On Friday 03 November 2006 06:10, Darren Reed wrote: > My apologies for the recent problems in compiling IPFilter and having > to release a whole new version just to address that. Thanks to those > who brought the problem to my attention early. Getting it to compile > cleanly on every platform is a lot of work. One day I'll have a system > built with lots of virtual machines, one for each version I want to > do a test build on. > > I've added one significant featurism here between 4.1.14 and 4.1.15: > automated flushing of the NAT table if it fills up. This works roughly > the same as for the state table where it will try and remove lots of > old dead wood, if it can. > > http://coombs.anu.edu.au/~avalon/ip_fil4.1.15.tar.gz > > Darren > > 4.1.15 - Released 03 November 2006 > > Add in automatic flushing of NAT, like state, table if it fills up too much > > Update comments in the code for NAT checksum adjustments > > Fix compiling on FreeBSD 5.4 and 6.0 > > prevent panics from read/write IOs trying to use uninitialised structures > > Newer NetBSD should use malloc() instead of MALLOC() in the kernel where > the size is not staticly defined > > Some gcc warning message cleanup from NetBSD > > Missing include for <sys/filio.h> on Solaris for poll work > > NetBSD now uses opt_ipfilter.h, not opt_ipfilter_log.h > > 4.1.14 - Released 04 October 2006
I compile and installed 4.1.15 on Solaris 10 and it works, but when I reload the rules I get an error, but it still works. /usr/sbin/ipf -Fa -f /etc/opt/ipf/ipf.conf 1:ioctl(add/insert rule): File exists The rules files haven't changed Regards, Horst Simon
