Hi!

I have just upgraded IPFilter to the latest version (4.1.22) on
NetBSD -current. You must recompile kernel and the ipf tools to
use the new version:

(cd share/mk && make install)
(cd sys && make includes)
(cd usr.sbin/ipf && make dependall install)

cd sys/arch/`uname -p`/conf
config GENERIC
cd ../compile/GENERIC
make dependall install

After reboot you may want to check the version number and run the
regression tests:

ipf -V
(cd regress/sys/kern/ipf && make && make clean)

If you detect errors (or have improvements), please send a problem report
with the send-pr tool.

Changes since 4.1.20
====================

 - fix endless loop when flushing state/NAT by idle time

 - show the number of states created against a rule with "-v" for ipfstat

 - make it possible to flush the state table by idle time and TCP state

 - fix flushing out idle connections when state/NAT tables fill

 - print out the TCP state population with ipfstat/ipnat

 - stop creation of state table orphans via return-*/fastroute

 - fix printing out of rule groups - they now only appear once