Date: Wed, 2 Aug 2000 17:21:27 -0400 From: Bill Fumerola <billf@chimesnet.com> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: Mike Silbersack <silby@silby.com>, security@FreeBSD.ORG Subject: Re: Ip packet filtering with bridging on freebsd (fwd) Message-ID: <20000802172127.E58109@jade.chc-chimes.com> In-Reply-To: <200008020236.MAA23561@cairo.anu.edu.au>; from avalon@coombs.anu.edu.au on Wed, Aug 02, 2000 at 12:36:30PM %2B1000 References: <Pine.BSF.4.21.0008011932420.36719-100000@achilles.silby.com> <200008020236.MAA23561@cairo.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 02, 2000 at 12:36:30PM +1000, Darren Reed wrote:
> But not the time. I mentioned here what needs to be done, how come nobody
> else has done it ? Maybe because a PR hasn't been lodged ? :)
Because you mentioned it all of 48 hours ago or so.
> > So why did you take the script-kiddie route and mail bugtraq before any
> > hint of a patch appeared?
>
> Given the latest flamage from my commits, I don't have time to make and
> test the required changes even so far as compiling goes so that should
> be enough to rule me doing it out.
>
> It's also not my balliwhack (that section of the code) so I'm not eager
> to step on someone else's toes...
Code that compiles doesn't seem to be your balliwhack either. I'm actually
rather suprised that someone didn't just backout your recent batch entirely.
> btw, don't whinge about it being posted to bugtraq - the patch is not that
> hard and I already spelt out here what needs doing. Just copy the OpenBSD
> code.
I hope the next time an ipfilter issue comes up whoever finds it is more
courteous then you.
I'm trying to be very non-biased and trying to live in a world where both
ipfw and ipfilter exist on FreeBSD. I'm even trying to make ipfw better,
and I was even going to look at the bridging code after you made mention of
that. Just being an asshole and making broad statements on bugtraq without
even an attempt to mail security-officer@freebsd.org or give everyone time
to check their mail before you mail bugtraq is just unacceptable.
--
Bill Fumerola - Network Architect, BOFH / Chimes, Inc.
billf@chimesnet.com / billf@FreeBSD.org
PS. maybe it's not even the kernels job to make sanity checks before handing
off to the ipfw/ipfilter. What if ipfw/ipfilter wants to look at the original
packet?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000802172127.E58109>