On Fri, 11 Mar 2005, Anthony Atkielski wrote:
How vulnerable is FreeBSD to the recently announced technique for
individually identifying computers by the clock slew apparent in TCP
packets? If it is vulnerable to this, will there be any plans to
address the vulnerability?
--
Anthony
I finally read
Andre Oppermann wrote:
Sam Leffler wrote:
Pawel Jakub Dawidek wrote:
On Fri, Mar 11, 2005 at 01:14:38PM -0800, Julian Elischer wrote:
+> >P> There is still an unresolved problem (in your and our patch as well) of
+> >P> using ifnet structure fields without synchronization, as we don't have
+> >P> a
On Fri, Mar 11, 2005 at 03:14:50PM +0100, Pawel Jakub Dawidek wrote:
> On Fri, Mar 11, 2005 at 04:55:25PM +0300, dima wrote:
> +> I thought about using list also, but considered it to bring
> +> too much overhead to the code. The original idea of handling arrays
> +> seems to be very elegant.
>
>
I noticed when using check-state, the ssh session will die because the
dynamic rules are flushed on the firewall reload. I can of course
connect again right away. When using allow from established this
problem doesnt occur and my ssh stays alive. What I would like is a
way to flush only static r
Sam Leffler wrote:
>
> Pawel Jakub Dawidek wrote:
> > On Fri, Mar 11, 2005 at 01:14:38PM -0800, Julian Elischer wrote:
> > +> >P> There is still an unresolved problem (in your and our patch as well)
> > of
> > +> >P> using ifnet structure fields without synchronization, as we don't
> > have
> >
Hello.
I noticed that when I issue "sh /etc/rc.firewall" to reload firewall
rules from a remote console, I get disconnected (as I would expect) and
locked out!
The problems seems to be that "ipfw -f" prints: "command is /usr/local/...".
This is in /usr/src/sbin/ipfw/ipfw2.c:
fprintf(stderr, "com
On Fri, 11 Mar 2005, Pawel Jakub Dawidek wrote:
> On Fri, Mar 11, 2005 at 01:14:38PM -0800, Julian Elischer wrote:
> +> >P> There is still an unresolved problem (in your and our patch as well) of
> +> >P> using ifnet structure fields without synchronization, as we don't have
> +> >P> access toint
