Date: Thu, 7 Feb 2013 08:40:00 GMT From: Gleb Smirnoff <glebius@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/175909: FreeBSD 9.1 ipfw lookup dst-port regression Message-ID: <201302070840.r178e0kV052877@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/175909; it has been noted by GNATS. From: Gleb Smirnoff <glebius@FreeBSD.org> To: Daniel Hagerty <hag@linnaean.org> Cc: FreeBSD-gnats-submit@freebsd.org, melifaro@FreeBSD.org Subject: Re: kern/175909: FreeBSD 9.1 ipfw lookup dst-port regression Date: Thu, 7 Feb 2013 12:38:32 +0400 Daniel, On Wed, Feb 06, 2013 at 08:38:24PM -0500, Daniel Hagerty wrote: D> >Description: D> D> ipfw lookup dst-port rules don't seem to work. Didn't test D> similar cases, like src-port. D> D> >How-To-Repeat: D> Load these ipfw rules: D> D> table 1 add 22 D> add 00001 permit log ip4 from any to any proto tcp lookup dst-port 1 D> add 00010 permit log ip from any to any proto tcp dst-port 22 D> D> Observe how on freebsd 9.1, rule 1 will never match port 22 D> traffic it should, whereas the same rules on 8.3 will hit rule 1, as D> expected. D> D> >Fix: D> I worked around it for the moment by writing the rule without a D> lookup table; don't have time to kernel spelunk. Can you please try whether the problem can be reproduced on stable/9 branch prior to revision r234597? To accomplish this you need: # svn co -r r234596 http://svn.freebsd.org/base/stable/9 # cd 9 # make buildworld buildkernel # make installkernel installworld reboot -- Totus tuus, Glebius.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201302070840.r178e0kV052877>