kern/90834: ipfw fwd host,port is broken with udp
Stefan `Sec` Zehl
sec at 42.org
Thu Dec 22 18:00:20 PST 2005
>Number: 90834
>Category: kern
>Synopsis: ipfw fwd host,port is broken with udp
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Dec 23 02:00:18 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Stefan `Sec` Zehl
>Release: FreeBSD 5.4-STABLE i386
>Organization:
>Environment:
System: FreeBSD elvis 5.4-STABLE FreeBSD 5.4-STABLE #8: Wed Oct 26 12:55:13 CEST 2005 root at elvis:/usr/obj/usr/src/sys/ELVIS i386
>Description:
Redirecting udp packets to a different local port with "ipfw fwd" fails.
The rule is matched (the counter in "ipfw show") increases, but the packet is
still delivered to the original port and thus generates an icmp packet if
nothin is listening there.
>How-To-Repeat:
ipfw add 100 fwd 10.1.1.3,8053 udp from any to 10.1.1.3 53
nc -vvul 10.1.1.3 8053
from another host
nc -vvu 10.1.1.3 53
<enter text>
Results in an icmp port unreachable, no text is received on the listening
netcat instance
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list