From victor@alf.dyndns.ws  Fri May 27 02:18:14 2005
Return-Path: <victor@alf.dyndns.ws>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3B2D516A41C
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 27 May 2005 02:18:14 +0000 (GMT)
	(envelope-from victor@alf.dyndns.ws)
Received: from alf.dyndns.ws (244.Red-217-126-240.pooles.rima-tde.net [217.126.240.244])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7373143D1F
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 27 May 2005 02:18:13 +0000 (GMT)
	(envelope-from victor@alf.dyndns.ws)
Received: from alf.dyndns.ws (alf [217.126.240.244])
	by alf.dyndns.ws (8.13.1/8.13.1) with ESMTP id j4R2IBsx014976
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 27 May 2005 04:18:11 +0200 (CEST)
	(envelope-from victor@alf.dyndns.ws)
Received: (from victor@localhost)
	by alf.dyndns.ws (8.13.1/8.13.1/Submit) id j4R2I5f2014975;
	Fri, 27 May 2005 04:18:05 +0200 (CEST)
	(envelope-from victor)
Message-Id: <200505270218.j4R2I5f2014975@alf.dyndns.ws>
Date: Fri, 27 May 2005 04:18:05 +0200 (CEST)
From: Victor Balada Diaz <victor@bsdes.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Pf bug in FreeBSD 5.3 errata page its wrong
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         81540
>Category:       docs
>Synopsis:       Pf bug in FreeBSD 5.3 errata page its wrong
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bmah
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 27 02:20:01 GMT 2005
>Closed-Date:    Sun May 29 17:25:55 GMT 2005
>Last-Modified:  Sun May 29 17:25:55 GMT 2005
>Originator:     Victor Balada Diaz
>Release:        FreeBSD 5.3-RELEASE-p15 i386
>Organization:
>Environment:
System: FreeBSD alf.dyndns.ws 5.3-RELEASE-p15 FreeBSD 5.3-RELEASE-p15 #0: Thu May 26 21:13:13 CEST 2005 victor@equilibrium.euesrg02.net:/usr/obj/usr/src/sys/EQUILIBRIUM i386


	
>Description:
	In the errata page of FreeBSD 5.3 release its documented a pf bug:

	(31 Oct 2004) When the user/group rule clauses in pf(4) and ipfw(4)
	are used, the loader tunable debug.mpsafenet must be set to 0 (this
	is 1 by default). For example, the following rules are affected:

	the problem is that you can panic the machine even with mpsafenet
	disabled when you're using the user clause.


>How-To-Repeat:
	
>Fix:
	Put in the errata page something like "Using the user/group clauses
	in pf can panic the system, so don't use it."

	


>Release-Note:
>Audit-Trail:

From: "Bruce A. Mah" <bmah@freebsd.org>
To: Victor Balada Diaz <victor@bsdes.net>
Cc: FreeBSD-gnats-submit@freebsd.org, bmah@freebsd.org
Subject: Re: docs/81540: Pf bug in FreeBSD 5.3 errata page its wrong
Date: Sat, 28 May 2005 13:15:41 -0700

 --=-edy75XiPPjXxrQSQT/6/
 Content-Type: text/plain
 Content-Transfer-Encoding: quoted-printable
 
 If memory serves me right, Victor Balada Diaz wrote:
 
 > >Description:
 > 	In the errata page of FreeBSD 5.3 release its documented a pf bug:
 >=20
 > 	(31 Oct 2004) When the user/group rule clauses in pf(4) and ipfw(4)
 > 	are used, the loader tunable debug.mpsafenet must be set to 0 (this
 > 	is 1 by default). For example, the following rules are affected:
 >=20
 > 	the problem is that you can panic the machine even with mpsafenet
 > 	disabled when you're using the user clause.
 >=20
 >=20
 > >How-To-Repeat:
 > =09
 > >Fix:
 > 	Put in the errata page something like "Using the user/group clauses
 > 	in pf can panic the system, so don't use it."
 
 Because of the way that the errata are currently maintained in the
 source tree, it is not feasible to make any more changes or updates to
 the 5.3 errata.  This PR should probably be closed.
 
 Bruce.
 
 
 --=-edy75XiPPjXxrQSQT/6/
 Content-Type: application/pgp-signature; name=signature.asc
 Content-Description: This is a digitally signed message part
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.1 (FreeBSD)
 
 iD8DBQBCmNFt2MoxcVugUsMRArdNAKDuoERB6sRUaCvopKA+sUZA8l4bpQCfQG2y
 pEQFtlcNWLCJUeCLUqH1xSM=
 =glc3
 -----END PGP SIGNATURE-----
 
 --=-edy75XiPPjXxrQSQT/6/--
State-Changed-From-To: open->closed 
State-Changed-By: bmah 
State-Changed-When: Sun May 29 17:23:19 GMT 2005 
State-Changed-Why:  
We stopped updating the 5.3 errata after 5.4 was released. 

On a longer-term note, there are some discussions taking place 
about we can do a better job maintaining errata (especially for 
extended-life branches). 

Thanks for mentioning this! 



Responsible-Changed-From-To: freebsd-doc->bmah 
Responsible-Changed-By: bmah 
Responsible-Changed-When: Sun May 29 17:23:19 GMT 2005 
Responsible-Changed-Why:  
I closed this PR, so take ownership. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=81540 
>Unformatted:
