Bluehost.com Web Hosting $6.95

IPFilter 4.1.9

This is a discussion on IPFilter 4.1.9 within the IPFilter forums, part of the System Security and Security Related category; A number of small changes have popped up over the preceeding months, so it is about time they all got ...


Go Back   Usenet Forums > System Security and Security Related > IPFilter

Reload this Page IPFilter 4.1.9

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 08-14-2005
Darren Reed
 
Posts: n/a
Default IPFilter 4.1.9
A number of small changes have popped up over the preceeding months, so it
is about time they all got bundled up.

Of note is some code I've added to support AIX. The port to AIX doesn't
work yet and I'm not sure I have the time or patience to deal with AIX -
it is quite simply a real shit to deal with as a developer compared to
others. If you're interested in picking this up, please drop me an email.

Darren

http://coombs.anu.edu.au/~avalon/ip_fil4.1.9.tar.gz
http://coombs.anu.edu.au/~avalon/patch-4.1.9.gz

4.1.9 - Released 13 August 2005

make ipfilter fix IPv4 header checksums for outgoing packets if BRIDGE_IPF
is defined when compiled.

move the definition of SIOCPROXY from ip_nat.h to ip_proxy.h

make the BSD/upgrade script more instructive about the requiements for
ip_rules.[ch] when it is run

register for interface events on FreeBSD (>5.2.1) and NetBSD so that
"ipf -y" is not not requried to tell ipfilter about interface changes.

for "quick" rules that do "keep state", move the state adding into the rule
evaluation so that we can detect it failing as rules are evaluated and
continue on to the next rather than wait until we're done and it's too late
to recover for more rule processing.

mark ICMP packets advertising an MTU that's too small as being bad

rework ipv6 header parsing to get better code reuse and fix logic errors
in dealing with ipv6 packets containing fragment headers. Also, where a
protocol handler was doing both v4 & v6, make a seperate function for each.

build for both amd64 and i86pc (32bit) on Solaris10 and later, if possible

include start of work to get IPFilter working on AIX 5.3

Use FI_ICMPERR flag rather than try to compute its equivalent all the time

Add missing timeout on Linux

Fix for locking when reading from ipsync (Frank Volf)

Fix insertion/appending of rules that use a collection number

Somehow turning up the spl knob to splnet disappeared on platforms that still
use the spl interface.

fix problems with "ipf -T" not listing multiple variables properly

4.1.8 - Released 29 March 2005
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On




All times are GMT +1. The time now is 02:30 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0