From owner-freebsd-bugs  Thu Dec 16  2:40: 5 1999
Delivered-To: freebsd-bugs@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 2B6C8155BB
	for <freebsd-bugs@FreeBSD.org>; Thu, 16 Dec 1999 02:40:03 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id CAA23676;
	Thu, 16 Dec 1999 02:40:02 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 0081514D0A; Thu, 16 Dec 1999 02:37:10 -0800 (PST)
Message-Id: <19991216103710.0081514D0A@hub.freebsd.org>
Date: Thu, 16 Dec 1999 02:37:10 -0800 (PST)
From: johan@link-data.com
To: freebsd-gnats-submit@freebsd.org
X-Send-Pr-Version: www-1.0
Subject: kern/15513: kernel or ipfw drops rules sometimes
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         15513
>Category:       kern
>Synopsis:       kernel or ipfw drops rules sometimes
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 16 02:40:02 PST 1999
>Closed-Date:
>Last-Modified:
>Originator:     Johan Lindh
>Release:        3.3-RELEASE
>Organization:
Link Data Stockholm
>Environment:
FreeBSD firewall.pcexpress.se 3.3-RELEASE FreeBSD 3.3-RELEASE #1: Wed Dec 15 12:56:28 CET 1999     joli@firewall.pcexpress.se:/usr/src/sys/compile/FIREWALL  i386
>Description:
When generating the firewall ruleset using a script (say, fireup.sh), and calling another script from that one, (say, fire-www.sh), the rules that the second script creates gets dropped somehow.

They're initially in the firewall, but after the "periodic daily" scripts get run they are not.

>How-To-Repeat:
Create a fireup.sh firewall script that calls another firewall script using "./fireup-2.sh" (or whatever you called the second). Call fireup.sh from "/etc/rc.conf.local".

Let the system run across 01:59:00.

>Fix:
It probably fixes the problem if you put all the rules in one file, or
if you use an absolute path to the second firewall script.
You could probably also fix it by killing the periodic/daily scripts.

The correct way is of course to fix the periodic/daily scripts. Why are they messing with the firewall at all?


>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message