Date: Wed, 15 Dec 2004 14:13:19 +0100 From: Andre Oppermann <andre@freebsd.org> To: "Dmitry A. Bondareff" <freebsd@mmk.ru> Cc: freebsd-hackers@freebsd.org Subject: Re: 5.3 IPFW bug Message-ID: <41C0386F.3090602@freebsd.org> In-Reply-To: <003701c4e29d$f1fe3c50$02010101@dimasic> References: <003701c4e29d$f1fe3c50$02010101@dimasic>
next in thread | previous in thread | raw e-mail | index | archive | help
Dmitry A. Bondareff wrote: > Hello hackers! > > Today I upgraded my 5.2.1-p11 box up to 5.3-p2. > My firewall rules includes like this: > ... > /sbin/ipfw add tee 10000 ip from 1.2.3.4 to 4.3.2.1 > ... > On 5.2.1-FreeBSD it's works fine. > But FreeBSD 5.3 halted each time!!! > > After changed "tee 10000" to "allow" now works all fine. > > Is this bug ?? No. It was a bug before. 'tee' now behaves as it should and your packet gets copied and delivered to the divert socket and it continues with the next rule. Prior to 5.3 it was terminating the rule processing and accepting the packet the moment the 'tee' action was hit. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41C0386F.3090602>