Date: Thu, 10 Apr 1997 00:58:57 +0400 (MSD) From: "Mikhail A. Sokolov" <mishania@demos.su> To: proff@suburbia.net Cc: hackers@freebsd.org Subject: Re: ipfilter/2.2.1 / devfs (general) Message-ID: <199704092059.AAA16126@skraldespand.demos.su> In-Reply-To: <19970409202248.2334.qmail@suburbia.net> from "proff@suburbia.net" at "Apr 10, 97 06:22:48 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> Did you rebuild your kernel ? what does dmesg|grep -i ipf say ?
^^^^^^^^^^^^^^^^^^^
yes, several times, since I tried both versions.^^^^^
nothing, but now it works,
since DDEVFS was commented out.
>
Btw, in line 294 of /sys/netinet/ip_input.c there's a line which reflects what
to do if some if failed, like 'goto next;' but this next is never defined. I am
talking about patched version of ip_input.c.
Talking about if it works now: since I made it very ugly way to override error,
described above (i.e. commented out line 294, so if the rule failes it will just
use another if ) just to check if it loads for now, I see the machine crashed
and reboots and of course it has disk being tested on it which failed fsck and
nobody there to press enter :-(
Those lines are as follows (I took it from your diffs):
* Check if we want to allow this packet to be processed.
* Consider it to be bad if not.
*/
- if (fr_check) {
+ if (fr_checkp) {
struct mbuf *m1 = m;
if ((*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
^^^^^^^^^^^^^^^^^^^^ After this line we have goto next;, which is nowhere.
Another problem is if_ipf compiles with loads of warnings about redeclaration
from different types in various *.h's which belong to ip_filter 3.2a4, though
it compiles.
Might be I messed the things up myself though.
Thanks you,
> Julian.
-mishania
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704092059.AAA16126>