From owner-freebsd-pf@FreeBSD.ORG Sun Jun 17 11:11:02 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 93E1816A4AB for ; Sun, 17 Jun 2007 11:11:02 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from frontmail.ipactive.de (frontmail.maindns.de [85.214.95.103]) by mx1.freebsd.org (Postfix) with ESMTP id 2D13913C483 for ; Sun, 17 Jun 2007 11:11:01 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from mail.vtec.ipme.de (Q7c94.q.ppp-pool.de [89.53.124.148]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by frontmail.ipactive.de (Postfix) with ESMTP id 61C35128844; Sun, 17 Jun 2007 13:10:55 +0200 (CEST) Received: from cesar.sz.vwsoft.com (cesar.sz.vwsoft.com [192.168.16.3]) by mail.vtec.ipme.de (Postfix) with ESMTP id 978973F51A; Sun, 17 Jun 2007 13:09:22 +0200 (CEST) Message-ID: <46751668.8070307@vwsoft.com> Date: Sun, 17 Jun 2007 13:09:28 +0200 From: Volker User-Agent: Thunderbird 2.0.0.4 (X11/20070615) MIME-Version: 1.0 To: Max Laier References: <20070417153357.GA1335@seekingfire.com> <200704182213.50663.max@love2party.net> <20070418214855.GQ1225@seekingfire.com> <200706061629.21923.max@love2party.net> In-Reply-To: <200706061629.21923.max@love2party.net> X-Enigmail-Version: 0.95.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-VWSoft-MailScanner: Found to be clean X-MailScanner-From: volker@vwsoft.com X-ipactive-MailScanner-Information: Please contact the ISP for more information X-ipactive-MailScanner: Found to be clean X-ipactive-MailScanner-From: volker@vwsoft.com Cc: freebsd-pf@freebsd.org Subject: Re: USER/GROUP rules on the chopping Block X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jun 2007 11:11:02 -0000 > On 06/06/07 16:29, Max Laier wrote: >> After several attempts to fix user/group rules which ended like the most >> recent one - cited below - with *ZERO* feedback, I won't waste anymore >> effort. Either somebody steps up, does proper testing and reports back, >> or user/group rules go! End of story! > > ... > Before trying to check your fixes, I've set up a plain (recently > csup'ed) -CURRENT system w/o your patch. Unfortunately while trying > hard to get that box into an LOR, I'm unable to do so easy. As I need > to verify an unpatched against a patched system, I need to find a > _reliable_ way to get the box LORing. > ... > > What am I doing wrong? How do I get the (unpatched) system reliable > into an LOR and being able to verify that with a patched system? > ... > Can you help me to find a reliable way to get that LOR and proof your > patch? Anybody else having any comments on this? Max & all, I don't suspect my request has been unclear, as it's written 3 times within one posting. After getting no response (from anyone) for more than a week, I don't think it makes sense to me to wait any longer and hope or pray for a hint. Max, you may safely drop uid/gid support from pf as I'm unable to test your patches and it seems like I'm the only one who cares. On the other side, the next time a message like 'if nobody tests patches...' pops up, I'll be the first one to contradict (no Max, this is not against you). Probably I should give the same level of support to others as it's been given to me (sad to say, which will then be zero). Volker