> Although it didn't show up in 8.x testing to date, it turned out there was a > serious stability regression in the ipfw uid/gid/jail rule implementation as > a result of moving to rwlocks for inpcbinfo and inpcb. I think I've > corrected the sources of the problem in 8.x and 7.x now, but it would be > very helpful if people who use ipfw and pf could do some extra testing of > these rules with invariants and witness enabled to see if we can't shake out > any remaining problems. I have a 7.1-PRERELEASE box on which I use pf with user/uid rules, and would be glad to test this out. I've recompiled with the usual debug options, but I was curious if I should be leaving: debug.pfugidhack=1 Alone for the testing? I assume this needs to remain set to 1? I'm not manually setting this, so I guess it is the default now (haven't looked in a while). Regards, JoshReceived on Tue Sep 30 2008 - 11:30:42 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:35 UTC