Subject: Re: ipnat -l segfaults
To: <>
From: David Laight <david@l8s.co.uk>
List: current-users
Date: 06/05/2002 21:41:50
On Sun, Jun 02, 2002 at 07:00:35PM +0200, Michael Core wrote:
> martin@duskware.de (Martin Husemann) wrote:
>
> > > # ipnat -l
> > > List of active MAP/Redirect filters:
> > > unknown value for in_redir: 0
> > > 0.0.0.0/0 -> 0.0.0.0/0
> >
> > Your kernel and ipf-userland are out of sync. Unfortunately ipf does
> > not deal with that.
>
> Does this mean kernel and userland are neither forward nor backward
> compatible?
I believe so...
Also actually core dumping sounds even worse!
I wonder if the kernel side does any validation? or can a
program crash the kernel by sending invalid ipnat requests?
A validation check should be easy - absolutely no excuse.
Making the 'new' utility talk to 'old' kernels shouldn't be
a big problem (could even get the kernel version and exec
the correct binary!)
David
--
David Laight: david@l8s.co.uk