Re: IPFilter 4.0beta3

Hi

On Fri, Oct 03, 2003 at 05:26:34PM +1000, Darren Reed wrote:
>
> After the last debarcle with compiles not functioning very well on
> FreeBSD platforms, I can now say that it compiles in 4.8 and 5.1
> (ref4.freebsd.org and ref5.freebsd.org). However, i've not had the
> chance to actually test it there. Similarly with NetBSD testing
> has been somewhat restricted. Other platforms (HPUX, OpenBSD, IRIX
> and Solaris except for Solaris-current) I have no capacity to even
> compile on at present.
>
> There's nothing new except bug fixes of one sort or another except
> for some Solaris things. All of the tuneable things can now be
> stored in /usr/kernel/drv/ipf.conf (rather than /etc/system) and
> I've updated pfil to 2.0 now that it has the capability to provide
> a means to do stateful filtering when IPMP is enabled. This is
> done using either ndd or /kernel/drv/pfil.conf like this:
>
> ndd -set /dev/pfil qif_ipmp_set qif_ipmp_set ipmp0=eri0,eri1
>
> Rules should then be written to use ipmp0 rather than eri0/eri1.
> This interface aliasing could be used like this as well:
>
> ndd -set /dev/pfil qif_ipmp_set qif_ipmp_set "exterior=hme1;interior=hme0"
>
> block in on exterior all
>
> but maybe that's too much of a mind f*ck :)
>
> http://coombs.anu.edu.au/~avalon/ipf40beta3.tar.gz
> http://coombs.anu.edu.au/~avalon/pfil-2.0.tar.gz
>
> Darren

I'll give it a shot on my FreeBSDs (4.8, 5.0, 5.1) and post the result :)

--
Kind regards
Flemming Laugaard
------------------------------------
Old Japanese saying: Ahh, kamisama! watashi no atama ni ono ga arimasu.