Subject: Re: pkg/30085: squid-2.5.9 >=nb6 crashes when doing ipf-transparent
To: None <taca@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org>
From: Markus W Kilbinger <mk@kilbi.de>
List: pkgsrc-bugs
Date: 04/30/2005 11:20:02
The following reply was made to PR pkg/30085; it has been noted by GNATS.

From: Markus W Kilbinger <mk@kilbi.de>
To: Takahiro Kambe <taca@back-street.net>
Cc: gnats-bugs@netbsd.org
Subject: Re: pkg/30085: squid-2.5.9 >=nb6 crashes when doing ipf-transparent
Date: Sat, 30 Apr 2005 12:29:28 +0200

 >>>>> "taca" == Takahiro Kambe <taca@back-street.net> writes:
 
     taca> If you disable transparent_port patch completely, what
     taca> happens to your situation?
 
 -> compilation fails:
 
   [...]
   source='client_db.c' object='client_db.o' libtool=no  depfile='.deps/client_db.Po' tmpdepfile='.deps/client_db.TPo'  depmode=gcc3 /bin/sh ../cfgaux/depcomp  cc -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/usr/pkg/etc/squid/squid.conf\" -I. -I. -I../include -I. -I. -I../include -I../include   -I/usr/include -I/usr/pkg/include -I/usr/include  -O2 -I/usr/pkg/include -I/usr/include -c `test -f client_db.c || echo './'`client_db.c
   source='client_side.c' object='client_side.o' libtool=no  depfile='.deps/client_side.Po' tmpdepfile='.deps/client_side.TPo'  depmode=gcc3 /bin/sh ../cfgaux/depcomp  cc -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/usr/pkg/etc/squid/squid.conf\" -I. -I. -I../include -I. -I. -I../include -I../include   -I/usr/include -I/usr/pkg/include -I/usr/include  -O2 -I/usr/pkg/include -I/usr/include -c `test -f client_side.c || echo './'`client_side.c
   client_side.c: In function `parseHttpRequest':
   client_side.c:2785: error: `IPL_NAT' undeclared (first use in this function)
   client_side.c:2785: error: (Each undeclared identifier is reported only once
   client_side.c:2785: error: for each function it appears in.)
   *** Error code 1
 
 So, empirically additionally I patched
 
   --- src/client_side.c~  2005-04-30 12:11:14.000000000 +0200
   +++ src/client_side.c   2005-04-30 12:14:05.000000000 +0200
   @@ -2782,7 +2782,7 @@
               if (natfd < 0) {
                   int save_errno;
                   enter_suid();
   -               natfd = open(IPL_NAT, O_RDONLY, 0);
   +               natfd = open(IPL_NAME, O_RDONLY, 0);
                   save_errno = errno;
                   leave_suid();
                   errno = save_errno;
 
 ... and got a working squid binary, incl. transparent proxying/ipf!
 
 Strange, where does this mis{s,match}ing 'IPL_NA{T,ME}' come from?
 Cross dependence with other patches?
 
 Does ipfilter >= 4.x not need these kind of patches anymore?
 
 Markus.