From owner-freebsd-security Tue Jan 23 19: 8:26 2001 Delivered-To: freebsd-security@freebsd.org Received: from security1.noc.flyingcroc.net (security1.noc.flyingcroc.net [207.246.128.54]) by hub.freebsd.org (Postfix) with ESMTP id 2E96137B69F for ; Tue, 23 Jan 2001 19:08:09 -0800 (PST) Received: from localhost (todd@localhost) by security1.noc.flyingcroc.net (8.9.3/8.9.3) with ESMTP id TAA74172 for ; Tue, 23 Jan 2001 19:07:39 -0800 (PST) (envelope-from todd@flyingcroc.net) X-Authentication-Warning: security1.noc.flyingcroc.net: todd owned process doing -bs Date: Tue, 23 Jan 2001 19:07:38 -0800 (PST) From: Todd Backman X-Sender: todd@security1.noc.flyingcroc.net To: security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-01:08.ipfw In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org BTW... this is occuring upon 2 of my 4.0 machines. Thanks. - Todd On Tue, 23 Jan 2001, Todd Backman wrote: > > Anyone else failing here?: > > Patching file sys/netinet/ip_fw.c using Plan A... > Hunk #1 succeeded at 244. > Hunk #2 failed at 1214. > > Thanks. > > - Todd > > On Tue, 23 Jan 2001, FreeBSD Security Advisories wrote: > > > -----BEGIN PGP SIGNED MESSAGE----- > > > > ============================================================================= > > FreeBSD-SA-01:08 Security Advisory > > FreeBSD, Inc. > > > > Topic: ipfw/ip6fw allows bypassing of 'established' keyword > > > > Category: core > > Module: kernel > > Announced: 2001-01-23 > > Credits: Aragon Gouveia > > Affects: FreeBSD 3.x (all releases), FreeBSD 4.x (all releases), > > FreeBSD 3.5-STABLE and 4.2-STABLE prior to the > > correction date. > > Corrected: 2001-01-09 (FreeBSD 4.2-STABLE) > > 2001-01-12 (FreeBSD 3.5-STABLE) > > FreeBSD only: Yes > > > > I. Background > > > > ipfw is a system facility which allows IP packet filtering, > > redirecting, and traffic accounting. ip6fw is the corresponding > > utility for IPv6 networks, included in FreeBSD 4.0 and above. It is > > based on an old version of ipfw and does not contain as many features. > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message