On Tue, Mar 30, 2004 at 12:35:07AM +0200, Martin Husemann wrote:

>  - that it works for him (on what arch?)

It works for me on i386, but see below.

>  - and optionally (most welcome) why the patch below is not sufficient
>    to make it realy work?

Don't know, but the patch as committed by darrenr and pulled up to 2.0 broke
ipf on i386.  With sources refreshed this afternoon, ipf -E bombs out with
"SIOCFRENB: Bad address".

It looks like it's dying at the COPYIN() at ip_fil_netbsd.c:451.  The
surrounding code looks like:

        case SIOCFRENB :
                if (!(mode & FWRITE))
                        error = EPERM;
                else {
                        error = COPYIN(data, &tmp, sizeof(tmp));
                        if (error)
                                break;
 
Reverting that patch results in a functioning instance of ipf.  I'm open to
the possibility that the problem actually lies elsewhere, but this really
looks like the cause for my failure at least.

-- Chris
	GPG key FEB9DE7F (91AF 4534 4529 4BCC 31A5  938E 023E EEFB FEB9 DE7F)