From owner-freebsd-security  Sun Jun 23 11:27:56 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id LAA12874
          for security-outgoing; Sun, 23 Jun 1996 11:27:56 -0700 (PDT)
Received: from rocky.sri.MT.net (rocky.sri.MT.net [204.182.243.10])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id LAA12864;
          Sun, 23 Jun 1996 11:27:51 -0700 (PDT)
Received: (from nate@localhost) by rocky.sri.MT.net (8.6.12/8.6.12) id MAA18224; Sun, 23 Jun 1996 12:27:46 -0600
Date: Sun, 23 Jun 1996 12:27:46 -0600
From: Nate Williams <nate@sri.MT.net>
Message-Id: <199606231827.MAA18224@rocky.sri.MT.net>
To: nash@mcs.com
Cc: nate@sri.MT.net, freebsd-security@FreeBSD.org, gpalmer@FreeBSD.org,
        taob@io.org, phk@FreeBSD.org
Subject: Re: IPFW documentation
In-Reply-To: <199606231605.LAA07941@zen.nash.org>
References: <199606231605.LAA07941@zen.nash.org>
Sender: owner-security@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

> > We have until Tuesday to get things at least somewhat 'sane'.  Please
> > can you take the time to document what exists in -stable!?!?
> 
> You bet.  How about this:
> 
>   - Bring src/sys/netinet/ip_fw.c up to -current level (or very
>     close to).
> 
>   - Bring src/sbin/ipfw/ipfw.c in line with the kernel changes.
> 
>   - Try and get the man page in shape (the version in -current is
>     a lot closer, but not perfect).

It works for me, but I'm not expert on any of it.  However, when I
upgrade my box from 2.1R -> 2.1.5 I will want to know what has changed.
Unfortunately, I can't do that for at least another 2 weeks since I'm
upgrading everything else this week and am taking time off the week
after.

> When this is done, I'll announce where patches can be found so that as
> many people as possible can bang on it to make sure it's ok.

Patches for what?  I don't think you'll get enough time to get it
reviewed and in before Tuesday, but if you think it can be done go for
it.  In any case, the docs and the source should match by the time 2.1.5
is rolled.

> That'll
> give me the comfort level I'd need to place these changes into 2.1.5.
> Does this sound viable?

As long as everythign is in sync. I don't mind.  I'd prefer backing out
the new stuff completely out if we can't keep the sources and docs in
sync, since the only thing worse than buggy code is code that's
documented incorrectly.


Nate