Following up from the compile problems of last weekend, I've been busy during the week and patched it up. In addition I managed to break policy routing on Solaris so I've fixed that up too, with some work on the pfil module.
Another problem surfaced during the week that I spent some time resolving - using NAT with policy based routing. I can't be confident that it ever worked on two different interfaces with policy based routing. This change will break NAT where people having been using rules like this: map bge0,bge1 10.1.0.0/16 -> 0/32 The change requried is to reverse the interfaces, it now needs to be "bge1,bge0". The old behaviour was for "out,in" interfaces, it is now "in,out". http://coombs.anu.edu.au/~avalon/ip_fil4.1.12.tar.gz http://coombs.anu.edu.au/~avalon/pfil-2.1.9.tar.gz Darren 4.1.12 - Released XX March 2006 poll support on FreeBSD/NetBSD needs to use selrecord/selwakeup make the fastroute code used by ipftest invoke state/NAT move verbose/debug macros out of fil.c and into ip_fil.h (for wider use) remove unused code in fr_fastroute fix NAT with rules that specify forward and reverise interfaces add missing ipfsync_canread() and ipfsync_canwrite() behaviour of \ on the end of a line in ipf.conf does not match older behaviour remove duplicate statistics line output with "ipfstat -s" 4.1.11 - Released 19 March 2006
