4.11-RELEASE Release Notes

藍色泡泡 25 元月, 2005 16:31 ReleaseNote 靜態連結網址 引用 (0) 預覽列印
藍色泡泡 的 FreeBSD 4.11-Release Note

當然除了以下之外還有,有興趣請自行查閱,此為泡泡自行的註釋

網址: http://www.freebsd.org/releases/4.11R/relnotes-i386.html

發布日期: 2005/01/25

Network Protocols
The random ephemeral port allocation, which come from OpenBSD has been implemented. This is enabled by default and can be disabled using the net.inet.ip.portrange.randomized sysctl.
Note that the randomization can lead to extremely fast port reuse at high connection rates, which is causing problems for some users. To retain the security advantage of random ports  and ensure correct operation, it is disabled during periods of high connection rates.
More specifically, when the connection rate exceeds the value of the
net.inet.ip.portrange.randomcps sysctl (10 by default), the randomization will be disabled
for seconds specified in the net.inet.ip.portrange.randomtime sysctl (45 by default).
中譯: 由OpenBSD移植 The random ephemeral port allocation(隨機且短暫的port配置)特性.
   預設是開啟這項功能的.不過可以透過sysctl 修改 net.inet.ip.portrange.randomized 取消
   這種隨機的port選擇可以加快port的再使用.

   為了保持隨機port的安全性,及確保的操作,此項功能在高傳輸速度時將會被取消.
   更明確的來說,當連結速率超過net.inet.ip.portrange.randomcps的設定值時(預設為10),
   隨機選port的功能就會被取消數秒.(設定在net.inet.ip.portrange.randomtime 預設為45)

ipfw(4) now supports lookup tables. This feature is useful for handling large sparse address
sets.
中譯: ipfw支援查詢table (參閱ipfw(8))

ipnat(8) now allows redirect rules to work for non-TCP/UDP packets.
中譯: ipnat支援非TCP/UDP的封包重導向

The RST handling of the FreeBSD TCP stack has been improved to make reset attacks as difficult
as possible while maintaining compatibility with the widest range of TCP stacks.

The algorithm is as follows. For connections in the ESTABLISHED state, only resets with sequence
numbers exactly matching last_ack_sent will cause a reset, all other segments will be silently
dropped. For connections in all other states, a reset anywhere in the window will cause the
connection to be reset. All other segments will be silently dropped. Note that this breaks the
RFC 793 specification and you can still disable this and use the conventional behavior by
setting a new sysctl net.inet.tcp.insecure_rst to 1.
中譯: FreeBSD TCP堆疊的RST(重設連結)處理,被改善用來reset攻擊(當遇到攻擊時維持廣大範圍TCP堆疊一致性).
   當連結處於 ESTABLISHED 狀態,只有當reset欄位的值與last_ack_sent相同時會造成連結reset.
   其他的segment(layer2的傳輸單位)則會被丟棄.
   當連結處於其他的狀態,任何位置的reset都會造成重設連結,同樣的其他的segment都會被丟棄.
   此功能違反了RFC793的規定,你可以透過把net.inet.tcp.insecure_rst 值設為1,取消此功能

Userland Changes
The cron(8) daemon now accepts two new options, -j and -J, to enable time jitter for jobs to run
as unprivileged users and the superuser, respectively. Time jitter means that cron(8) will sleep
for a small random period of time in the specified range before executing a job.
This feature is intended to smooth load peaks appearing when a lot of jobs are scheduled for a
particular moment.
中譯: cron新增-j -J 兩個參數,可以讓cron在執行時先行sleep一小段時間再執行
      ,如此可以避免短時間內的負擔過重.(5.3R)

The -C 60 option is now used in the default $inetd_flags variable in /etc/rc.conf.
中譯: -C 60 (某一service被同一ip能夠請求的最大數量)已經是inetd的預設啟動參數

syslogd(8) now supports LOG_NTP facility.
中譯: syslogd已經支援 LOG_NTP 的功能

Upgrading from previous releases of FreeBSD
If you're upgrading from a previous release of FreeBSD, you generally will have three options:
中譯: 若您想要重先前的版本進行升級,可能的升級方式有三個

Using the binary upgrade option of sysinstall(8). This option is perhaps the quickest, although
it presumes that your installation of FreeBSD uses no special compilation options.
中譯: 直接透過sysinstall採用binary作版本升級,是最快速的,
      前提是你安裝的FreeBSD沒有太多的額外自訂的參數.

Performing a complete reinstall of FreeBSD. Technically, this is not an upgrading method, and
in any case is usually less convenient than a binary upgrade, in that it requires you to manually
backup and restore the contents of /etc. However, it may be useful in cases where you want
(or need) to change the partitioning of your disks.
中譯: 重新安裝FreeBSD,這不能算是升級,也較binary升級來的不方便些,
      你必須手動備份/etc及相關資料.當然了..你可以趁此機會進行磁區的重新規劃.

From source code in /usr/src. This route is more flexible, but requires more disk space,
time, and technical expertise. More information can be found in the ``Using make world''
section of the FreeBSD Handbook. Upgrading from very old versions of FreeBSD may be problematic;
in cases like this, it is usually more effective to perform a binary upgrade or a complete reinstall.
中譯: 用 /usr/src 進行upgrade,此方式是比較有彈性的,但是需要較多的磁碟空間及技術
      ,請參閱 Handbook 中的 Using make world 章節.
      更新非常舊版本的FreeBSD,透過source升級可能會有問題產生,通常透過binary或重新安裝會比較有效率

Please read the INSTALL.TXT file for more information, preferably before beginning an upgrade.
If you are upgrading from source, please be sure to read /usr/src/UPDATING as well.
中譯: 在升級前最好請閱讀INSTALL.TXT檔案取得更多的資訊.
      若您採用source進行升級,請確認閱讀過 /usr/src/UPDATING 的內容.
     
Finally, if you want to use one of various means to track the -STABLE or -CURRENT branches of FreeBSD,
please be sure to consult the ``-CURRENT vs. -STABLE'' section of the FreeBSD Handbook.
中譯: 最後,若你想要升級成為STABLE或是CURRENT版本,請閱讀過手冊中的-CURRENT vs. -STABLE的章節.

Important: Upgrading FreeBSD should, of course, only be attempted after backing up all
data and configuration files.
中譯: 請務必注意,*在升級FreeBSD之前*,請務必備份*所有資料及相關設定檔*!!

5.3-RELEASE Release Notes

藍色泡泡 06 十一月, 2004 16:38 ReleaseNote 靜態連結網址 引用 (0) 預覽列印
藍色泡泡 的 FreeBSD 5.3-Release Note

當然除了以下之外還有,有興趣請自行查閱,此為泡泡自行的註釋

網址: http://www.freebsd.org/releases/5.3R/relnotes-i386.html

發布日期: 2004/11/06

Userland Changes
bsdlabel(8) now supports a -f option to work on files instead of disk partitions.
中譯: bsdlabel新增 -f 參數,用來對檔案產生作用.

bsdtar(1) is now the default tar(1) utility in the FreeBSD base system. /usr/bin/tar is
a symlink pointing to /usr/bin/bsdtar by default. To return to using /usr/bin/gtar by default,
the WITH_GTAR make variable can be used.
中譯: bsdtar是預設的FreeBSD系統的tar工具,原有的 /usr/bin/tar 已經連結過去bsdtar
      也可以在make時,透過WITH_GTAR使用先前的/usr/bin/gtar.

The cron(8) daemon accepts two new options, -j and -J, to enable time jitter for jobs to
run as unprivileged users and the superuser, respectively. Time jitter means that cron(8)
will sleep for a small random period of time in the specified range before executing a job.
This feature is intended to smooth load peaks appearing when a lot of jobs are scheduled for
a particular moment. [MERGED]
中譯: cron新增-j -J 兩個參數,可以讓cron在執行時先行sleep一小段時間再執行
      ,如此可以避免短時間內的負擔過重.

daemon(8) now supports a -p option to create a PID file.
中譯: daemon新增-p參數用來產生PID檔案.

df(1) now supports a -c option to display a grand total of statistics for file systems.
中譯: df新增-c參數用來顯示整個檔案系統(total)狀況

The find(1) utility now supports a -acl primary to locate files with acl(3).
中譯: find 支援 -acl 參數,支援acl (access control list)

The find(1) utility now supports a new primary -depth n which tests whether the depth of
the current file relative to the starting point of the traversal is n. [MERGED]
中譯: find支援 -depth n 參數,用來定義搜尋的層度深度

ifconfig(8) now supports renaming of network interfaces at run-time using the name parameter.
中譯: ifconfig 支援更改網路介面名稱. (ex: ifconfig ed0 name ohaha)

The logins(1) utility has been added to display information about user and system accounts.
中譯: 新增 logins 指令,用來顯示使用者及系統帳號

nologin(8) now reports login attempts via syslogd(8).
中譯: nologin 透過syslogd 回報嘗試登入的狀況.

nologin(8) has been moved from /sbin/nologin to /usr/sbin/nologin. /sbin/nologin remains as
a symbolic link for backward compatibility.
中譯: nologin的位置從/sbin/nologin 變成 /usr/sbin/nologin , 原有 /sbin/nologin變成連結了.

rmdir(1) now supports a -v flag, which makes it verbose.
中譯: rmdir 支援 -v 參數 (verbose).

The named script has been updated to support BIND 9 in the base system.
The changes include:
1.named(8) runs in a chroot(2) directory /var/named by default. The named_chrootdir variable can be
  used to disable this behavior or to change the chroot(2) directory.

2.When the named_chroot_autoupdate variable is set to YES (the default), the chroot directory is
  automatically configured at the boot time. A symbolic link which points to /var/named/etc/namedb is
  created as /etc/namedb, and a symbolic link which points to /var/named/var/run/named/pid is created
  as /var/run/named/pid. The latter can be disabled by using the named_symlink_enable variable
  in rc.conf.

3.The rndc.key file is automatically created if it does not exist.
中譯: 系統預設的named已經提升為bind9.預設使用named_chroot_autoupdate.
      此時 /var/named/etc/namedb 和 /var/named/var/run/named/pid 會被創造,分別連結
      /etc/namedb 和 /var/run/named/pid

Upgrading from previous releases of FreeBSD
Users with existing FreeBSD systems are highly encouraged to read the ``FreeBSD 5.3-RELEASE Migration
Guide''. This document generally has the filename MIGRATE5.TXT on the distribution media, or any other
place that the release notes can be found. It offers some notes on migrating from FreeBSD 4.X, but more
importantly, also discusses some of the relative merits of upgrading to FreeBSD 5.X versus running
FreeBSD 4.X.
中譯: 以前版本的使用者請閱讀"FreeBSD 5.3-RELEASE Migration Guide"文件.
      該文件提供一些在升級時所需要注意的地方.此外更重要的是....
      與其他成功升級4.x 到 5.x 的使用者請益.

Important: Upgrading FreeBSD should, of course, only be attempted after backing up all data and
configuration files.
中譯: 請務必注意,*在升級FreeBSD之前*,請務必備份*所有資料及相關設定檔*!!

4.10-RELEASE Release Notes

藍色泡泡 25 五月, 2004 16:29 ReleaseNote 靜態連結網址 引用 (0) 預覽列印
藍色泡泡 的 FreeBSD 4.10-Release Note

當然除了以下之外還有,有興趣請自行查閱,此為泡泡自行的註釋

網址: http://www.freebsd.org/releases/4.10R/relnotes-i386.html

發布日期: 2004/05/22

Userland Changes
ifconfig(8) now supports a staticarp option for an interface, which disables the sending of
ARP requests for that interface.
中譯: ifconfig 新增 staticarp 參數,用來取消該介面送出ARP查詢.

ifconfig(8) now prints the polling(4) status on the interface.
中譯: ifconfig 新增 顯示介面的 polling 狀態

killall(1) now supports a -e flag to make the -u operate on effective, rather than real,
user IDs.
中譯: killall 新增 -e 參數,就如同先前-u參數一般,針對使用者來進行kill

The default mode for the lost+found directory of fsck(8) is now 0700 instead of 01777.
中譯: 預設的 lost+found 資料夾權限變更為 0700

makewhatis(1), formerly a Perl script, has been reimplemented in C.
中譯: makewhatis 更新whatis資料庫程式,由Perl變更為C語言編寫.

ps(1) compatibility with POSIX/SUSv3 has been improved.
The changes include -p for a list of process IDs, -t for a list of terminal names,
-A which is equivalent to -ax, -G for a list of group IDs, -X which is the opposite of -x,
and some minor improvements. For more information, see ps(1).
中譯: ps 新增 -p -a -g -x 等等參數

stat(1) from NetBSD, as of 5 June 2002 has, been imported.
中譯: 新增原屬NetBSD的stat指令.

which(1), formerly a Perl script, has been reimplemented in C.
中譯: which 由Perl變更為C語言編寫.

Contributed Software
BIND has been updated from version 8.3.4 to version 8.3.7.

OpenSSL has been updated from version 0.9.7c to version 0.9.7d.

sendmail has been updated from version 8.12.9 to version 8.12.11.
中譯:內建的版本BIND改為8.3.7 ,OpenSSL變為0.9.7d ,sendmail則為8.12.11版.

Ports/Packages Collection Infrastructure
The SIZE attribute for distfiles, which can be used for checking file sizes before fetching,
has been added and enabled by default.

DISABLE_SIZE is a user control knob to disable the distfile size checking.
This is especially useful on old FreeBSD versions which didn't have fetch(1)
support for this,and for some FTP proxies which always report incorrect or bogus sizes.
中譯: SIZE 參數用來在取得檔案之前檢查檔案的大小.而DISABLE_SIZE則是用來管理是否開啟這項功能.

Two new files have been added to the ports tree to track note-worthy changes:
ports/CHANGES lists major changes to the Ports Collection and its infrastructure.
ports/UPDATING describes some potential pitfalls that can be encountered when
updating certain ports,
analogous to src/UPDATING for the base system.
中譯:新增 CHANGES 用來紀錄主要的變更及內容, UPDATING 則是用來紀錄某些潛在的升級陷阱.

Upgrading from previous releases of FreeBSD
If you're upgrading from a previous release of FreeBSD, you generally will have
three options:
Using the binary upgrade option of sysinstall(8). This option is perhaps the quickest,
although it presumes that your installation of FreeBSD uses no special compilation options.

Performing a complete reinstall of FreeBSD.
Technically, this is not an upgrading method, and in any case is usually less convenient
than a binary upgrade, in that it requires you to manually backup and
restore the contents of /etc.
However, it may be useful in cases where you want (or need) to change the partitioning of
your disks.

From source code in /usr/src. This route is more flexible, but requires more disk space,
time, and technical expertise.

More information can be found in the ``Using make world'' section of the FreeBSD Handbook.
Upgrading from very old versions of FreeBSD may be problematic; in cases like this,
it is usually more effective to perform a binary upgrade or a complete reinstall.
中譯:若要進行升級,同樣有三種選擇:
1.透過/stand/sysinstall 進行binary安裝,此方式最快,系統會認定你的沒有自己增加額外的特別設定.
2.重新安裝FreeBSD,這不能算是升級..= = 你必須手動備份/etc及相關資料.
3.用 /usr/src 進行upgrade. 請參閱 Handbook 中的 Using make world .
«上一篇   1 2 3 ... 16 17 18 19 20 21 22 23 24 25 26 25 26 27  下一篇»

©2008 - Post by 藍色泡泡 (some rights reserved)