Hello List,
Can someone tell me why ipf_nattable_max is not a sysctl variable. The
only way to change this currently
is via a edit the source and rebuild.
It looks like it would be as simple as adding:
SYSCTL_IPF(_net_inet_ipf, OID_AUTO, pf_nattable_max, CTLFLAG_RWO,
According to Stephen Clark:
It looks like it would be as simple as adding:
SYSCTL_IPF(_net_inet_ipf, OID_AUTO, pf_nattable_max, CTLFLAG_RWO,
ipf_nattable_max, 0, );
Isn't the pf_nattable_max a typo for ipf_nattable_max?
BTW, talk to Darren Reed about that, he is the author and
On Monday 17 December 2007, Ollivier Robert wrote:
According to Stephen Clark:
It looks like it would be as simple as adding:
SYSCTL_IPF(_net_inet_ipf, OID_AUTO, pf_nattable_max, CTLFLAG_RWO,
ipf_nattable_max, 0, );
Isn't the pf_nattable_max a typo for ipf_nattable_max?
Hello List,
Was a fix ever developed for the ip filter OOW keep state problem that can
be installed on or back ported to 6.1 stable?
Thanks for any advice,
Steve
--
They that give up essential liberty to obtain temporary safety,
deserve neither liberty nor safety. (Ben Franklin
On Thu, Aug 09, 2001 at 01:30:44PM -0400, Mike Tancsa wrote:
At 07:34 PM 8/9/01 +0200, Andreas Ntaflos wrote:
i do remember now...i did that before too...didn't help. diff'ing /usr/src
and
/usr/src_backup showed that both were exactly the same.
and yes, i think ipf is the only thing that
ok,
i solved that problem for me now and i want to thank every-
body for your input and suggestions.
the problem was that /sbin/ipf didn't get replaced by an up-to-date
version during the installworld phase, either because of a kinda
corrupted or otherwise incorrect source tree after doing a
Is it too late to update ipfilter in -STABLE? 3.4.16 seems to have a
serious bug. Darren just sent out this to the ipfilter mailling list:
-snip
A *VERY* serious bug has been brought to my attention in IPFilter.
In 10 words or less, fragment caching with can let through "any"
packet.
This is the second time this has been asked today. Are we asking in
the right place?
On 6 Apr 2001, at 14:38, Matt Haught wrote:
Is it too late to update ipfilter in -STABLE? 3.4.16 seems to have a
serious bug. Darren just sent out this to the ipfilter mailling list:
-snip
A