From owner-freebsd-bugs Fri Feb 15 11:10:10 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 7CB8F37B404 for ; Fri, 15 Feb 2002 11:10:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1FJA1L18088; Fri, 15 Feb 2002 11:10:01 -0800 (PST) (envelope-from gnats) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 2384B37B400 for ; Fri, 15 Feb 2002 11:01:30 -0800 (PST) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1FJ1Uk13047; Fri, 15 Feb 2002 11:01:30 -0800 (PST) (envelope-from nobody) Message-Id: <200202151901.g1FJ1Uk13047@freefall.freebsd.org> Date: Fri, 15 Feb 2002 11:01:30 -0800 (PST) From: Han Hwei Woo To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: i386/34977: IPFW UID/GID Based Filtering doesn't work in 4.5 Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 34977 >Category: i386 >Synopsis: IPFW UID/GID Based Filtering doesn't work in 4.5 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Feb 15 11:10:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Han Hwei Woo >Release: 4.5-STABLE >Organization: Premium Canadian Enterprises, Inc. >Environment: FreeBSD gatts.pce-net.com 4.5-STABLE FreeBSD 4.5-STABLE #1: Tue Feb 12 17:18:51 PST 2002 hhw@gatts.pce-net.com:/usr/obj/usr/src/sys/CUSTOM i386 >Description: Since I updated my source/rebuilt the system from 4.4-STABLE to 4.5-STABLE, any rules in IPFW with UID/GID based filtering have no effect. Here are the rules: 20100 allow tcp from any to 216.18.3.69 in 20200 allow tcp from 216.18.3.69 to any uid hhw out 20900 deny tcp from 216.18.3.69 to any I am certain it has to do with the UID part, since if I add an additional rule: 20300 allow tcp from 216.18.3.69 to any out Packets are able to get through. >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message