tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Experiments with npf on -current



Darren- I think that's entirely uncalled for and is not in the
interest of progress.Remember that this is -CURRENT, where things like
this are *supposed* to happen?
-SS-- NUNQUAM NON PARATUS
On Tue, Nov 22, 2011 at 7:34 PM, Darren Reed <darrenr%netbsd.org@localhost> 
wrote:
> On 20/11/2011 9:48 PM, Mindaugas Rasiukevicius wrote:
>> David Brownlee <abs%absd.org@localhost> wrote:
>>>
>>> /etc/rc.d/npf reload
>>> Reloading NPF ruleset.
>>> npfctl: n-code size got wrong (36 != 72)
>>>
>>>
>>> /netbsd & /stand/amd64/5.99.56/modules/npf/npf.kmod  from the same
>>> build last night.
>>> Could there be anything obvious I'm missing?
>>>
>>> Thanks
>>
>> There are multiple regressions after IPv6 merge, which broke IPv4 filtering
>> as well.  I have various fixes in my local tree, which I hope to finish in
>> upcoming week.  Also, separate fixes for TCP state tracking, which are still
>> under testing.
>
> Well at least there is one firewall solution in NetBSD (ipfilter) where
> testing (prior to integration) and security are taken seriously.
>
> Darren


Home | Main Index | Thread Index | Old Index