[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: ipfilter 3.1.3 + ipnat -l
From:       Darren Reed <darrenr () cyber ! com ! au>
Date:       1997-01-10 5:36:05
[Download RAW message or body]

In some mail I received from Ivan Brawley, sie wrote
> 
> > J.D. Stevens: You can fid ipfil3.1.3.tar.gz in:
> > ftp://coombs.anu.edu.au/pub/net/firewall/ip-filter/ip_fil3.1.3.tar.gz
> 
> Or theres ip_fil3.1.4.tar.gz in the same directory :-)
> That was a short lived release, eh?

Yes.  Such is life :/

> > I also noticed the ipnat -l problem, but I'll put that down to ipnat.c
> > not being updated with the new chaining system. I think it's ignorable.
> > If the kernel really did have a leak like that the memory would be
> > consumed very quickly.
> > 
> > I expect Darren will post a patch for it soon.
> 
> According to the HISTORY file:
> ipnat -l loops on output - Neil Readwin (nreadwin@nysales.micrognosis.com)
> 
> is fixed in 3.1.4.
> 
> So whens 3.1.5? :->

Sometime more than 24 hours in the future ? :-)

Seriously, I have decided to stop with the "patches" as they're hard to
manage (for me anyway) with CVS and this problem was farily serious (and
I found some other serious problems which should have been addressed plus
that the table/list flushing for NAT was waiting for ipnat to be updated).

So, as well as being necessary, it seemed like a good idea with the only
drawback being releases so close together can be a bit off-putting for users.

Darren

[prev in list] [next in list] [prev in thread] [next in thread]