Date: Mon, 07 Sep 2015 16:17:16 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 202950] [patch] www/squid: TP_IPF build fails on FreeBSD <10 Message-ID: <bug-202950-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202950 Bug ID: 202950 Summary: [patch] www/squid: TP_IPF build fails on FreeBSD <10 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: beastie@tardisi.com CC: timp87@gmail.com Flags: maintainer-feedback?(timp87@gmail.com) CC: timp87@gmail.com Keywords: patch Created attachment 160803 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=160803&action=edit proposed patch I'm assuming the problem only affects less than FreeBSD 10, since I believe ipf was upgraded to v5.1.2 in 10. While on my FreeBSD 9.3 it is v4.1.28. The compile fails here: libtool: compile: c++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include -I../../libltdl -I/usr/include -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Werror -pipe -D_REENTRANT -O2 -pipe -march=nocona -I/usr/include -fstack-protector -I/usr/local/include -MT tools.lo -MD -MP -MF .deps/tools.Tpo -c tools.cc -o tools.o >/dev/null 2>&1 cc1plus: warnings being treated as errors Intercept.cc: In member function 'bool Ip::Intercept::IpfInterception(const Comm::ConnectionPointer&, int)': Intercept.cc:208: warning: operation on 'warningLevel' may be undefined *** [Intercept.lo] Error code 1 After some investigation, I found that the offending upstream code was add in the recent update: diff -u -r -N squid-3.5.7/src/ip/Intercept.cc squid-3.5.8/src/ip/Intercept.cc --- squid-3.5.7/src/ip/Intercept.cc 2015-07-31 23:08:17.000000000 -0700 +++ squid-3.5.8/src/ip/Intercept.cc 2015-09-01 12:52:00.000000000 -0700 @@ -200,6 +200,19 @@ // all fields must be set to 0 memset(&natLookup, 0, sizeof(natLookup)); // for NAT lookup set local and remote IP:port's + if (newConn->remote.isIPv6()) { +#if IPFILTER_VERSION < 5000003 + // warn once every 10 at critical level, then push down a level each repeated event + static int warningLevel = DBG_CRITICAL; + debugs(89, warningLevel, "IPF (IPFilter v4) NAT does not support IPv6. Please upgrade to IPFilter v5.1"); + warningLevel = ++warningLevel % 10; + return false; +#else + natLookup.nl_v = 6; + } else { + natLookup.nl_v = 4; +#endif + } natLookup.nl_inport = htons(newConn->local.port()); newConn->local.getInAddr(natLookup.nl_inip); natLookup.nl_outport = htons(newConn->remote.port()); My proposed patch is to just comment out the defective nag to upgrade OS. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-202950-13>