version 1.29, 2007/03/06 16:33:39 |
version 1.30, 2007/03/06 17:03:53 |
|
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a> |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a> |
can now pipe logs directly to other programs, making real-time log analysis easier. |
can now pipe logs directly to other programs, making real-time log analysis easier. |
<li>the IP_RECVTTL |
<li>the IP_RECVTTL |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=ip&sektion=4">ip(4)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ip&sektion=4">ip(4)</a> |
socket option allows programs to receive the incoming ttl on raw and udp sockets. |
socket option allows programs to receive the incoming ttl on raw and udp sockets. |
<li>the IP_MINTTL |
<li>the IP_MINTTL |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=ip&sektion=4">ip(4)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ip&sektion=4">ip(4)</a> |
socket option allows programs to ask the kernel to discard any packets with a ttl |
socket option allows programs to ask the kernel to discard any packets with a ttl |
smaller than the given one, for implementing the IP TTL security hack aka the Generalized |
smaller than the given one, for implementing the IP TTL security hack aka the Generalized |
TTL Security Mechanism specified in RFC 3682. |
TTL Security Mechanism specified in RFC 3682. |
<li>multiple, independent routing tables, with |
<li>multiple, independent routing tables, with |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pf&sektion=4">pf(4)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> |
acting as selector. |
acting as selector. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=route&sektion=8">route(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=route&sektion=8">route(8)</a> |
can be told which table to work with now, and routing daemons have been modified to |
can be told which table to work with now, and routing daemons have been modified to |
cope as well. |
cope as well. |
<li>the |
<li>the |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pflog&sektion=4">pflog(4)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pflog&sektion=4">pflog(4)</a> |
interface is now clonable. |
interface is now clonable. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pf&sektion=4">pf(4)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> |
can log to multiple pflog interfaces now, each rule can specify which pflog interface |
can log to multiple pflog interfaces now, each rule can specify which pflog interface |
to log to. |
to log to. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pflogd&sektion=8">pflogd(8)</a> and |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pflogd&sektion=8">pflogd(8)</a> and |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=spamlogd&sektion=8">spamlogd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamlogd&sektion=8">spamlogd(8)</a> |
can now be told which pflog interface to work with. |
can now be told which pflog interface to work with. |
<li>the |
<li>the |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pfsync&sektion=4">pfsync(4)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfsync&sektion=4">pfsync(4)</a> |
interface is now clonable as well, thus only there when actually needed. |
interface is now clonable as well, thus only there when actually needed. |
<li> |
<li> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pfctl&sektion=8">pfctl(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> |
can now expire table entries. |
can now expire table entries. |
<li>allow |
<li>allow |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=pf&sektion=4">pf(4)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> |
rules inside anchors to have their counters reset, and make counter read & reset an |
rules inside anchors to have their counters reset, and make counter read & reset an |
atomic operation. |
atomic operation. |
<li> |
<li> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?ip=sensorsd&sektion=8">sensorsd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sensorsd&sektion=8">sensorsd(8)</a> |
dampens status changes now, thus not alerting for a single wrong sensor read, since many |
dampens status changes now, thus not alerting for a single wrong sensor read, since many |
sensors lie once in a while. |
sensors lie once in a while. |
</ul> |
</ul> |