From owner-freebsd-bugs@FreeBSD.ORG  Sat Sep  4 09:40:10 2004
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0535A16A4CF
	for <freebsd-bugs@hub.freebsd.org>;
	Sat,  4 Sep 2004 09:40:10 +0000 (GMT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E019043D5D
	for <freebsd-bugs@hub.freebsd.org>;
	Sat,  4 Sep 2004 09:40:09 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.11/8.12.11) with ESMTP id i849e9i6081831
	for <freebsd-bugs@freefall.freebsd.org>; Sat, 4 Sep 2004 09:40:09 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i849e97T081827;
	Sat, 4 Sep 2004 09:40:09 GMT
	(envelope-from gnats)
Resent-Date: Sat, 4 Sep 2004 09:40:09 GMT
Resent-Message-Id: <200409040940.i849e97T081827@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Bokhan Artem <art@academ.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9CC5816A4CE
	for <freebsd-gnats-submit@FreeBSD.org>;
	Sat,  4 Sep 2004 09:35:35 +0000 (GMT)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7450243D48
	for <freebsd-gnats-submit@FreeBSD.org>;
	Sat,  4 Sep 2004 09:35:35 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.11/8.12.11) with ESMTP id i849ZYLp068676
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 4 Sep 2004 09:35:35 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.11/8.12.11/Submit) id i849ZYYR068675;
	Sat, 4 Sep 2004 09:35:34 GMT
	(envelope-from nobody)
Message-Id: <200409040935.i849ZYYR068675@www.freebsd.org>
Date: Sat, 4 Sep 2004 09:35:34 GMT
From: Bokhan Artem <art@academ.org>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-2.3
Subject: kern/71366: "ipfw fwd" sometimes rewrites destination mac address
	when it's not necessary (packet must not meet the rule)
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Sep 2004 09:40:10 -0000


>Number:         71366
>Category:       kern
>Synopsis:       "ipfw fwd" sometimes rewrites destination mac address when it's not necessary (packet must not meet the rule)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Sep 04 09:40:09 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Bokhan Artem
>Release:        4.10-STABLE
>Organization:
>Environment:
FreeBSD anchor.academ.org 4.10-STABLE FreeBSD 4.10-STABLE #0: Sat Sep  4 13:22:12 NOVST 2004     art@anchor.academ.org:/usr/obj/usr/src/sys/anchor.academ.org  i386
>Description:
I have a FreeBSD router, which forwards packets to web-accelerator (squid) using ipfw fwd.
em1 is attached to subnet where web-server and proxy server are located. The rule in firewall is "fwd proxy.host tcp from any to  web.host 80 out xmit em1". Nowhere else in firewall rule with "fwd" doesn't exist. But some packets(2-10%), which don't meet this rule, (icmp in example below), with dst ip of web.host are also forwarded to proxy.host! Look an example:
____________________
ping -c 200 81.1.226.245
____________________
tcpdump -e -i em1 -n -c 200 icmp and src host 192.168.234.7 and dst host 81.1.226.245

15:39:56.972906 0:4:23:a8:a0:75 0:2:b3:be:ce:37 0800 98: 192.168.234.7 > 81.1.226.245: icmp: echo request
15:39:57.982569 0:4:23:a8:a0:75 0:2:b3:be:ce:37 0800 98: 192.168.234.7 > 81.1.226.245: icmp: echo request
15:39:58.992741 0:4:23:a8:a0:75 0:2:b3:be:ce:37 0800 98: 192.168.234.7 > 81.1.226.245: icmp: echo request
15:40:00.002888 0:4:23:a8:a0:75 0:2:b3:be:ce:37 0800 98: 192.168.234.7 > 81.1.226.245: icmp: echo request
15:40:01.012531 0:4:23:a8:a0:75 0:2:b3:be:cc:7e 0800 98: 192.168.234.7 > 81.1.226.245: icmp: echo request
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
15:40:02.022757 0:4:23:a8:a0:75 0:2:b3:be:ce:37 0800 98: 192.168.234.7 > 81.1.226.245: icmp: echo request
15:40:03.032838 0:4:23:a8:a0:75 0:2:b3:be:ce:37 0800 98: 192.168.234.7 > 81.1.226.245: icmp: echo request
15:40:04.042498 0:4:23:a8:a0:75 0:2:b3:be:ce:37 0800 98: 192.168.234.7 > 81.1.226.245: icmp: echo request

00:02:b3:be:ce:37 - mac of web host
00:02:b3:be:cc:7e - mac of proxy host


>How-To-Repeat:
      
>Fix:
To avoid the problem I use the same rule, but without "out xmit em1"

>Release-Note:
>Audit-Trail:
>Unformatted: