From owner-freebsd-bugs@FreeBSD.ORG  Mon Oct 15 16:40:01 2007
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2D2FB16A417
	for <freebsd-bugs@hub.freebsd.org>;
	Mon, 15 Oct 2007 16:40:01 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id F04B413C46E
	for <freebsd-bugs@hub.freebsd.org>;
	Mon, 15 Oct 2007 16:40:00 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.1/8.14.1) with ESMTP id l9FGe0OM002890
	for <freebsd-bugs@freefall.freebsd.org>; Mon, 15 Oct 2007 16:40:00 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.1/8.14.1/Submit) id l9FGe0t3002889;
	Mon, 15 Oct 2007 16:40:00 GMT (envelope-from gnats)
Resent-Date: Mon, 15 Oct 2007 16:40:00 GMT
Resent-Message-Id: <200710151640.l9FGe0t3002889@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Fabian Wenk <fabian@wenks.ch>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4254116A419
	for <freebsd-gnats-submit@FreeBSD.org>;
	Mon, 15 Oct 2007 16:34:57 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 3445713C44B
	for <freebsd-gnats-submit@FreeBSD.org>;
	Mon, 15 Oct 2007 16:34:57 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.1/8.14.1) with ESMTP id l9FGYmRe072701
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 15 Oct 2007 16:34:48 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.1/8.14.1/Submit) id l9FGYmvn072700;
	Mon, 15 Oct 2007 16:34:48 GMT (envelope-from nobody)
Message-Id: <200710151634.l9FGYmvn072700@www.freebsd.org>
Date: Mon, 15 Oct 2007 16:34:48 GMT
From: Fabian Wenk <fabian@wenks.ch>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Cc: 
Subject: bin/117214: ipfw(8) fwd with IPv6 treats input as IPv4
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Oct 2007 16:40:01 -0000


>Number:         117214
>Category:       bin
>Synopsis:       ipfw(8) fwd with IPv6 treats input as IPv4
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Oct 15 16:40:00 UTC 2007
>Closed-Date:
>Last-Modified:
>Originator:     Fabian Wenk
>Release:        FreeBSD 6.2-RELEASE-p7
>Organization:
>Environment:
FreeBSD new-batman.home4u.ch 6.2-RELEASE-p7 FreeBSD 6.2-RELEASE-p7 #3: Tue Aug 21 16:11:16 CEST 2007     root@new-batman.home4u.ch:/usr/obj/usr/src/sys/BATMAN  amd64
>Description:
I have a setup with two Internet connections and doing source based routing
through ipfw fwd. This works perfectly for IPv4. The similar command lines
for IPv6 gives the following 2 variants of errors:

root@new-batman:~# ipfw add 25050 fwd 2002:d908:d3e3::1 ip6 from 2002:d908:d3e3:1:2e0:81ff:fe47:bb8c to not 2002:d908:d3e3:1::/64,2002:3e02:55b4:2::/64,::1/128
ipfw: illegal forwarding port ``d908:d3e3::1''
root@new-batman:~#

The error "illegal forwarding port" depends on the first parts of the used
IPv6 address, with the other IPv6 address the error is different (treats
and uses it as IPv4 address):

root@new-batman:~# ipfw add 25051 fwd 2002:3e02:55b4:2:2e0:81ff:fe47:bb87 ip6 from 2002:3e02:55b4:2:2e0:81ff:fe47:bb8d to not 2002:d908:d3e3:1::/64,2002:3e02:55b4:2::/64,::1/128
25051 fwd 0.0.7.210,3 ip6 from 2002:3e02:55b4:2:2e0:81ff:fe47:bb8d to not 2002:3e02:55b4:2::/64,2002:d908:d3e3:1::/64,::1
root@new-batman:~#

ipfw show presents the second error (source is something like a broken IPv4
address):

root@new-batman:~# ipfw show | grep 25051
25051  0    0 fwd 0.0.7.210,3 ip6 from 2002:3e02:55b4:2:2e0:81ff:fe47:bb8d to not 2002:3e02:55b4:2::/64,2002:d908:d3e3:1::/64,::1
root@new-batman:~#


This could be something similar like in PR bin/104921, but this does not fix
the fwd problem.
>How-To-Repeat:
ipfw add fwd <IPv6-address> ...
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted: