relnotes-i386.txt

标准模板库自修教程与参考手册 STL进行C++编程.我的代码发完了

   Network devices now automatically appear as special files in /dev/net.
   Interface hardware ioctls (not protocol or routing) can be performed on
   these devices. The SIOCGIFCONF ioctl may be performed on the special
   /dev/network node.

   Selected network drivers now implement a semi-polling mode, which makes
   systems much more resilient to attacks and overloads. To enable polling,
   the following options are required in a kernel configuration file:

     options DEVICE_POLLING
     options HZ=1000 # not compulsory but strongly recommended

   The kern.polling.enable sysctl variable will then activate polling mode;
   with the kern.polling.user_frac sysctl indicating the percentage of CPU
   time to be reserved for userland. The devices initially supporting polling
   are dc(4), fxp(4), rl(4), and sis(4). More details can be found in the
   polling(4) manual page. [MERGED]

   The packet-forwarding performance of certain network drivers (specifically
   dc(4) and sis(4)) has been enhanced by the elimination of unnecessary
   buffer copies. [MERGED]

     ----------------------------------------------------------------------

  2.1.4 Network Protocols

   accept_filter(9), a kernel feature to reduce overheads when accepting and
   reading new connections on listening sockets, has been added. [MERGED]

   The proxy modifier to arp(8)'s -d option has been renamed to pub, for
   consistency with the -s option. The only keyword has been added to the -s
   and -S flags, to be used in creating ``proxy-only'' published entries.
   [MERGED]

   The read timeout feature of bpf(4) now works more correctly with
   select(2)/poll(2), and therefore with pthreads. [MERGED]

   bridge(4) and dummynet(4) have received some enhancements and bug fixes,
   and are now loadable modules. [MERGED]

   bridge(4) now has better support for multiple, fully-independent bridging
   clusters, and is much more stable in the presence of dynamic attachments
   and detatchments. Full support for VLANs is also supported. [MERGED]

   ICMP ECHO and TSTAMP replies are now rate limited. TCP RSTs generated due
   to packets sent to open and unopen ports are now limited by separate
   counters. Each rate limiting queue now has its own description.

   ICMP UNREACH_FILTER_PROHIB messages can now RST TCP connections in the
   SYN_SENT state if the correct sequence numbers are sent back, as
   controlled by the net.inet.tcp.icmp_may_rst sysctl. [MERGED]

   IP multicast now works on VLAN devices. Several other bugs in the VLAN
   code have also been fixed.

   A bug in the IPSec processing for IPv4, which caused the inbound SPD
   checks to be ignored, has been fixed. [MERGED]

   ipfw(4) now filters correctly in the presence of ECN bits in TCP segments.
   [MERGED]

   A new ng_etf(4) netgraph node allows Ethernet type packets to be filtered
   to different hooks depending on ethertype. [MERGED]

   The ng_gif(4) and ng_gif_demux(4) netgraph nodes, for operating on gif(4)
   devices, have been added.

   The ng_ip_input(4) netgraph node, for queueing IP packets into the main IP
   input processing code, has been added.

   The ng_mppc(4) and ng_bridge(4) node types have been added to the
   netgraph(4) subsystem. The ng_ether(4) node is now dynamically loadable.
   Miscellaneous bug fixes and enhancements have also been made. [MERGED]

   A new netgraph node type ng_one2many(4) for multiplexing and
   demultiplexing packets over multiple links has been added. [MERGED]

   A new sysctl net.inet.ip.check_interface, which is on by default, causes
   IP to verify that an incoming packet arrives on an interface that has an
   address matching the packet's destination address. [MERGED]

   A new sysctl net.link.ether.inet.log_arp_wrong_iface has been added to
   control the suppression of logging when ARP replies arrive on the wrong
   interface. [MERGED]

   A new options RANDOM_IP_ID kernel option causes the ID field of IP packets
   to be randomized. This closes a minor information leak which allows a
   remote observer to determine the rate at which the machine is generating
   packets, since the default behavior is to increment a counter for each
   packet sent. [MERGED]

   TCP has received some bug fixes for its delayed ACK behavior. [MERGED]

   TCP now supports the NewReno modification to the TCP Fast Recovery
   algorithm. This behavior can be controlled via the net.inet.tcp.newreno
   sysctl variable. [MERGED]

   TCP now uses a more aggressive timeout for initial SYN segments; this
   allows initial connection attempts to be dropped much faster. [MERGED]

   The TCP_COMPAT_42 kernel option has been removed. [MERGED]

   The TCP_RESTRICT_RST kernel option has been removed. Similar functionality
   can be achieved with the net.inet.tcp.blackhole sysctl variable. [MERGED]

   TCP now has RFC 1323 extensions enabled by default in rc.conf(5). [MERGED]

   RFC 1323 and RFC 1644 TCP extensions are now disabled for a connection in
   progress if no response has been received by the third SYN segment sent.
   This behavior tries to work around (very old) terminal servers with buggy
   VJ header compression implementations. [MERGED]

   The TCP implementation no longer requires the allocation of a TCP template
   structure for each connection; this should reduce the buffer usage on
   large systems handling many connections. [MERGED]

   TCP's default buffer sizes, controlled by the net.inet.tcp.sendspace and
   net.inet.tcp.recvspace sysctl variables, have been increased to 32K and
   64K respectively. Previously, the default for both buffer sizes was 16K.
   To try to avoid increasing congestion, the default value for
   net.inet.tcp.local_slowstart_flightsize has been changed from infinity to
   4. [MERGED]

     Note: On busy hosts, the new larger buffer sizes may require manually
     increasing the NMBCLUSTERS parameter, either in the kernel configuration
     file or via the kern.ipc.nmbclusters loader tunable. netstat -mb can be
     used to monitor the state of mbuf clusters.

   TCP now supports RFC 1948 (Defending Against Sequence Number Attacks).
   This functionality is controlled by the net.inet.tcp.strict_rfc1948 and
   net.inet.tcp.isn_reseed_interval sysctl variables. [MERGED]

   The TCP implementation in FreeBSD now implements a cache of outstanding,
   received SYN segments. Incoming SYN segments now cause entries to be
   placed in the cache until the TCP three-way handshake is complete, at
   which point, memory is allocated for the connection as usual. In addition,
   all TCP Initial Sequence Numbers (ISNs) are used as cookies, allowing
   entries in the cache to be dropped, but still have their corresponding
   ACKs accepted later. The combination of the so-called ``syncache'' and
   ``syncookies'' features makes a host much more resistant to TCP-based
   Denial of Service attacks. Work on this feature was sponsored by DARPA and
   NAI Labs. [MERGED]

   A bug in the TCP implementation, which could cause connections to stall if
   a sender saw a zero-sized window, has been corrected. [MERGED]

   The TCP implementation now properly ignores packets addressed to IP-layer
   broadcast addresses. [MERGED]

   The ephemeral port range used for TCP and UDP has been changed to
   49152-65535 (the old default was 1024-5000). This increases the number of
   concurrent outgoing connections/streams. [MERGED]

     ----------------------------------------------------------------------

  2.1.5 Disks and Storage

   Support for the Adaptec FSA family of PCI-SCSI RAID controllers has been
   added, in the form of the aac(4) driver. This driver includes proper
   handling of commands initiated by the adapter, addition/removal of disk
   devices, crashdump functionality, and ioctl(2) commands necessary for the
   management CLI, and is fully qualified and sanctioned by Adaptec. [MERGED]

   The ahc(4) driver has received numerous updates, bugfixes, and
   enhancements. Among various improvements are improved compatibility with
   chips in ``RAID Port'' mode and systems with AAA and/or ARO cards
   installed, as well as performance improvements. Some bugs were also fixed,
   including a rare hang on Ultra2/U160 controllers. [MERGED]

   The asr(4) driver, which provides support for the Adaptec SCSI RAID
   controller family, as well as the DPT SmartRAID V and VI families, has
   been added. [MERGED]

   The asr(4) driver now supports the Adaptec 2000S and 2005S Zero-Channel
   RAID controllers. [MERGED]

   The ata(4) driver now has support for ATA100 controllers. In addition, it
   now supports the ServerWorks ROSB4 ATA33 chipset, the CMD 648 ATA66 and
   CMD 649 ATA100 chipsets, and the Cyrix 5530. [MERGED]

   To provide more flexible configuration, the various options for the ata(4)
   driver are now boot loader tunables, rather than kernel configure-time
   options. [MERGED]

   The ata(4) driver now has support for tagged queuing, which is enabled by
   the hw.ata.tags loader tunable. [MERGED]

   The ata(4) driver now has support for ATA ``pseudo'' RAID controllers as
   the Promise Fasttrak and HighPoint HPT370 controllers. [MERGED]

   The ata(4) driver now supports a wider variety of SiS chipsets, as listed
   in the Hardware Notes. [MERGED]

   The ata(4) driver now has support for creating, deleting, querying, and
   rebuilding ATA RAIDs under control of atacontrol(8). [MERGED]

   The BurnProof(TM) feature, for applicable ATAPI CD-ROM burners, is now
   supported. [MERGED]

   The ata(4) driver now has support for 48-bit addressing. Devices larger
   than 137GB are now supported. [MERGED]

   The ata(4) driver now contains fixes for some data corruption problems on
   systems using the VIA 82C686B Southbridge chip. [MERGED]

   The CAM error recovery code has been updated.

   The cd(4) driver now has support for write operations. This allows writing
   to DVD-RAM, PD and similar drives that probe as CD devices. Note that
   change affects only random-access writeable devices, not sequential-only
   writeable devices such as CD-R drives, which are supported by cdrecord(1)
   (a part of sysutils/cdrtools in the Ports Collection. [MERGED]

   The ciss driver, for devices utilizing the Common Interface for SCSI-3
   Support, has been added. This driver supports the Compaq SmartRAID 5*
   family of RAID controllers (5300, 532, 5i). [MERGED]

   The fdc(4) floppy disk has undergone a number of enhancements. Density
   selection for common settings is now automatic; the driver is also much
   more flexible in setting the densities of various subdevices.

   The geom(4) disk I/O request transformation framework has been added; this
   extensible framework is designed to support a wide variety of operations
   on I/O requests on their way from the upper kernel to the device drivers.

   The ida disk driver now has crashdump support. [MERGED]

   The iir driver has been added to support the Intel Integrated RAID
   controllers, as well as prior ICP Vortex controllers.

   The isp(4) driver is now proactive about discovering Fibre Channel
   topology changes.

   The isp(4) driver now supports target mode for Qlogic SCSI cards,
   including Ultra2 and Ultra3 and dual bus cards.

   The isp(4) driver now supports the Qlogic 2300 and 2312 Optical Fibre
   Channel PCI cards. [MERGED]

   md(4), the memory disk device, has had the functionality of vn(4)
   incorporated into it. md(4) devices can now be configured by mdconfig(8).
   vn(4) has been removed. The Memory Filesystem (MFS) has also been removed.

   The mly(4) driver, for Mylex PCI to SCSI AccelRAID and eXtremeRAID
   controllers with firmware 6.X and later, has been added. [MERGED]

   The ncv, nsp, and stg drivers have been ported from NetBSD/pc98. They
   support the NCR 53C50 / Workbit Ninja SCSI-3 / TMC 18C30, 18C50 based
   PC-Card/ISA SCSI controllers. All three drivers can be built and loaded as
   modules. [MERGED]

   Some problems in sa(4) error handling have been fixed, including the
   ``tape drive spinning indefinitely upon mt(1) stat'' problem.

   The twe(4) 3ware ATA RAID driver has added. [MERGED]

   The vinum(4) volume manager has received some bug fixes and enhancements.

   The wd(4) compatibility devices were removed from the ata(4) driver.
   [MERGED]

     ----------------------------------------------------------------------

  2.1.6 Filesystems

   Support for named extended attributes was added to the FreeBSD kernel.
   This allows the kernel, and appropriately privileged userland processes,
   to tag files and directories with attribute data. Extended attributes were
   added to support the TrustedBSD Project, in particular ACLs, capability
   data, and mandatory access control labels (see
   /usr/src/sys/ufs/ufs/README.extattr for details).

   Due to a licensing change, softupdates have been integrated into the main
   portion of the kernel source tree. As a consequence, softupdates are now
   available with the GENERIC kernel. [MERGED]

   A filesystem snapshot capability has been added to FFS. Details can be
   found in /usr/src/sys/ufs/ffs/README.snapshot.

   Softupdates for FFS have received some bug fixes and enhancements.