Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 29 Sep 2008 23:02:04 +0100 (BST)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Max Laier <max@love2party.net>
Cc:        freebsd-pf@freebsd.org
Subject:   Re: Fwd: Please test ipfw and pf uid/gid/jail rules
Message-ID:  <alpine.BSF.1.10.0809292301220.29569@fledge.watson.org>
In-Reply-To: <200809292356.51500.max@love2party.net>
References:  <200809292356.51500.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Mon, 29 Sep 2008, Max Laier wrote:

> Please help testing.  It's been confirmed to work for IPFW, let's make sure 
> pf is in good shape, too.  Thanks.

A casual glance at pf.c suggests that pf(4) doesn't suffer from the "look up 
the inpcb even though it's passed down if the socket pointer is NULL" bug that 
ipfw(4) did, but confirmation that things work properly would definitely be 
good.

Thanks,

Robert N M Watson
Computer Laboratory
University of Cambridge

>
> ----------  Forwarded Message  ----------
>
> Subject: Please test ipfw and pf uid/gid/jail rules
> Date: Monday 29 September 2008
> From: Robert Watson <rwatson@freebsd.org>
> To: current@freebsd.org
>
>
> Dear all:
>
> Although it didn't show up in 8.x testing to date, it turned out there was a
> serious stability regression in the ipfw uid/gid/jail rule implementation as a
> result of moving to rwlocks for inpcbinfo and inpcb.  I think I've corrected
> the sources of the problem in 8.x and 7.x now, but it would be very helpful if
> people who use ipfw and pf could do some extra testing of these rules with
> invariants and witness enabled to see if we can't shake out any remaining
> problems.
>
> Thanks,
>
> Robert N M Watson
> Computer Laboratory
> University of Cambridge
> -------------------------------------------------------
> -- 
> /"\  Best regards,                      | mlaier@freebsd.org
> \ /  Max Laier                          | ICQ #67774661
> X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
> / \  ASCII Ribbon Campaign              | Against HTML Mail and News
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.1.10.0809292301220.29569>