On Tuesday 30 September 2008 00:02:04 Robert Watson wrote: > On Mon, 29 Sep 2008, Max Laier wrote: > > Please help testing. It's been confirmed to work for IPFW, let's make > > sure pf is in good shape, too. Thanks. > > A casual glance at pf.c suggests that pf(4) doesn't suffer from the "look > up the inpcb even though it's passed down if the socket pointer is NULL" > bug that ipfw(4) did, but confirmation that things work properly would > definitely be good.
http://www.freebsd.org/cgi/query-pr.cgi?pr=127439 looks like it could be related. I think I see what's happening there, but unfortunately I don't have any time to look into it myself at the moment. Might be a while before I get to it so additional eyes are certainly appreciated! > Thanks, > > Robert N M Watson > Computer Laboratory > University of Cambridge > > > ---------- Forwarded Message ---------- > > > > Subject: Please test ipfw and pf uid/gid/jail rules > > Date: Monday 29 September 2008 > > From: Robert Watson <[EMAIL PROTECTED]> > > To: [EMAIL PROTECTED] > > > > > > Dear all: > > > > Although it didn't show up in 8.x testing to date, it turned out there > > was a serious stability regression in the ipfw uid/gid/jail rule > > implementation as a result of moving to rwlocks for inpcbinfo and inpcb. > > I think I've corrected the sources of the problem in 8.x and 7.x now, but > > it would be very helpful if people who use ipfw and pf could do some > > extra testing of these rules with invariants and witness enabled to see > > if we can't shake out any remaining problems. > > > > Thanks, > > > > Robert N M Watson > > Computer Laboratory > > University of Cambridge > > ------------------------------------------------------- > > -- > > /"\ Best regards, | [EMAIL PROTECTED] > > \ / Max Laier | ICQ #67774661 > > X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] > > / \ ASCII Ribbon Campaign | Against HTML Mail and News -- /"\ Best regards, | [EMAIL PROTECTED] \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] / \ ASCII Ribbon Campaign | Against HTML Mail and News _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
