"
ifconfig_epair0b="inet 192.168.2.1/24"

/etc/rc.d/netif now accepts both "netif start epair0" and "netif start
epair0a".

Approved by: re (kib)

show more ...