From owner-freebsd-bugs@FreeBSD.ORG  Sat Nov 15 16:30:24 2003
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A180016A4CE
	for <freebsd-bugs@hub.freebsd.org>;
	Sat, 15 Nov 2003 16:30:24 -0800 (PST)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DDDE243FEA
	for <freebsd-bugs@hub.freebsd.org>;
	Sat, 15 Nov 2003 16:30:22 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id hAG0UMFY037039
	for <freebsd-bugs@freefall.freebsd.org>;
	Sat, 15 Nov 2003 16:30:22 -0800 (PST)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.9/8.12.9/Submit) id hAG0UMqj037038;
	Sat, 15 Nov 2003 16:30:22 -0800 (PST)
	(envelope-from gnats)
Resent-Date: Sat, 15 Nov 2003 16:30:22 -0800 (PST)
Resent-Message-Id: <200311160030.hAG0UMqj037038@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	"Andrey V. Shytov" <shytov@cmt.harvard.edu>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8737B16A4CF
	for <FreeBSD-gnats-submit@freebsd.org>;
	Sat, 15 Nov 2003 16:26:46 -0800 (PST)
Received: from cmtq0.harvard.edu (cmtq0.harvard.edu [140.247.122.90])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7505D43FD7
	for <FreeBSD-gnats-submit@freebsd.org>;
	Sat, 15 Nov 2003 16:26:45 -0800 (PST)
	(envelope-from shytov@cmt.harvard.edu)
Received: from shytov.itp.ucsb.edu (cmtq5 [140.247.122.195])
	by cmtq0.harvard.edu (8.12.8/8.12.8) with ESMTP id hAG0QiVw014743
	for <FreeBSD-gnats-submit@freebsd.org>;
	Sat, 15 Nov 2003 19:26:44 -0500
Received: from main.wireless.home (localhost.home [127.0.0.1])
	by shytov.itp.ucsb.edu (8.12.10/8.12.10) with ESMTP id hAG0QV1G092211
	for <FreeBSD-gnats-submit@freebsd.org>;
	Sat, 15 Nov 2003 19:26:31 -0500 (EST)
	(envelope-from avs@main.wireless.home)
Received: (from avs@localhost)
	by main.wireless.home (8.12.10/8.12.10/Submit) id hAG0QVwY092210;
	Sat, 15 Nov 2003 19:26:31 -0500 (EST)
	(envelope-from avs)
Message-Id: <200311160026.hAG0QVwY092210@main.wireless.home>
Date: Sat, 15 Nov 2003 19:26:31 -0500 (EST)
From: "Andrey V. Shytov" <shytov@cmt.harvard.edu>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Subject: kern/59314: ipfw: rules with uid are not matched. 
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: "Andrey V. Shytov" <shytov@cmt.harvard.edu>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Nov 2003 00:30:24 -0000


>Number:         59314
>Category:       kern
>Synopsis:       ipfw: rules with uid are not matched.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Nov 15 16:30:22 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     Andrey V. Shytov
>Release:        FreeBSD 5.1-CURRENT i386
>Organization:
none
>Environment:
System: FreeBSD main.wireless.home 5.1-CURRENT FreeBSD 5.1-CURRENT #25: Sat Nov 15 17:20:29 EST 2003 root@main.wireless.home:/usr/obj/usr/src/sys/CUSTOM i386



>Description:

	IPFW rules containing uid/gid are not matched.  

>How-To-Repeat:

	As a superuser, add a rule of the form:
 
 	   ipfw add 1 skipto 2 tcp from any to any dst-port 80 uid squid
	
        (you can change "squid" to any uid on your system, and a port to any 
         well-known port, so that you can test the rule by sending packets). 
        Switch to a user specified in the rule: 

           su squid

        Send some packets, e.g., 
           
           telnet somehost 80

        and examine the counters: 

           ipfw show | head 

        In my case, both byte and packet counters were zero:
	
        00001  0  0   skipto 2 tcp from any to any dst-port 80 uid squid
	
	Thus, the rule was not matched. 
 	
>Fix:

	I found out that check_uidgid function (ip_fw2.c:1296) 
	is called incorrectly. It is declared as: 
		
           static int
           check_uidgid(ipfw_insn_u32 *insn,
                 int proto, struct ifnet *oif,
                 struct in_addr dst_ip, u_int16_t dst_port, /* dst before src*/
                 struct in_addr src_ip, u_int16_t src_port)
 
	but called as (ip_fw2.c:1653):

               match = check_uidgid(
                           (ipfw_insn_u32 *)cmd,
                           proto, oif,
                           src_ip, src_port,               /* src before dst */
                           dst_ip, dst_port);	
	 	
        Thus, check_uidgid was called with wrong args. Because of that, 
	it was impossible to locate the corresponding pcb structure 
	in the hash table, and the rule was not matched. 
	The following fix solved the problem:

--- sys/netinet/ip_fw2.c.old	Fri Nov 14 16:48:56 2003
+++ sys/netinet/ip_fw2.c	Sat Nov 15 18:21:40 2003
@@ -1653,8 +1653,8 @@
 					match = check_uidgid(
 						    (ipfw_insn_u32 *)cmd,
 						    proto, oif,
-						    src_ip, src_port,
-						    dst_ip, dst_port);
+						    dst_ip, dst_port,
+						    src_ip, src_port);
 				break;
 
 			case O_RECV:

>Release-Note:
>Audit-Trail:
>Unformatted: