Trying to compile on a SPARC Solaris 10 system....
cc -Xa -xildoff -xarch=v8 -xmemalign=8s -I. -I../.. -DIPFILTER_LKM -
I../../../pfil -D_KERNEL -DSUNDDI -DSOLARIS2=10 -DIPFILTER_LOG -
DIPFILTER_LOOKUP -DIPFILTER_SCAN -DNEED_LOCAL_RAND=1 -c ../../
arc4random.c -o sparcv7/arc4random.o
"../../arc4random.c", line 12: cannot find include file: <sys/cdefs.h>
"../../arc4random.c", line 48: warning: no explicit type given
"../../arc4random.c", line 48: syntax error before or at: void
"../../arc4random.c", line 198: improper member use: buf
"../../arc4random.c", line 203: improper member use: buf
"../../arc4random.c", line 207: improper member use: buf
"../../arc4random.c", line 210: improper member use: buf
"../../arc4random.c", line 210: warning: pointer to void or function
used in arithmetic
"../../arc4random.c", line 210: warning: pointer to void or function
used in arithmetic
"../../arc4random.c", line 214: improper member use: buf
"../../arc4random.c", line 214: improper member use: buf
"../../arc4random.c", line 215: improper member use: buf
"../../arc4random.c", line 238: warning: pointer to void or function
used in arithmetic
"../../arc4random.c", line 238: warning: pointer to void or function
used in arithmetic
cc: acomp failed for ../../arc4random.c
... seems I don't have a sys/cdefs.h include. Any suggestions?
Cheers,
Dave.
On 24-Jul-08, at 9:09 AM, Darren Reed wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
For the first time in a long time, I need to bump the version
number to deal with a security threat - that of sequential
port number use by NATs (CERT VU#521769.) With reports of an
exploit of the DNS bug circulating, it seems prudent to push
ahead with getting the patches out now rather than wait until
everyone can get in on the act (if you're using Solaris 10
and the Solaris IPFilter, I suggest you get on the horn and
demand a bug fix as some would like you to wait another month
or more, which I think is unacceptable.) Both FreeBSD and
NetBSD have the head branch up to date and work is in progress
to get the changes pulled up to the appropriate places.
For those that are wondering what 2022104 is about, what it
means is that instead of putting "set ipf:foo=1234" in /etc/system,
you can add "foo=1234" to /usr/kernel/drv/ipf.conf, i.e.:
name="ipf" parent="pseudo" instance=0 fr_statesize=10101
fr_statemax=20202;
Cheers,
Darren
http://coombs.anu.edu.au/~avalon/ip_fil4.1.30.tar.gz
http://coombs.anu.edu.au/~avalon/patch-4.1.30.gz
MD5 (ip_fil4.1.30.tar.gz) = f5dd1d6bc3c39ea16d9b34d17e2be8d2
MD5 (patch-4.1.30.gz) = 5ccbd8b367562646fea5c9b84860738c
4.1.30 - Release 24 July 2008
2022104 solaris's driver.conf cannot set timeout values
2020447 IPFilter's NAT can undo name server random port selection
1988795 NetBSD doesn't build with kernel malloc stats
1988782 fr_movequeue can take a short cut
1988669 first nat creation failure prevents further success
1988668 hostmap searching does not work properly
* on some 64bit architectures (such as alpha), the addrfamily_t is
packed
~ differently, throwing off the calculations for adf_len
* one too many READ_ENTERs in ip_sync code.
* clean up fr_fastroute a little by removing some #ifdefs and
pushing the
~ code around a bit to use the same variables (NetBSD)
* more recent NetBSDs use VOP related macros differently
4.1.29 - Release 14 April 2008
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkiIfw4ACgkQP7JIXtvLbFXxUACgsUw3KgXnA26O4Ezcc1h0+bb7
JBkAn2nOe1C1pNcEnmtOVHLv4XU14QZR
=BXFP
-----END PGP SIGNATURE-----
