From owner-freebsd-questions@FreeBSD.ORG Tue May 3 23:16:11 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DAB1216A4CE for ; Tue, 3 May 2005 23:16:11 +0000 (GMT) Received: from rwcrmhc12.comcast.net (rwcrmhc12.comcast.net [216.148.227.85]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7AC7043D53 for ; Tue, 3 May 2005 23:16:11 +0000 (GMT) (envelope-from bsdaemon@comcast.net) Received: from fw.home (pcp05405355pcs.norstn01.pa.comcast.net[68.81.66.212]) by comcast.net (rwcrmhc12) with SMTP id <2005050323160501400kp140e>; Tue, 3 May 2005 23:16:05 +0000 Received: (qmail 87204 invoked from network); 3 May 2005 23:16:04 -0000 Received: from unknown (HELO ?192.168.1.236?) (192.168.1.236) by fw.home with SMTP; 3 May 2005 23:16:04 -0000 Message-ID: <42780631.8050301@comcast.net> Date: Tue, 03 May 2005 19:16:01 -0400 From: Kris Maglione User-Agent: Mozilla Thunderbird 1.0 (X11/20041213) X-Accept-Language: en-us, en MIME-Version: 1.0 To: questions@freebsd.org X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: IPFW uid filtering (UID) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 May 2005 23:16:12 -0000 I have OpenVPN listening on an interface on UDP 1194. It drops to openvpn:openvpn after it opens the socket. sockstat confirms this. When I add a rule to allow packets in on udp 1194 with uid openvpn, they don't match. The rule is: 1340 allow udp from any to me 1194 in recv dc0 uid openvpn When I take out "uid openvpn", the packets match. When it's there, they don't. Am I doing something wrong? BTW, the same goes for the outgoing rule.