[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: Ip filter
From: "Dennis Clarke" <dclarke () blastwave ! org>
Date: 2007-09-24 16:31:09
Message-ID: 40574.72.39.216.186.1190651469.squirrel () mail ! blastwave ! org
[Download RAW message or body]
> anantha wrote:
>> we are currently using 4.1.16 version of IPfilter. And we know that
>> the latest version is 4.1.24 (correct me if i am wrong) .
4.1.26
http://coombs.anu.edu.au/~avalon/
Plus maybe a patch for Solaris 10 Update 4 .. I think.
>> We would like know the
>> list of difference in
>> features between our version and the latest one.This would be really
>> helpful for us to take a decision on our IPfilter upgrade. We tried to
>> find it in several places
>> and were unsuccessful. So can you pls help us by either giving us the
>> difference or tell us from where we can find it.
>
> download the latest version and review the contents of the file "HISTORY".
>
I must say that while access to the source code is quite easy it would be
"nice" if there was a little note right under that download link that had
.. just a paragraph or two .. a few sentences even .. with most recent
activity or some such.
For example .. if we look at HISTORY :
$ ls -lap HISTORY
-rw-r--r-- 1 dclarke csw 67784 Sep 21 05:12 HISTORY
The top few sentences say things like :
4.1.26 - Released 24 September 2007
Fix build problem for Solaris prior to S10U4
4.1.25 - Released 20 September 2007
stepping through structures with ioctls can lead to the wrong things
being free'd and panics
if a NAT entry (such as an rdr) is created but the packet ends up being
blocked, tear down the NAT entry.
fix fragment cache preventing keep state from functioning
.
.
.
just a few lines there from this release and maybe the previous one. Gives
us unwashed masses an update of what is happening.
I have to assume that the diff between 4.1.25 and 4.1.26 is this :
$ ls -lap ip_fil4.1.25_solaris.patch
-rw-r--r-- 1 dclarke csw 1402 Sep 23 16:56
ip_fil4.1.25_solaris.patch
Index: ip_fil_solaris.c
===================================================================
RCS file: /devel/CVS/IP-Filter/ip_fil_solaris.c,v
retrieving revision 2.62.2.42
diff -c -r2.62.2.42 ip_fil_solaris.c
*** ip_fil_solaris.c 21 Sep 2007 09:03:39 -0000 2.62.2.42
--- ip_fil_solaris.c 21 Sep 2007 18:13:15 -0000
***************
*** 495,501 ****
#endif
ip->ip_ttl = 63;
#if !defined(_INET_IP_STACK_H)
! if (ip_mtudisc != NULL) && (*ip_mtudisc == 0))
#else
if (!net_getpmtuenabled(ipfipv4))
#endif
--- 495,501 ----
#endif
ip->ip_ttl = 63;
#if !defined(_INET_IP_STACK_H)
! if ((ip_mtudisc != NULL) && (*ip_mtudisc == 0))
#else
if (!net_getpmtuenabled(ipfipv4))
#endif
Index: solaris.c
===================================================================
RCS file: /devel/CVS/IP-Filter/solaris.c,v
retrieving revision 2.73.2.14
diff -c -r2.73.2.14 solaris.c
*** solaris.c 16 Sep 2007 23:04:00 -0000 2.73.2.14
--- solaris.c 21 Sep 2007 18:13:43 -0000
***************
*** 670,675 ****
--- 670,676 ----
}
+ #if defined(_INET_IP_STACK_H)
static int
ipf_hook(hook_event_token_t event, hook_data_t data, netstack_t *stp)
{
***************
*** 712,714 ****
--- 713,716 ----
}
return 0;
}
+ #endif
$
If I look in my source trees here I see this :
$ find . -type f -name ip_fil_solaris.c -ls
1388 32 -rw-r--r-- 1 dclarke csw 32746 Sep 21 05:03
./ip_fil4.1.25/ip_fil_solaris.c
2456 32 -rw-r--r-- 1 dclarke csw 32747 Sep 24 04:02
./ip_fil4.1.26/ip_fil_solaris.c
I see a one byte change in that file and diff tells me :
$ diff ./ip_fil4.1.25/ip_fil_solaris.c ./ip_fil4.1.26/ip_fil_solaris.c
8c8
< static const char rcsid[] = "@(#)$Id: ip_fil_solaris.c,v 2.62.2.42
2007/09/21 09:03:39 darrenr Exp $";
---
> static const char rcsid[] = "@(#)$Id: ip_fil_solaris.c,v 2.62.2.43
2007/09/24 08:02:42 darrenr Exp $";
498c498
< if (ip_mtudisc != NULL) && (*ip_mtudisc == 0))
---
> if ((ip_mtudisc != NULL) && (*ip_mtudisc == 0))
$
If I use sed/awk/grep and md5sum I find the diffs between these two trees to
be :
bash-3.2$ diff ip_fil4.1.25/SunOS5/pkginfo ip_fil4.1.26/SunOS5/pkginfo
8c8
< VERSION=4.1.25
---
> VERSION=4.1.26
bash-3.2$ diff ip_fil4.1.25/Linux/ipfilter.spec.dist
ip_fil4.1.26/Linux/ipfilter.spec.dist
3c3
< Version: 4.1.25
---
> Version: 4.1.26
bash-3.2$ diff ip_fil4.1.25/ipl.h ip_fil4.1.26/ipl.h
7c7
< * $Id: ipl.h,v 2.52.2.27 2007/09/21 09:12:46 darrenr Exp $
---
> * $Id: ipl.h,v 2.52.2.28 2007/09/24 08:06:51 darrenr Exp $
13c13
< #define IPL_VERSION "IP Filter: v4.1.25"
---
> #define IPL_VERSION "IP Filter: v4.1.26"
15c15
< #define IPFILTER_VERSION 4012500
---
> #define IPFILTER_VERSION 4012600
bash-3.2$ diff ./ip_fil4.1.25/solaris.c ./ip_fil4.1.26/solaris.c
7c7
< #pragma ident "@(#)$Id: solaris.c,v 2.73.2.14 2007/09/16 23:04:00 darrenr
Exp $"
---
> #pragma ident "@(#)$Id: solaris.c,v 2.73.2.15 2007/09/24 08:02:42 darrenr
Exp $"
672a673
> #if defined(_INET_IP_STACK_H)
714a716
> #endif
.. and probably lots of others.
So the patch from a few days ago that affected ip_fil_solaris.c doe not seem
to be what is going on here and I'm confused.
Can I offer a free SVN service to you Darren ?
Something like this :
http://svn.blastwave.org/trac/browser/csw/trunk/apps/mplayer/files/sparc-v8-novis.diff
See how everything is neatly color coded and you can see any change made
there ? That would be helpful to people and no big deal to get this into the
svn repository. I know that ipfilter is hardly at all Solaris specific and
Blastwave is all about open source software for Solaris. But, and I don't
like starting sentences with "but", it would really be nice if we knew what
was changing in the sources from release to release.
Do you see where I am going here ?
Dennis
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic