ipfirewall(4)) cannot be changed
Simon L. Nielsen
simon at nitro.dk
Wed May 28 09:32:48 PDT 2003
[Summary: net.inet.ip.fw.enable can be changed at any securelevel on
RELENG_4]
On 2003.05.28 17:05:50 +0100, Santos wrote:
> Giorgos Keramidas wrote:
>
[CUT]
> ><<<<<<<
> >Index: ip_fw.c
> >===================================================================
> >RCS file: /home/ncvs/src/sys/netinet/ip_fw.c,v
> >retrieving revision 1.131.2.39
> >diff -u -r1.131.2.39 ip_fw.c
[CUT]
> >--- ip_fw.c 20 Jan 2003 02:23:07 -0000 1.131.2.39
> This doesn't fix the problem. Maybe this only fixes IPFW1 and not IPFW2
> too?...
Yes that fix was only for ipfw1. ipfw2 already have this fixed in
-CURRENT (sys/netinet/ip_fw2.c v. 1.11 and 1.23) but was apparently
never MFC'ed to -STABLE... This is also PR kern/39396.
I CC'ed Crist J. Clark who added to code to -CURRENT, in hope that he
has somed time to look at it.
--
Simon L. Nielsen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030528/50e95850/attachment.bin
More information about the freebsd-security
mailing list