Date: Thu, 26 Mar 1998 17:25:36 -0600 (CST) From: Alex Nash <nash@mcs.net> To: freebsd-security@FreeBSD.ORG Subject: ipfw patch in 2.2.6 (was Re: FreeBSD Security Advisory: FreeBSD-SA- 98:02.mmap) Message-ID: <199803262325.RAA08454@nash.pr.mcs.net>
next in thread | raw e-mail | index | archive | help
[ For some reason I seem to have fallen off the security mailing list, but luckly someone forwarded this to me. Apologies if I've missed any subsequent discussion about this...] Jt <hometeam@techpower.net> wrote: > Why was the patch Alex Nash added to ip_fw.c not added to the new > release ? This is a needed option in ipfw . As I explained to Jt earlier today, this patch was generated close enough to the 2.2.6 release that I did not feel comfortable bringing it in until after 2.2.6 was released. I will be merging this into -stable shortly. I would like to point out that this is NOT a security hole of any kind, but merely a missing feature in the previous implementation. The patch allows firewalls to send back ICMP unreachable requests in response to ICMP query messages. Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199803262325.RAA08454>