Re: PR/44070 CVS commit: src/sys/dist/ipf/netinet

[christos%zoulas.com@localhost (Christos Zoulas)]

The following reply was made to PR kern/44070; it has been noted by GNATS.

From: christos%zoulas.com@localhost (Christos Zoulas)
To: List Mail User <track%Plectere.com@localhost>, 
gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: PR/44070 CVS commit: src/sys/dist/ipf/netinet
Date: Sat, 12 Feb 2011 16:24:18 -0500

 On Feb 12, 10:48am, track%Plectere.com@localhost (List Mail User) wrote:
 -- Subject: Re: PR/44070 CVS commit: src/sys/dist/ipf/netinet
 
 |      Hi again,
 | 
 |      Actually, the change in 1.42 is unfortunately not correct:
 | The problem is that the syntax for minimum and maximum ports is
 | _inclusive_ of the endpoint values, therefore any value between
 | OR either if bth of the minimum and maximum port values should be
 | possible;  The change in rev 1.42 does fix the original problem _I_
 | had (i.e. when minimum == maximum to force a single port to be used),
 | but the "fix" in 1.42 has a side effect that the maximum port number
 | cannot be used for any specification larger than a single port - i.e.
 | a rule like "... 167:168" will only use port 167 and can never use 168
 | (this seems the "worst" case to me:  A single "fallback" is allowed for
 | rare collisions, but doesn't have any effect/functionality because of
 | the logic error).
 | 
 |      Of well, the panic is gone, so I can safely allow any of my
 | local changes to bit-rot, but a (new/related) bug still remains :-(
 
 Fixed :-) Neither was the patch though because it was possible to
 crash the kernel.
 
 christos