From owner-freebsd-bugs Wed Apr 9 18:40:04 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id SAA03428 for bugs-outgoing; Wed, 9 Apr 1997 18:40:04 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id SAA03419; Wed, 9 Apr 1997 18:40:02 -0700 (PDT) Resent-Date: Wed, 9 Apr 1997 18:40:02 -0700 (PDT) Resent-Message-Id: <199704100140.SAA03419@freefall.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, adam@veda.is Received: from veda.is (ubiq.veda.is [193.4.230.60]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA03193 for ; Wed, 9 Apr 1997 18:34:46 -0700 (PDT) Received: (from adam@localhost) by veda.is (8.8.5/8.7.3) id BAA08167; Thu, 10 Apr 1997 01:52:09 GMT Message-Id: <199704100152.BAA08167@veda.is> Date: Thu, 10 Apr 1997 01:52:09 GMT From: Adam David Reply-To: adam@veda.is To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: kern/3244: ipfw flush closes connections Sender: owner-bugs@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >Number: 3244 >Category: kern >Synopsis: ipfw flush closes connections >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Apr 9 18:40:01 PDT 1997 >Last-Modified: >Originator: Adam David >Organization: Veda Internet >Release: FreeBSD 3.0-CURRENT i386 >Environment: ipfw used as a filtering firewall component >Description: When ipfw is used to flush previously established rules, (it seems) all tcp connections open at the time become closed. Since flush is typical at the beginning of ipfw scripts and applies to rules not connections, this behaviour is wrong. Several months ago, it was possible to circumvent it (at least in part) by running /sbin/ipfw as a background process, but no longer. >How-To-Repeat: sh /etc/rc.firewall >Fix: none known >Audit-Trail: >Unformatted: