Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 5 Feb 2008 11:43:42 GMT
From:      Marius Nistor <mariusmayl@yahoo.com>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   kern/120290: ipfw jump rules
Message-ID:  <200802051143.m15Bhgqn041260@freefall.freebsd.org>
Resent-Message-ID: <200802051150.m15Bo2Rc041552@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         120290
>Category:       kern
>Synopsis:       ipfw jump rules
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Feb 05 11:50:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Marius Nistor
>Release:        FreeBSD 6.2 release
>Organization:
myshells.eu
>Environment:
FreeBSD localhost 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Sun Jan 20 00:57:36 EET 2008     root@mySHELLS.eu:/usr/src/sys/i386/compile/mySHELLS  i386

>Description:
hi

i create private ip's type :
10164 allow ip from 193.64.7.151 to any uid net
10165 allow ip from any to 193.64.7.151
10166 allow tcp from 193.64.7.151 10000-65535,21,22,25,80,110,113,443 to any
10167 deny ip from 193.64.7.151 to any
so that means every one can connect to the ip on specified ports ... but
to use the ip on internet only uid net can do that .....

the problem is : ipfw jump rules lie :
[11:09:54 root@localhost ~]# ipfw show
10164      0        0 allow ip from 193.64.7.151 to any uid net
10165     21     5166 allow ip from any to 193.64.7.151
10166     23     1213 allow tcp from 193.64.7.151 10000-65535,21,22,25,80,110,113,443 to any
10167      0        0 deny ip from 193.64.7.151 to any
65535 989179 91977108 allow ip from any to any
[11:09:56 root@localhost ~]#
so rule 10164 and 10167 not used
i tryed 10166 allow tcp from 193.64.7.151
10000-65535,21,22,25,80,110,113,443 to any uid net ... but the ip is go
on internet without oidentd support 

is any way to have a help on that ? i tryed 2 days allw ays and i think
is a ipfw bug for jumping rules, because on freebsd 4 and 5 was working fine
thank you
Marius Nistor
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802051143.m15Bhgqn041260>