kern/76971: ipfw antispoof incorrectly blocks broadcasts
Radim Kolar
hsn at netmag.cz
Tue Feb 1 09:20:17 PST 2005
>Number: 76971
>Category: kern
>Synopsis: ipfw antispoof incorrectly blocks broadcasts
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 01 17:20:16 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Radim Kolar
>Release: FreeBSD 5.3-STABLE i386
>Organization:
sd
>Environment:
System: FreeBSD sanatana.dharma 5.3-STABLE FreeBSD 5.3-STABLE #3: Sat Jan 29 08:58:45 CET 2005 root at sanatana.dharma:/usr/obj/usr/src/sys/UP i386
>Description:
Anti spoof ipfw check rule blocks incoming broadcast from our host.
This confuses many apps using broadcasts, because they expect to receive
their own messages. Broadcast should not be Deny, because it arrives on
good network interface.
>How-To-Repeat:
ipfw rule
00110 3 624 deny log logamount 200 ip from any to any not antispoof
incorrectly blocks broadcasts generated by local applications, such as
rwho, routed and so on.
Feb 1 10:56:58 sanatana kernel: ipfw: 110 Deny UDP 192.168.1.2:513 192.168.1.255:513 in via ed0
sanatana# ifconfig ed0
ed0: flags=108843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list