From owner-freebsd-security Fri Sep 15 12:15:53 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.gmx.net (pop.gmx.net [194.221.183.20]) by hub.freebsd.org (Postfix) with SMTP id 9513937B423 for ; Fri, 15 Sep 2000 12:15:49 -0700 (PDT) Received: (qmail 9902 invoked by uid 0); 15 Sep 2000 19:15:45 -0000 Received: from p3ee20a99.dip.t-dialin.net (HELO speedy.gsinet) (62.226.10.153) by mail.gmx.net with SMTP; 15 Sep 2000 19:15:45 -0000 Received: (from sittig@localhost) by speedy.gsinet (8.8.8/8.8.8) id UAA28715 for freebsd-security@FreeBSD.ORG; Fri, 15 Sep 2000 20:35:31 +0200 Date: Fri, 15 Sep 2000 20:35:31 +0200 From: Gerhard Sittig To: "freebsd-security@FreeBSD.ORG" Subject: Re: ipf logging Message-ID: <20000915203531.E27034@speedy.gsinet> Mail-Followup-To: "freebsd-security@FreeBSD.ORG" References: <20000914203048.I22846@speedy.gsinet> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: ; from roman@xpert.com on Fri, Sep 15, 2000 at 12:16:02PM +0200 Organization: System Defenestrators Inc. Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Sep 15, 2000 at 12:16 +0200, Roman Shterenzon wrote: > On Thu, 14 Sep 2000, Gerhard Sittig wrote: > > > > See http://www.freebsd.org/cgi/query-pr.cgi?pr=20202 for a > > way to employ ipf in FreeBSD 4 and above. [ ... ] > > I was just looking for such thing couple of days ago. I was > almost sure that it's commited in FreeBSD 4.1-STABLE, but I > didn't find it. Why isn't that committed yet? ipfilter has made its way into FreeBSD's base system. But it's not plugged in right from the start. The default packet filter is ipfw and the distro's script use this one. Initially I used ipf on FreeBSD only because I've seen OpenBSD before. But I stood with it when I was done reading the IPF HowTo. :) > I see that the 'last modified' date is 20 Jul. > This patch seems be a GoodThing(tm). Yes, but it could have been better right from the start. :) I'm afraid the split into two sequential diffs made it less readable and somewhat unappealing. After all it's my first PR. :> Is it a good idea to followup with a combined patch to bring the normal -STABLE to -STABLE with ipf hooks? Is it a bad idea to close this PR and have it then be replaced (or better worded: handled) by another one? Is something missing to have it applied? IOW: Am I required to add something to make it complete and ready for application? I'm willing to do whatever it takes -- not to have my name on some FreeBSD part but to not collide any longer after updating with my customization against the provided mechanisms. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message