From owner-freebsd-security Fri Jan 26 6:41:50 2001 Delivered-To: freebsd-security@freebsd.org Received: from pozitif.net (unknown [213.194.71.201]) by hub.freebsd.org (Postfix) with SMTP id 7611537B400; Fri, 26 Jan 2001 06:41:25 -0800 (PST) Received: from pozitif.net ([62.29.69.50]) by pozitif.net ; Fri, 26 Jan 2001 16:49:24 +0200 Message-ID: <3A718C97.E45FA754@pozitif.net> Date: Fri, 26 Jan 2001 16:41:28 +0200 From: Mehmet Hinc X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Justin Stanford Cc: questions@freebsd.org, security@freebsd.org Subject: Re: ipfw security patch problem.. References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Justin Stanford wrote: > Hi, > > I upgraded my ipfw yesterday on my 4.0-STABLE system with the patch by > following the instructions to the letter for the security bug discovered > by Aragon Gouveia, and compile and install appeared to go seamlessly. > > However, ipfw now gives me this type of problem: > > [root@athena]~# ipfw add 5000 deny tcp from any to 196.30.167.200 515 via rl0 > 05000 deny tcp from any to 196.30.167.200 515 via rl0 > ip_fw_ctl: empty interface name > ipfw: setsockopt(IP_FW_ADD): Invalid argument > [root@athena]~# > > The interface is most definitely rl0, and this exact ruleset is the same I > have been using for ages with my previous ipfw. Suggestions? > > -- > Justin Stanford > 082 7402741 > jus@security.za.net > www.security.za.net > IT Security and Solutions > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message Yup, I`ve heard this problem and I tried to solve it.I copied /sys/netinet/ip_fw.h to /usr/include/netine and then I recompiled my kernel . After then this problem has disapeared from my box. Mehmet Hinc Yildiz Teknik University >From Turkey To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message