From owner-freebsd-hackers  Thu Apr 10 03:27:42 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id DAA27647
          for hackers-outgoing; Thu, 10 Apr 1997 03:27:42 -0700 (PDT)
Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id DAA27642
          for <hackers@freebsd.org>; Thu, 10 Apr 1997 03:27:37 -0700 (PDT)
Message-Id: <199704101027.DAA27642@freefall.freebsd.org>
Received: by cheops.anu.edu.au
	(1.37.109.16/16.2) id AA209197618; Thu, 10 Apr 1997 20:20:18 +1000
From: Darren Reed <avalon@coombs.anu.edu.au>
Subject: Re: ipfilter/2.2.1 / devfs (general)
To: mishania@demos.su
Date: Thu, 10 Apr 1997 20:20:18 +1000 (EST)
Cc: proff@suburbia.net, hackers@freebsd.org
In-Reply-To: <199704092059.AAA16126@skraldespand.demos.su> from "Mikhail A. Sokolov" at Apr 10, 97 00:58:57 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In some mail from Mikhail A. Sokolov, sie said:
> 
> > Did you rebuild your kernel ? what does dmesg|grep -i ipf say ?
>           ^^^^^^^^^^^^^^^^^^^
>  yes, several times, since I tried both versions.^^^^^
> 						nothing, but now it works,
> since DDEVFS was commented out.
> 
> > 
> Btw, in line 294 of /sys/netinet/ip_input.c there's a line which reflects what
> to do if some if failed, like 'goto next;' but this next is never defined. I am
> talking about patched version of ip_input.c.
> 
> 
> Talking about if it works now: since I made it very ugly way to override error, 
> described above (i.e. commented out line 294, so if the rule failes it will just
> use another if ) just to check if it loads for now, I see the machine crashed
> and reboots and of course it has disk being tested on it which failed fsck and
> nobody there to press enter :-( 
> 
> Those lines are as follows (I took it from your diffs):
>          * Check if we want to allow this packet to be processed.
>          * Consider it to be bad if not.
>          */
> -       if (fr_check) {
> +       if (fr_checkp) {
>                 struct  mbuf    *m1 = m;
> 
>                 if ((*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
> ^^^^^^^^^^^^^^^^^^^^ After this line we have goto next;, which is nowhere.
> 
> Another problem is if_ipf compiles with loads of warnings about redeclaration
> from different types in various *.h's which belong to ip_filter 3.2a4, though
> it compiles.
> 
> Might be I messed the things up myself though.

You should have had none of the above problems if you were using 3.2a4.

Darren