Date: Wed, 07 Aug 2019 19:44:07 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 238796] ipfilter: failure to detect the same rules when arguments ordered differently Message-ID: <bug-238796-7501-rBgd05mUUa@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-238796-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-238796-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D238796 Cy Schubert <cy@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #205851|0 |1 is obsolete| | --- Comment #35 from Cy Schubert <cy@FreeBSD.org> --- Created attachment 206344 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D206344&action= =3Dedit This should fix this PR. This patch will fix this PR. Unfortunately to fix this without adding extra code to the kernel's execution path is not possible without addressing the shortcomings with the design decision to tack an eclectic collection of str= ings to the end of frentry_t without significant rewrite of ipf_y.y. Having said that even though ipf_y.y accepts multiple interfaces it does not warn when = that number exceeds 4 and the kernel only uses the first. I will address that bug (not addressed by this PR) after resolving two other higher priority PRs. Anyhow, please give this patch a spin. I will commit it if I don't hear from you after a couple of weeks. --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-238796-7501-rBgd05mUUa>