From owner-freebsd-bugs  Thu Sep  4 09:09:38 1997
Return-Path: <owner-freebsd-bugs>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id JAA08432
          for bugs-outgoing; Thu, 4 Sep 1997 09:09:38 -0700 (PDT)
Received: from critter.freebsd.dk (critter.freebsd.dk [195.8.129.19])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id JAA08426
          for <bugs@FreeBSD.ORG>; Thu, 4 Sep 1997 09:09:32 -0700 (PDT)
Received: from critter.freebsd.dk (localhost.cybercity.dk [127.0.0.1])
	by critter.freebsd.dk (8.8.7/8.8.7) with ESMTP id SAA05818;
	Thu, 4 Sep 1997 18:09:04 +0200 (CEST)
To: mickey@deadline.snafu.de (Andreas S. Wetzel)
cc: bugs@FreeBSD.ORG
Subject: Re: Bug in IPFW code ? 
In-reply-to: Your message of "Thu, 04 Sep 1997 16:15:25 +0200."
             <m0x6cgv-000Br6C@deadline.snafu.de> 
Date: Thu, 04 Sep 1997 18:09:04 +0200
Message-ID: <5816.873389344@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

In message <m0x6cgv-000Br6C@deadline.snafu.de>, Andreas S. Wetzel writes:
>Hi!
>---
>
>Recently I discovered a strange problem with the IPFW code. I have the
>following rule added with ipfw:
>
>230 Deny log udp from any to 194.121.229.32/28 111 via sl0
>
>This rule should drop udp packets to the sunrpc port coming in via interface
>sl0. But instead it seems to deny random udp traffic to my network:
>
>Sep  4 16:13:09 gw-deadnet : /kernel: ipfw: 230 Deny UDP 130.83.22.1:17993 194
>.121.229.34:17732 in via sl0 Fragment = 123
>
>This packet was dropped, although it is not directed to the sunrpc port.
>
>Am I missing something, or is this definately a BUG?

It's an IP-fragment, they have special security problems, and are denied,
unless you allow them.  RTFM/YTSL

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."