Date: Fri, 15 Feb 2002 11:01:30 -0800 (PST) From: Han Hwei Woo <hhw@pce-net.com> To: freebsd-gnats-submit@FreeBSD.org Subject: i386/34977: IPFW UID/GID Based Filtering doesn't work in 4.5 Message-ID: <200202151901.g1FJ1Uk13047@freefall.freebsd.org>
index | next in thread | raw e-mail
>Number: 34977
>Category: i386
>Synopsis: IPFW UID/GID Based Filtering doesn't work in 4.5
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Feb 15 11:10:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Han Hwei Woo
>Release: 4.5-STABLE
>Organization:
Premium Canadian Enterprises, Inc.
>Environment:
FreeBSD gatts.pce-net.com 4.5-STABLE FreeBSD 4.5-STABLE #1: Tue Feb 12 17:18:51 PST 2002 hhw@gatts.pce-net.com:/usr/obj/usr/src/sys/CUSTOM i386
>Description:
Since I updated my source/rebuilt the system from 4.4-STABLE to 4.5-STABLE, any rules in IPFW with UID/GID based filtering have no effect.
Here are the rules:
20100 allow tcp from any to 216.18.3.69 in
20200 allow tcp from 216.18.3.69 to any uid hhw out
20900 deny tcp from 216.18.3.69 to any
I am certain it has to do with the UID part, since if I add an additional rule:
20300 allow tcp from 216.18.3.69 to any out
Packets are able to get through.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202151901.g1FJ1Uk13047>