kern/90834: ipfw fwd host,port is broken with udp

Stefan `Sec` Zehl sec at
Thu Dec 22 18:00:20 PST 2005

>Number:         90834
>Category:       kern
>Synopsis:       ipfw fwd host,port is broken with udp
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Dec 23 02:00:18 GMT 2005
>Originator:     Stefan `Sec` Zehl
>Release:        FreeBSD 5.4-STABLE i386
System: FreeBSD elvis 5.4-STABLE FreeBSD 5.4-STABLE #8: Wed Oct 26 12:55:13 CEST 2005     root at elvis:/usr/obj/usr/src/sys/ELVIS  i386


Redirecting udp packets to a different local port with "ipfw fwd" fails.
The rule is matched (the counter in "ipfw show") increases, but the packet is
still delivered to the original port and thus generates an icmp packet if
nothin is listening there.


ipfw add 100 fwd,8053 udp from any to 53
nc -vvul 8053

from another host

nc -vvu 53
<enter text>

Results in an icmp port unreachable, no text is received on the listening
netcat instance




More information about the freebsd-bugs mailing list