From owner-freebsd-bugs@FreeBSD.ORG Tue Feb 1 17:20:16 2005 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D586616A4CF for ; Tue, 1 Feb 2005 17:20:16 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 82B9A43D2D for ; Tue, 1 Feb 2005 17:20:16 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.1/8.13.1) with ESMTP id j11HKGFg097751 for ; Tue, 1 Feb 2005 17:20:16 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.1/8.13.1/Submit) id j11HKGcc097750; Tue, 1 Feb 2005 17:20:16 GMT (envelope-from gnats) Resent-Date: Tue, 1 Feb 2005 17:20:16 GMT Resent-Message-Id: <200502011720.j11HKGcc097750@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Radim Kolar Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8089216A4CE for ; Tue, 1 Feb 2005 17:19:58 +0000 (GMT) Received: from smtp2.vol.cz (smtp2.vol.cz [195.250.128.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 412DB43D1D for ; Tue, 1 Feb 2005 17:19:57 +0000 (GMT) (envelope-from hsn@netmag.cz) Received: from sanatana.dharma (volny-ipt-4-224.dialup.vol.cz [62.177.67.224]) by smtp2.vol.cz (8.12.9p2/8.12.9) with ESMTP id j11HJs8T056099 for ; Tue, 1 Feb 2005 18:19:55 +0100 (CET) (envelope-from hsn@netmag.cz) Received: from hsn@localhost by sanatana.dharma (Exim 4.42_0 FreeBSD) id 1CvusG-000GMG-8N ; Tue, 01 Feb 2005 11:03:08 +0100 Message-Id: Date: Tue, 01 Feb 2005 11:03:08 +0100 From: Radim Kolar To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: hsn@netmag.cz Subject: kern/76971: ipfw antispoof incorrectly blocks broadcasts X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Radim Kolar List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Feb 2005 17:20:17 -0000 >Number: 76971 >Category: kern >Synopsis: ipfw antispoof incorrectly blocks broadcasts >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Feb 01 17:20:16 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Radim Kolar >Release: FreeBSD 5.3-STABLE i386 >Organization: sd >Environment: System: FreeBSD sanatana.dharma 5.3-STABLE FreeBSD 5.3-STABLE #3: Sat Jan 29 08:58:45 CET 2005 root@sanatana.dharma:/usr/obj/usr/src/sys/UP i386 >Description: Anti spoof ipfw check rule blocks incoming broadcast from our host. This confuses many apps using broadcasts, because they expect to receive their own messages. Broadcast should not be Deny, because it arrives on good network interface. >How-To-Repeat: ipfw rule 00110 3 624 deny log logamount 200 ip from any to any not antispoof incorrectly blocks broadcasts generated by local applications, such as rwho, routed and so on. Feb 1 10:56:58 sanatana kernel: ipfw: 110 Deny UDP 192.168.1.2:513 192.168.1.255:513 in via ed0 sanatana# ifconfig ed0 ed0: flags=108843 mtu 1500 inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255 >Fix: >Release-Note: >Audit-Trail: >Unformatted: