Date: Wed, 31 Oct 2001 20:21:07 +0200 From: Ruslan Ermilov <ru@FreeBSD.org> To: Poul-Henning Kamp <phk@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sbin/natd natd.8 natd.c Message-ID: <20011031202106.G91951@sunbay.com> In-Reply-To: <200110311608.f9VG8nd19655@freefall.freebsd.org>; from phk@FreeBSD.org on Wed, Oct 31, 2001 at 08:08:49AM -0800 References: <200110311608.f9VG8nd19655@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 31, 2001 at 08:08:49AM -0800, Poul-Henning Kamp wrote: > phk 2001/10/31 08:08:49 PST > > Modified files: > sbin/natd natd.8 natd.c > Log: > Do not uselessly whine in syslog about packets denied by ipfw rules. > > Set 'log_ipfw_denied' option if you want the old behaviour. > > PR: 30255 > Submitted by: Flemming "F3" Jacobsen <fj@batmule.dk> > Reviewed by: phk > MFC after: 4 weeks > > Revision Changes Path > 1.48 +4 -1 src/sbin/natd/natd.8 > 1.36 +17 -4 src/sbin/natd/natd.c > Please back this change out, indicated by: ``Requested by: ru''. I don't agree with this change; this is not what Flemming submitted. His patch added the -nolog_ipfw_denied, while you changed this to -log_ipfw_denied, breaking POLA (the current behavior of natd), which is BAD, as this message (usually) indicates a misconfigured firewall. As the maintainer of natd(8), I would appreciate it if you mailed me about your intentions to commit this. I re-opened the PR in question, and will look into this soon after I return from BSDCon/Euro. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011031202106.G91951>