Mr. Harald,
--- Harald Welte <[EMAIL PROTECTED]> wrote:
> On Mon, Apr 15, 2002 at 11:29:07AM +0800, Fabrice MARIE wrote:
> >
> > Hello,
> >
> > On Monday 15 April 2002 08:46, Brad Chapman wrote:
> > > Mr. Harald,
> > > > Thanks for the patch. Unfortunately it's not that easy. Writing the
> > > > 10-line patch is smallest part of the job.
> > > > The interesting question is: How to achieve backwards- and
> > > > forwards-compatibility for
> > > > - making old kernel work with new iptables (easy)
> > > > - making new kernel work with old iptables (easy)
> > > > - make new iptables compile with old kernel headers
> > > > - make old iptables compile with new kernels (easy)
> > > Whoops - I completely forgot about that :(
> > > Unfortunately, I don't know how to do that, or I would have done
> > > it. Is it just basically a bunch of #ifdefs, or is there additional magic
> > > involved? I can remake the patch if required.....
> >
> > Well the easy solution is to have a userspace patch (see the trivial
>
> If I'm not mistaken, in case of REJECT it should be possible to do without
> a userspace patch - which is really starting to make things weird.
>
> There is no real change in the structure layout, it's just one additional
> value that is becoming valid...
Yes. After studying my patches some more, I've rezlied the following:
- unpatched userspace simply doesn't tickle the case statement in the
kernel that specifies a type-3-code-13 packet
- unpatched kernelspace just doesn't accept the value contained in the enum
IPT_ICMP_ADMIN_PROHIBITED
Either way, I don't see any bugs from my POV (yet).
>
> > Fabrice.
>
> --
> Live long and prosper
> - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/
Brad
=====
Brad Chapman
Permanent e-mail: [EMAIL PROTECTED]
Current e-mail: [EMAIL PROTECTED]
Alternate e-mail: [EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/
