Subject: Re: PR/34284 CVS commit: [netbsd-3/netbsd-4]
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <yancm@sdf.lonestar.org>
List: netbsd-bugs
Date: 09/17/2006 12:30:02
The following reply was made to PR kern/34284; it has been noted by GNATS.
From: yancm@sdf.lonestar.org
To: "Geert Hendrickx" <ghen@NetBSD.org>, gnats-bugs@NetBSD.org,
kern-bug-people@NetBSD.org, gnats-admin@NetBSD.org,
netbsd-bugs@NetBSD.org
Cc:
Subject: Re: PR/34284 CVS commit: [netbsd-3/netbsd-4]
src/sys/dist/ipf/netinet
Date: Sun, 17 Sep 2006 07:25:36 -0500 (EST)
> On Sat, Sep 16, 2006 at 05:22:40PM -0500, yancm@sdf.lonestar.org wrote:
> One question (regarding 3.1_RC3), is the current situation (with only half
> of the fix applied) better or worse than before?
The partial answer is that it did not work in 3_Stable and still
does not work.
So basically I think these patches represent no obvious change.
They only effect ippool. I can see no reason to think they would
introduce any recursions. This changed code only gets compiled
if the flag "options IPFILTER_LOOKUP" gets added to the kernel
config anyway.
I pulled my patches and put the clean netbsd-3 build on my home
network server to test, but when I saw this broke it, I pulled
back to my patches because I want to keep my protections enabled.
I am building a vmware test machine up to 3_Stable (3_RC2) right
now and will update my answer in a few hours if anything seems worse.
Thanks,
gene