From owner-freebsd-security@FreeBSD.ORG  Fri Feb  6 09:46:20 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 68FC716A4CE
	for <freebsd-security@freebsd.org>;
	Fri,  6 Feb 2004 09:46:20 -0800 (PST)
Received: from lariat.org (lariat.org [63.229.157.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6507F43D46
	for <freebsd-security@freebsd.org>;
	Fri,  6 Feb 2004 09:46:14 -0800 (PST)
	(envelope-from brett@lariat.org)
Received: from runaround.lariat.org (IDENT:ppp1000.lariat.org@lariat.org
	[63.229.157.2])	by lariat.org (8.9.3/8.9.3) with ESMTP id KAA14204;
	Fri, 6 Feb 2004 10:46:03 -0700 (MST)
X-message-flag: Warning! Use of Microsoft Outlook renders your system
	susceptible to Internet worms.
Message-Id: <6.0.0.22.2.20040206104336.0587c5a0@localhost>
X-Sender: brett@localhost (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 6.0.0.22
Date: Fri, 06 Feb 2004 10:46:01 -0700
To: "Devon H. O'Dell" <dodell@sitetronics.com>,
	"Gogh, Ruben van" <R.v.Gogh@kappe-int.com>
From: Brett Glass <brett@lariat.org>
In-Reply-To: <4023AD12.6070106@sitetronics.com>
References: <0FDD52D38220D611B7CC0004763B3744F80821@HNTS-04>
 <4023AD12.6070106@sitetronics.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
cc: "'freebsd-security@freebsd.org'" <freebsd-security@freebsd.org>
Subject: Re: IPFIREWALL_DEFAULT_TO_ACCEPT becomes default to deny
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Feb 2004 17:46:20 -0000

At 08:04 AM 2/6/2004, Devon H. O'Dell wrote:

>I'm not sure what to make of this as IPFIREWALL_DEFAULT_TO_ACCEPT works 
>fine for me in 4.8, 4.9, 5.1 and 5.2. Are you sure you compiled with the 
>correct kernel configuration (and installed as well)?

I've noticed that, in 4.9-RELEASE (and probably in -STABLE too), making 
even minor changes to your kernel configuration often requires

make clean; make depend; make; make install

to work. If you leave out the "make clean" or "make depend", 
modifications to your configuration sometimes don't take effect, 
depending upon what you changed.

This may be an indication that something about the dependency mechanisms 
or makefiles isn't quite right.

--Brett Glass