misc/188541: rule option `in` is not working properly in ipfw on FreeBSD10
Bill Yuan
bycn82 at gmail.com
Sun Apr 13 06:00:00 UTC 2014
>Number: 188541
>Category: misc
>Synopsis: rule option `in` is not working properly in ipfw on FreeBSD10
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Apr 13 06:00:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: Bill Yuan
>Release: FreeBSD10 AMD64
>Organization:
cozilyworks
>Environment:
FreeBSD FB10 10.0-RELEASE FreeBSD 10.0-RELEASE #0: Sun Apr 13 03:14:30 HKT 2014 root at FB10:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
According to the man page, we have this option.
in|out
Matches incoming or outgoing packets, respectively. in and out are mutually exclusive (in fact, out is implemented as not in).
But below test case can demonstrate this feature is not working on FreeBSD10
>How-To-Repeat:
1. Create two lines of rule to filter in traffic and all traffic.
ipfw add count all from any to any MAC any any in via em0
ipfw add count all from any to any MAC any any via em0
2. Show the counters
00100 0 0 count ip from any to any MAC any any in via em0
00200 26 2232 count ip from any to any MAC any any via em0
65535 3453 293448 allow ip from any to any
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list