docs/81540: Pf bug in FreeBSD 5.3 errata page its wrong

Bruce A. Mah bmah at freebsd.org
Sat May 28 20:20:05 UTC 2005


The following reply was made to PR docs/81540; it has been noted by GNATS.

From: "Bruce A. Mah" <bmah at freebsd.org>
To: Victor Balada Diaz <victor at bsdes.net>
Cc: FreeBSD-gnats-submit at freebsd.org, bmah at freebsd.org
Subject: Re: docs/81540: Pf bug in FreeBSD 5.3 errata page its wrong
Date: Sat, 28 May 2005 13:15:41 -0700

 --=-edy75XiPPjXxrQSQT/6/
 Content-Type: text/plain
 Content-Transfer-Encoding: quoted-printable
 
 If memory serves me right, Victor Balada Diaz wrote:
 
 > >Description:
 > 	In the errata page of FreeBSD 5.3 release its documented a pf bug:
 >=20
 > 	(31 Oct 2004) When the user/group rule clauses in pf(4) and ipfw(4)
 > 	are used, the loader tunable debug.mpsafenet must be set to 0 (this
 > 	is 1 by default). For example, the following rules are affected:
 >=20
 > 	the problem is that you can panic the machine even with mpsafenet
 > 	disabled when you're using the user clause.
 >=20
 >=20
 > >How-To-Repeat:
 > =09
 > >Fix:
 > 	Put in the errata page something like "Using the user/group clauses
 > 	in pf can panic the system, so don't use it."
 
 Because of the way that the errata are currently maintained in the
 source tree, it is not feasible to make any more changes or updates to
 the 5.3 errata.  This PR should probably be closed.
 
 Bruce.
 
 
 --=-edy75XiPPjXxrQSQT/6/
 Content-Type: application/pgp-signature; name=signature.asc
 Content-Description: This is a digitally signed message part
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.1 (FreeBSD)
 
 iD8DBQBCmNFt2MoxcVugUsMRArdNAKDuoERB6sRUaCvopKA+sUZA8l4bpQCfQG2y
 pEQFtlcNWLCJUeCLUqH1xSM=
 =glc3
 -----END PGP SIGNATURE-----
 
 --=-edy75XiPPjXxrQSQT/6/--



More information about the freebsd-doc mailing list