Remove $FreeBSD$: two-line .h pattern

Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

various: general adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.

Remove duplicated header files

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

Don't get stuck in an infinite loop comparing (short++ <= maxshort)

PR: 136893
Submitted by: Aragon Gouveia - aragon at phat dot za dot net (mostly)
Approved by: re (kib)
MFC after: 3 weeks

- Import the HEAD csup code which is the basis for the cvsmode work.

Update to the "new" libalias API (and thus fix world breakage).

Add a bunch of malloc() return checks

PR: 71592
Submitted by: Dan Lukes <dan@obluda.cz> with further changes

Make ppp WARNS=5 clean

Add Cisco Skinny Station protocol support to libalias, natd, and ppp.
Skinny is the protocol used by Cisco IP phones to talk to Cisco Call
Managers. With this code, one can use a Cisco IP phone behind a FreeBSD
NAT gateway.

Currently, having the Call Manager behind the NAT gateway is not supported.
More information on enabling Skinny support in libalias, natd, and ppp
can be found in those applications' manpages.

PR: 55843
Reviewed by: ru
Approved by: ru
MFC after: 30 days

Include the correct file (stdarg.h) and use va_list rather than _BSD_VA_LIST_

Suggested by: mike

Usage style sweep: spell "usage" with a small 'u'.
Also change one case of blatant __progname abuse (several more remain)
This commit does not touch anything in src/{contrib,crypto,gnu}/.

cmott@scientech.com -> cm@linktel.net

Requested by: Charless Mott <cmott@scientech.com>

o Add ipv6 support, abstracting most NCP addresses into opaque
structures (well, they're treated as opaque).

It's now possible to manage IPv6 interface addresses and routing
table entries and to filter IPV6 traffic whether encapsulated or
not.

IPV6CP support is crude for now, and hasn't been tested against
any other implementations.

RADIUS and IPv6 are independent of eachother for now.

ppp.linkup/ppp.linkdown aren't currently used by IPV6CP

o Understand all protocols(5) in filter rules rather than only a select
few.

o Allow a mask specification for the ``delete'' command. It's now
possible to specifically delete one of two conflicting routes.

o When creating and deleting proxy arp entries, do it for all IPv4
interface addresses rather than doing it just for the ``current''
peer address.

o When iface-alias isn't in effect, don't blow away manually (via ``iface
add'') added interface addresses.

o When listening on a tcp server (diagnostic) socket, bind so that a
tcp46 socket is created -- allowing both IPv4 and IPv6 connections.

o When displaying ICMP traffic, don't display the icmp type twice.
When display traffic, display at least some information about unrecognised
traffic.

o Bump version

Inspired after filtering work by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org>

Add a ``nat punch_fw'' command for punching FTP and IRC DCC holes through
the firewall.

Add a ``nat proto'' command -- similar to natd(8)'s -redirect_proto switch.

MFC after: 3 weeks

Add BSD style copyrights (with permission from Charles Mott where appropriate)
Deprecate -alias further (after a repo-copy)

A better fix for the PacketAliasProxyRule() call.

Submitted by: Ian Dowse <iedowse@maths.tcd.ie>

Don't pass PacketAliasProxyRule() a buffer with leading whitespace as it
can't handle it.

Drop PKT_ALIAS_IGNORED packets if ``nat deny_incoming yes'' is in effect.

Approved by: rwatson, ru

Allow a ``timeout secs'' filter option to let specific packet types
effect the idle timer in different ways.

Submitted by: Stefan Esser <se@freebsd.org>

With adjustments by me to document the option in the man page and to
give the same semantics for outgoing traffic as incoming.

I made the style more consistent in ip.c - this should really have
been done as a separate commit.

o Log the (payload/size) of all packet types, not just TCP packets

o If the new ``filter-decapsulation'' is enabled, delve into UDP packets
that contain 0xff 0x03 as the first two bytes, and if we recognise it
as PROTO_IP, decapsulate it for the purpose of filter checking.

If we recognise it as PROTO_<anything else> mention this for logging
purposes only.

This change is aimed at people running PPPoUDP where the UDP traffic is
being sent over another PPP link. It's desireable to have the top level
link connected all the time, but to have the bottom level link capable
of decapsulating the traffic and comparing the payload against the filters,
thus allowing ``set filter dial ...'' to work in tunnelled environments.

The caveat here is that the top ppp cannot employ any compression layers
without making the data unreadable for the bottom ppp. ``disable deflate
pred1 vj'' and ``deny deflate pred1 vj'' is suggested.

Remove ``nat pptp'' as this is now done transparently by libalias.

Always pass packets through libalias when NAT is enabled.

Submitted by: luoqi
Forgotten by: me

Fix a typo

Mention that the default is to let external traffic route to
the internal network when NAT is enabled.

Allow ``set target MYADDR'' to stop packets at the gateway.

Use INADDR_NONE with PacketAliasSetTarget() if no args are given to
``nat target'', and suggest the use of ``nat target default'' as an
interesting possibility.

Add the ``nat target'' command.

Log information about packets being dropped (probably due to
``nat deny_incoming yes'') by libalias.

Mention the value of the unexpected return code in nat_LayerPull()

Add some diagnostics to prove that incoming IP fragments are
being dealt with correctly.

Refresh the NAT IP pointer after a potential mbuf reallocation. This
caused frequent lock-ups for individual sessions over a NAT'd ppp link
when MTU sizes ended up more or less exactly wrong.

Fix some printf-style argument bugs

Introduce LOCALNAT and LOCALRAD defines so that the sources can stay
exactly the same in FreeBSD & OpenBSD despite libalias and libradius
being local to the ppp sources under OpenBSD.

Ensure that there's a bit of extra space in our buffer when it's
passed to libalias. If there's not enough space, things like ftp
PORT commands start failing....

Reported by: Gianmarco Giovannelli <gmarco@giovannelli.it>

Cosmetic: Make struct mbuf more like kernel mbufs.

Cosmetic:
alias_cmd -> nat_cmd after a repo-copy

Make the ``Problem with IP header length'' error a bit more verbose

$Id$ -> $FreeBSD$

o Add the -foreground switch. This switch behaves like -background except
that ppp stays in the foreground.
o Add the -quiet switch to quieten ppps startup
o Add the -nat flag and discourage the use of the -alias flag. Both do
the same thing.
o Correct some nat usage strings.
o Change the internal ``alias'' command to ``nat''.

Don't return a garbage mbuf pointer after storing it
as an unresolved fragment.

When we fetch previously retrieved IP fragments from the alias
tables, copy them correctly back into our mbuf rather giving a
bzero'd count to memcpy() and ending up with a 0 byte fragment.

The old code resulted in a 0 byte write to the tun device which
tickled a bug that resulted in a panic :-(

Allow a remote IP and port range specification in the
``alias port'' command.

o Alter the mbuf type as it's processed by different layers.
o Show more information about missing MP fragments in ``show mp''.
o Do away with mbuf_Log(). It was showing mbuf stats twice on
receipt of LCP/CCP/IPCP packets.... ???!!?
o Pre-allocate a bit extra when creating LQR packets to avoid having
to allocate another mbuf in mbuf_Prepend().

Allow ``host:port/udp'' devices and support ``host:port/tcp'' as
being the same as the previous (still supported) ``host:port''
syntax for tcp socket devices.

A udp device uses synchronous ppp rather than async, and avoids
the double-retransmit overhead that comes with ppp over tcp (it's
usually a bad idea to transport IP over a reliable transport that
itself is using an unreliable transport). PPP over UDP provides
througput of ** 1.5Mb per second ** with all compression disabled,
maxing out a PPro/200 when running ppp twice, back-to-back.

This proves that PPPoE is plausable in userland....

This change adds a few more handler functions to struct device and
allows derivations of struct device (which may contain their own
data etc) to pass themselves through the unix domain socket for MP.
** At last **, struct physical has lost all the tty crud !

iov2physical() is now smart enough to restore the correct stack of
layers so that MP servers will work again.

The version number has bumped as our MP link transfer contents have
changed (they now may contain a `struct device').

Don't extract the protocol twice in MP mode (resulting in protocol
rejects for every MP packet). This was broken with my original
layering changes.

Add ``Physical'' and ``Sync'' log levels for logging the relevent
raw packets and add protocol-tracking LogDEBUG stuff in various
LayerPush & LayerPull functions.

Assign our physical device name for incoming tcp connections by
calling getpeername().

Assign our physical device name for incoming udp connections from
the address retrieved by the first recvfrom().

o Redesign the layering mechanism and make the aliasing code part of
the layering.

We now ``stack'' layers as soon as we open the device (when we figure
out what we're dealing with). A static set of `dispatch' routines are
also declared for dealing with incoming packets after they've been
`pulled' up through the stacked layers.

Physical devices are now assigned handlers based on the device type
when they're opened. For the moment there are three device types;
ttys, execs and tcps.

o Increment version number to 2.2
o Make an entry in [uw]tmp for non-tty -direct invocations (after
pap/chap authentication).
o Make throughput counters quad_t's
o Account for the absolute number of mbuf malloc()s and free()s in
``show mem''.
o ``show modem'' becomes ``show physical''.

Add support for NetBSD

Allow port ranges in ``alias port''.

Support PPTP via libalias (``alias pptp addr'').

Support proxying & transparent proxying curtesy of libalias(3).
Order the alias command descriptions.
Order the SEE ALSO entries.

Initial RADIUS support (using libradius). See the man page for
details. Compiling with -DNORADIUS (the default for `release')
removes support.

TODO: The functionality in libradius::rad_send_request() needs
to be supplied as a set of routines so that ppp doesn't
have to wait indefinitely for the radius server(s). Instead,
we need to get a descriptor back, select() on the descriptor,
and ask libradius to service it when necessary.
For now, ppp blocks SIGALRM while in rad_send_request(), so
it misses PAP/CHAP retries & timeouts if they occur.

Only PAP is functional. When CHAP is attempted, libradius
complains that no User-Password has been specified... rfc2138
says that it *mustn't* be used for CHAP :-(

Sponsored by: Internet Business Solutions Ltd., Switzerland

Sync with OpenBSD ifdefs

Put the IP buffer queues into struct ipcp.
Forgotten by: me

Remove redundant includes

Don't dlopen()/dlsym() libalias, use it in the same way
as the rest of the world uses libraries.

Fix a rather nasty use of `static'. This caused a SEGV
when running ``link * load label'' as we ended up recursing
back into command_Interpret after nuking our command arg list.

Remove unused #includes.
Make various bits static.
Remove unused variables.
Submitted by: eivind

Correct copyright.

Requested by: Eivind Eklund <perhaps@yes.no>

Charles Mott created these (and told me via email that
they were BSD copyright). Use his name, not mine.

Add (BSD) copyright headers.

Correct return values from alias routines.

Fix prototypes.
Remove extraneous decls.
Add ``const'' to several places.
Allow ``make NOALIAS=1'' to remove IP aliasing.
Merge with OpenBSD - only the Makefiles vary.

We can now survive a compile with
-Wall -Wbad-function-cast -Wcast-align -Wcast-qual
-Winline -Wmissing-declarations -Wmissing-prototypes
-Wnested-externs -Wpointer-arith -Wredundant-decls
-Wshadow -Wstrict-prototypes -Wwrite-strings -Wchar-subscripts
(although the Makefile just contains -Wall).

Cosmetic (no functional changes):
o Add missing $Id$s
o Move extern decls from .c -> .h files
o Staticize
o Remove #includes from .h files
o style(9)ify includes
o bcopy -> memcpy
bzero -> memset
bcmp -> memcmp
index -> strchr
rindex -> strrchr
o Move timeout.h -> timer.h (making it consistent w/ timer.c)
o Add -Wmissing-prototypes

Make the code format more in line with style(9).
Update loadalias to use the new libalias api.
Update to version 1.1.

Overhaul ppp:
o Use syslog
o Remove references to stdout/stderr (incl perror())
o Introduce VarTerm - the interactive terminal or zero
o Allow "set timeout" to affect current session
o Change "set debug" to "set log"
o Allow "set log [+|-]flag"
o Make MSEXT and PASSWDAUTH stuff the default
o Move all #ifdef DEBUG stuff into the code - this
shouldn't be too much overhead. It's now controlled
with "set log +debug"
o Add "set log command, debug, tun, warn, error, alert"
o Remove cdefs.h, and assume an ansi compiler.
o Improve all diagnostic output
o Don't trap SIGSEGV
o SIGHUP now terminates again (log files are controlled
by syslog)
o Call CloseModem() when changing devices
o Fix parsing of third arg of "delete"

I think this fixes the "magic is same" problems that some
people have been experiencing.
The man page is being rewritten. It'll follow soon.

De-couple ppp from libalias. If libalias isn't there, the
alias commands simply won't work. Only root may specify the
location of the alias lib (otherwise, it's hard-coded).

Make logprintf silently fail if LogOpen hasn't been called.

Suggested by: eivind

Include <alias.h>, not "alias.h"

Finish updating for the latest alias code.

Submitted by: Charles Mott <cmott@srv.net>