From owner-FreeBSD-users-jp@jp.freebsd.org  Mon Apr  9 23:08:10 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id XAA36275;
	Mon, 9 Apr 2001 23:08:10 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from gate.ryukoku.seikyou.ne.jp (gate.ryukoku.seikyou.ne.jp [202.211.149.17])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id XAA36269
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 9 Apr 2001 23:08:10 +0900 (JST)
	(envelope-from kjm@ideon.st.ryukoku.ac.jp)
Received: from ideon.st.ryukoku.ac.jp (ideon.st.ryukoku.ac.jp [133.83.36.5])
	by gate.ryukoku.seikyou.ne.jp (Postfix) with ESMTP id F30041AB20
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon,  9 Apr 2001 23:08:03 +0900 (JST)
Received: from ideon.st.ryukoku.ac.jp (kjm@localhost [127.0.0.1])
	by ideon.st.ryukoku.ac.jp (8.11.1/3.7W/kjm-20010321) with ESMTP id f39E83N14799
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 9 Apr 2001 23:08:03 +0900 (JST)
From: KOJIMA Hajime / =?ISO-2022-JP?B?GyRCPi5FZ0glGyhC?= <kjm@rins.ryukoku.ac.jp>
To: FreeBSD-users-jp@jp.freebsd.org
In-reply-to: Your message of "Mon, 09 Apr 2001 16:59:36 JST."
	<20010409165936F.hiromi@tac.tsukuba.ac.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
Date: Mon, 09 Apr 2001 23:08:03 +0900
Message-ID: <14796.986825283@ideon.st.ryukoku.ac.jp>
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 60699
Subject: [FreeBSD-users-jp 60699] Re: a serious bug in IPFilter
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: kjm@ideon.st.ryukoku.ac.jp

<20010409165936F.hiromi@tac.tsukuba.ac.jp>$B$K$*$$$F(B
Hiromi Kimura $B$5$s$,$*$C$7$c$k$K$O(B:
| BugTraq $B$N(B
|  http://www.securityfocus.com/archive/1/174913
| $B$K>\$7$$@bL@$,$"$j$^$9!#(B
 
  $BFI$_$^$7$?!#(B 
 
| $B$=$l$K$h$k$H!"30It$+$i$N%"%/%;%9$r5v$9%]!<%H$,#1$D$G$b$"$l$P!"(B
| $B%Q%1%C%H$rCGJR2=$9$k$3$H$K$h$C$F!"G$0U$N%]!<%H$X%"%/%;%9$G$-$F$7$^$&(B
| $B$h$&$G$9!#(B
| $B%k!<%k$,(B keep state $B$+$I$&$+$O4X78$J$$$h$&$G$9!#(B
 
  $B$h$&$G$9$M!#$3$l$O6/Nu$9$.$^$9!#$$$d$O$d!D!D!#(B
 
| >   4.2-RELEASE $BEy$G(B ip filter $B$r:G?7HG$K$$$l$+$($?$$>l9g$O!"$I$&$9(B
| >   $B$k$N$,(B smart $B$J$s$G$7$g$&!D!D!#(B
| 
| $B$"$^$j%9%^!<%H$G$O$"$j$^$;$s$,!"%F%9%H%^%7%s$G$O0J2<$N<j=g$G(B OK $B$G$7$?!#(B
 
  $B$5$C$=$/<B9T$7$F$_$^$7$?!#(B 
 
| 1. $BE,Ev$J(B directory $B$G(B ip-fil3.4.17.tar.gz $B$rE83+(B
| 
| 2. # make freebsd4
| 
| 3. # make install-bsd
| 	/sbin/ipf $BEy$N%3%^%s%I$,(B install $B$5$l$k(B
| 	ipf.ko $B$H$$$&(B kernel module $B$,(B install $B$5$l$F$7$^$&$N$G>C5n(B
| 		# rm /modules/ipf.ko
| 
| 4. # cp ip_* fil.c ipl.h mlfk* /sys/netinet/

from <20010409172529E.hiromi@tac.tsukuba.ac.jp>:
> $B$3$N8e$G!"(B
>      # ln -s /usr/include/osreldate.h /sys/sys/osreldate.h
> $B$r<B9T$7$^$9!#(B
 
  kernel $B$KF~$l$k>l9g(B ($B<j85$G$O!"F~$l$F$^$9(B) $B$O(B 
  ln -s /usr/include/osreldate.h /sys/osreldate.h 
  $B$,I,MW$J$h$&$G$9!#(B
 
| 5. # cd /sys/modules/ipfilter
|    # make depend && make && make install
| 	ipl.ko $B$,(B install $B$5$;$k(B
 
  $B$3$l$O!"<j85$N(B 4.2-RELEASE $B$G$O<:GT$7$^$7$?!#(Bkernel $B$r$D$/$k<j=g(B
  $B$G!"(Bipl.ko $B$b$D$/$i$l$k$h$&$J5$$,$9$k$N$G$9$,!D!D!#(B
 
| 6. Kernel $BAH$_9~$_$N>l9g$O!"(Bkernel $B$r:F9=C[(B

  $B$H$j$"$($:!"$G$-$FF0$$$F$$$k$h$&$G$9!#(B
  $B>pJs$"$j$,$H$&$4$6$$$^$7$?!#(B_o_

; 4.3-RELEASE $B$,=P$?$i!"$J$k$Y$/Aa4|$K0\9T$7$h$C$H!D!D(B

----
// $BLZ2<@'M:!VM}2J7O$N:nJ85;=Q!WCf8x?7=q(B 624 $B$rFI$b$&(B!!

$B>.Eg(B $BH%(B - KOJIMA Hajime
[Office] kjm@rins.ryukoku.ac.jp, http://www.st.ryukoku.ac.jp/~kjm/
         Phone: 077-543-7414  Fax: 077-543-0706
