kern/71910: ipfw forward does not work
Kazunori_Fujiwara
fujiwara at wide.ad.jp
Sun Sep 19 10:40:24 PDT 2004
>Number: 71910
>Category: kern
>Synopsis: ipfw forward does not work
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Sep 19 17:40:23 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Kazunori_Fujiwara
>Release: FreeBSD 5.3-BETA4 i386 and 6-CURRENT
>Organization:
JPRS/WIDE Project
>Environment:
System: FreeBSD f.pyon.org 5.3-BETA4 FreeBSD 5.3-BETA4 #5: Sat Sep 18 11:44:33 JST 2004 fujiwara at f.pyon.org:/usr/obj/usr/src/sys/SC5 i386
System: FreeBSD tree.private 6.0-CURRENT FreeBSD 6.0-CURRENT #8: Mon Sep 20 00:38:18 JST 2004 fujiwara at tree.private:/usr/src/sys/i386/compile/TREE i386
>Description:
'ipfw fwd' don't forward packet for specified destination
when packet ip_src is the same machine's.
I checked this on 5.3-BETA4 and 6-current
>How-To-Repeat:
enable kernel option IPFIREWALL and IPFIREWALL_FORWARD
ipfw add fwd remote ip from myaddr to any
>Fix:
Index: ip_output.c
===================================================================
RCS file: /FreeBSD-CVS/src/sys/netinet/ip_output.c,v
retrieving revision 1.225.2.3
diff -u -b -r1.225.2.3 ip_output.c
--- ip_output.c 15 Sep 2004 15:07:09 -0000 1.225.2.3
+++ ip_output.c 19 Sep 2004 15:51:42 -0000
@@ -713,7 +713,7 @@
/* Or forward to some other address? */
fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL);
if (fwd_tag) {
- if (!in_localip(ip->ip_src) && !in_localaddr(ip->ip_dst)) {
+ if (!in_localaddr(ip->ip_dst)) {
dst = (struct sockaddr_in *)&ro->ro_dst;
bcopy((fwd_tag+1), dst, sizeof(struct sockaddr_in));
m->m_flags |= M_SKIP_FIREWALL;
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list