kern/120290: ipfw jump rules
Marius Nistor
mariusmayl at yahoo.com
Tue Feb 5 11:50:02 UTC 2008
>Number: 120290
>Category: kern
>Synopsis: ipfw jump rules
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 05 11:50:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Marius Nistor
>Release: FreeBSD 6.2 release
>Organization:
myshells.eu
>Environment:
FreeBSD localhost 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Sun Jan 20 00:57:36 EET 2008 root at mySHELLS.eu:/usr/src/sys/i386/compile/mySHELLS i386
>Description:
hi
i create private ip's type :
10164 allow ip from 193.64.7.151 to any uid net
10165 allow ip from any to 193.64.7.151
10166 allow tcp from 193.64.7.151 10000-65535,21,22,25,80,110,113,443 to any
10167 deny ip from 193.64.7.151 to any
so that means every one can connect to the ip on specified ports ... but
to use the ip on internet only uid net can do that .....
the problem is : ipfw jump rules lie :
[11:09:54 root at localhost ~]# ipfw show
10164 0 0 allow ip from 193.64.7.151 to any uid net
10165 21 5166 allow ip from any to 193.64.7.151
10166 23 1213 allow tcp from 193.64.7.151 10000-65535,21,22,25,80,110,113,443 to any
10167 0 0 deny ip from 193.64.7.151 to any
65535 989179 91977108 allow ip from any to any
[11:09:56 root at localhost ~]#
so rule 10164 and 10167 not used
i tryed 10166 allow tcp from 193.64.7.151
10000-65535,21,22,25,80,110,113,443 to any uid net ... but the ip is go
on internet without oidentd support
is any way to have a help on that ? i tryed 2 days allw ays and i think
is a ipfw bug for jumping rules, because on freebsd 4 and 5 was working fine
thank you
Marius Nistor
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list