FW: misc/64694: UID/GID matching in ipfw non-functional
Grant Millar
Co0lkizz at btinternet.com
Mon Apr 5 06:02:01 PDT 2004
I understand this but it should not mean that uid matching should not
work
for ALL sockets am I correct. This all started by a friend of mine
entering
exactly the same rules in my rule set as his and it not working he too
was
using 4.9 Release and we compiled our kernels with exactly the same
options
this is what lead me the submit this as a bug. I mean why even implement
uid
matching if it does not work...
Another example, I setup an ircd on the IP 66.90.x.236 on the uid admin
and add the following rules to ipfw,
01600 21092 1981319 allow ip from any to 66.90.x.236 in
01700 90 10033 allow ip from 66.90.x.236 to any out via fxp0 uid
admin
01800 144 13517 deny ip from 66.90.x.236 to any
The 90 packets being accepted were from just before I added the deny
rule
after adding the deny rule all packets were dropped.
Does anyone agree that this is a problem?
Grant
More information about the freebsd-ipfw
mailing list