Date: Thu, 28 Nov 2013 20:00:35 +0400 (MSK) From: Dmitry Morozovsky <marck@freebsd.org> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/184355: ipfw failed to restart if tables are used Message-ID: <201311281600.rASG0ZnB012103@woozle.rinet.ru> Resent-Message-ID: <201311281610.rASGA306041525@freefall.freebsd.org>
index | next in thread | raw e-mail
>Number: 184355
>Category: bin
>Synopsis: ipfw failed to restart if tables are used
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Nov 28 16:10:03 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Dmitry Morozovsky
>Release: any
>Organization:
Cronyx Plus LLC (RiNet ISP)
>Environment:
System: FreeBSD of any version.
>Description:
If ipfw tables are configured in firewall rc script, ipfw service can not be
restarted and failed on duplicate table entry, usually rendering the system in
question network cut.
>How-To-Repeat:
- configure at least one table entry in firewall script
- issue
service ipfw restart
>Fix:
Index: etc/rc.firewall
===================================================================
--- etc/rc.firewall (revision 258710)
+++ etc/rc.firewall (working copy)
@@ -137,6 +137,7 @@
# Flush out the list before we begin.
#
${fwcmd} -f flush
+${fwcmd} -f table all flush
setup_loopback
setup_ipv6_mandatory
>Release-Note:
>Audit-Trail:
>Unformatted:
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201311281600.rASG0ZnB012103>