Hi, We have a lot of servers using jails and ipfw rules with numeric jail ids to limit acess between them (something like 'allow tcp from from me to me 8086 jail 1 keep-state').
This has been working very well for ages. Yesterday, we upgraded first of these servers to 11.3. During boot there are now messages like 'ipfw: jail 1 not found' and the rules are not loaded. I tracked this down to: https://reviews.freebsd.org/rS348304 ipfw calls jail_getid, which used to just return the id without checking if string was numeric. In 11.3, the function has been changed to actually check if the jail with given id exists. This doesn't really work in ipfw's context as the rules are loaded before the jails are actually created. Ari S. _______________________________________________ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
