French, David wrote:
So Darren, is this for IPFilters that comes with Solaris 10? I'm asking
as it seems bad that an OS update would break something that has been
running. Or is this an issue with running a newer version compiled for
Solaris 10?
This particular bug has not yet made it into a Solaris patch.
It is patched in OpenSolaris.
It was a bug introduced at Sun when some large changes were made back in
January.
I ask as I use IPFilters and depend on it for security compliance with
PCI/Sox controls. I need the newer updates to the TCP/IP stack, so I'm
thinking I'm stuck.
What updates to TCP/IP are you in need of?
Finally, does this also mean if you patch to a specific level and get
the new TCP/IP code from that patch that IPFilters will also have
problems?
Yes. I think you want the -3 IPFilter patch (for S10U3), not the -4 one.
Darren
