problem with ipfilter and todays -stable
Andre Albsmeier
andre.albsmeier at siemens.com
Fri Sep 3 04:46:18 PDT 2004
On Thu, 02-Sep-2004 at 09:48:09 -0700, Greg White wrote:
> On Wed, 18 Aug 2004 15:39:51 +0200, Andre Albsmeier
> <andre.albsmeier at siemens.com> wrote:
> [elided]
> > Same here (before replacing src/contrib/ipfilter as described
> > above) due to the missing MFC of ipl.h.
>
> I'm somewhat concerned by this - I've never seen ipfilter broken in
> -STABLE for this long, and I've been using it since 4.0. :(
>
> Darren, I'm sure you're busy with ipfilter-4.0 and such, but is
> ipfilter unmaintained in -STABLE now? I've currently avoided upgrading
> any of the -STABLE boxes I have in production solely for this problem
> ( ping stopped working, then I noticed the version mismatch issue as
> well ).
The version mismatch is easy to fix, just pull ipl.h into 4-STABLE.
This is just cosmetic, for the "real" problem, I assume someone
has to fix the checksum correction in nat_icmp(). For testing
one can use a fairly simple setup as described in
http://www.mail-archive.com/ipfilter@coombs.anu.edu.au/msg04558.html
-Andre
More information about the freebsd-stable
mailing list