From owner-freebsd-bugs@FreeBSD.ORG Tue Feb 10 12:40:01 2009 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8E644106564A for ; Tue, 10 Feb 2009 12:40:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4FF758FC2C for ; Tue, 10 Feb 2009 12:40:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n1ACe1Z4014708 for ; Tue, 10 Feb 2009 12:40:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n1ACe10f014707; Tue, 10 Feb 2009 12:40:01 GMT (envelope-from gnats) Resent-Date: Tue, 10 Feb 2009 12:40:01 GMT Resent-Message-Id: <200902101240.n1ACe10f014707@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Borja Marcos Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 901DF106566C for ; Tue, 10 Feb 2009 12:34:55 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 7EC288FC0A for ; Tue, 10 Feb 2009 12:34:55 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n1ACYsnN046327 for ; Tue, 10 Feb 2009 12:34:54 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id n1ACYsRT046326; Tue, 10 Feb 2009 12:34:54 GMT (envelope-from nobody) Message-Id: <200902101234.n1ACYsRT046326@www.freebsd.org> Date: Tue, 10 Feb 2009 12:34:54 GMT From: Borja Marcos To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: bin/131558: Inconsistent "via" ipfw behavior X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Feb 2009 12:40:01 -0000 >Number: 131558 >Category: bin >Synopsis: Inconsistent "via" ipfw behavior >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Feb 10 12:40:00 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Borja Marcos >Release: 7.1 >Organization: >Environment: FreeBSD host.sare.net 7.1-RELEASE-p1 FreeBSD 7.1-RELEASE-p1 #8: Mon Jan 12 11:23:00 GMT 2009 root@host.sare.net:/usr/obj/usr/src/sys/KERNEL amd64 >Description: Two issues with ipfw. 1) It would be very useful to allow an interface list to be passed as a parameter to the "via" rule option, something like ipfw add deny whatever from this to that via interface,anotherinterface It would be useful and consistent with the possibility of specifying a list of IP addresses separated by commas. 2) There is actually a bug. If I try to specify a rule with multiple interfaces, say, ipfw add 10 deny icmp from any to me in via bge0,bge1 ipfw doesn't return an error, "ipfw list" shows that the rule has been loaded as expected, 00010 deny icmp from any to me in via bge0,bge1 But the rule doesn't work. Maybe it would interpret the interfaces list as an AND list, instead of an OR? >How-To-Repeat: See the example. Creating a rule that specifies a list of interfaces in the "via" option of the ipfw command. It can be seen that the rule is accepted but it doesn't work. >Fix: >Release-Note: >Audit-Trail: >Unformatted: