Current problem reports assigned to freebsd-ipfw@FreeBSD.org
Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description o kern/157796 ipfw [ipfw] IPFW in-kernel NAT nat loopback / Default Route o kern/157689 ipfw [ipfw] ipfw nat config does not accept nonexistent int p kern/157379 ipfw [ipfw] mtr does not work if I use ipfw nat o kern/157239 ipfw [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packet o kern/156770 ipfw [ipfw] [dummynet] [patch]: performance improvement and o bin/156653 ipfw ipfw(8) reports missing file as parameter problem p kern/156410 ipfw [patch][ipfw] tablearg option for ipfw setfib o kern/155927 ipfw [ipfw] ipfw stops to check packets for compliance with o bin/153252 ipfw [ipfw][patch] ipfw lockdown system in subsequent call o kern/153161 ipfw IPFIREWALL does not allow specify rules with ICMP code o kern/152113 ipfw [ipfw] page fault on 8.1-RELEASE caused by certain amo p kern/150798 ipfw [ipfw] ipfw2 fwd rule matches packets but does not do o kern/148827 ipfw [ipfw] divert broken with in-kernel ipfw o kern/148689 ipfw [ipfw] antispoof wrongly triggers on link local IPv6 a o kern/148430 ipfw [ipfw] IPFW schedule delete broken. f kern/148157 ipfw [ipfw] IPFW in kernel nat BUG found in FreeBSD 8.1-PRE o kern/148091 ipfw [ipfw] ipfw ipv6 handling broken. o kern/147720 ipfw [ipfw] ipfw dynamic rules and fwd o kern/145305 ipfw [ipfw] ipfw problems, panics, data corruption, ipv6 so o kern/144269 ipfw [ipfw] problem with ipfw tables o kern/144187 ipfw [ipfw] deadlock using multiple ipfw nat and multiple l o kern/143973 ipfw [ipfw] [panic] ipfw forward option causes kernel reboo o kern/143621 ipfw [ipfw] [dummynet] [patch] dummynet and vnet use result o kern/143474 ipfw [ipfw] ipfw table contains the same address o kern/137346 ipfw [ipfw] ipfw nat redirect_proto is broken o kern/137232 ipfw [ipfw] parser troubles p kern/136695 ipfw [ipfw] [patch] fwd reached after skipto in dynamic rul o kern/135476 ipfw [ipfw] IPFW table breaks after adding a large number o p bin/134975 ipfw [patch] ipfw(8) can't work with set in rule file. o kern/131817 ipfw [ipfw] blocks layer2 packets that should not be blocke o kern/131558 ipfw [ipfw] Inconsistent "via" ipfw behavior f bin/130132 ipfw [patch] ipfw(8): no way to get mask from ipfw pipe sho o kern/129103 ipfw [ipfw] IPFW check state does not work =( p kern/129093 ipfw [ipfw] ipfw nat must not drop packets o kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n o kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/127209 ipfw [ipfw] IPFW table become corrupted after many changes p bin/125370 ipfw [ipfw] [patch] increase a line buffer limit o conf/123119 ipfw [patch] rc script for ipfw does not handle IPv6 o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip p kern/122109 ipfw [ipfw] ipfw nat traceroute problem s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121382 ipfw [dummynet] 6.3-RELEASE-p1 page fault in dummynet (corr o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o kern/118993 ipfw [ipfw] page fault - probably it's a locking problem o bin/117214 ipfw ipfw(8) fwd with IPv6 treats input as IPv4 o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from o docs/113803 ipfw [patch] ipfw(8) - don't get bitten by the fwd rule f kern/112561 ipfw [ipfw] ipfw fwd does not work with some TCP packets o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support f kern/98831 ipfw [ipfw] ipfw has UDP hickups o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v f kern/93300 ipfw [ipfw] ipfw pipe lost packets o kern/91847 ipfw [ipfw] ipfw with vlanX as the device o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o bin/83046ipfw [ipfw] ipfw2 error: "setup" is allowed for icmp, but s o k
Re: kern/156410: [patch][ipfw] tablearg option for ipfw setfib
Synopsis: [patch][ipfw] tablearg option for ipfw setfib State-Changed-From-To: patched->closed State-Changed-By: ae State-Changed-When: Tue Jun 14 04:38:12 UTC 2011 State-Changed-Why: Merged to stable/8. Thanks! http://www.freebsd.org/cgi/query-pr.cgi?pr=156410 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Re: kern/156410: commit references a PR
The following reply was made to PR kern/156410; it has been noted by GNATS.
From: dfil...@freebsd.org (dfilter service)
To: bug-follo...@freebsd.org
Cc:
Subject: Re: kern/156410: commit references a PR
Date: Tue, 14 Jun 2011 04:37:23 + (UTC)
Author: ae
Date: Tue Jun 14 04:37:09 2011
New Revision: 223070
URL: http://svn.freebsd.org/changeset/base/223070
Log:
MFC r222473:
Add tablearg support for ipfw setfib.
PR:kern/156410
MFC r222474:
Wrap long line.
Modified:
stable/8/sbin/ipfw/ipfw.8
stable/8/sbin/ipfw/ipfw2.c
stable/8/sys/netinet/ipfw/ip_fw2.c
stable/8/sys/netinet/ipfw/ip_fw_sockopt.c
Directory Properties:
stable/8/sbin/ipfw/ (props changed)
stable/8/sys/ (props changed)
stable/8/sys/amd64/include/xen/ (props changed)
stable/8/sys/cddl/contrib/opensolaris/ (props changed)
stable/8/sys/contrib/dev/acpica/ (props changed)
stable/8/sys/contrib/pf/ (props changed)
Modified: stable/8/sbin/ipfw/ipfw.8
==
--- stable/8/sbin/ipfw/ipfw.8 Tue Jun 14 04:34:20 2011(r223069)
+++ stable/8/sbin/ipfw/ipfw.8 Tue Jun 14 04:37:09 2011(r223070)
@@ -1,7 +1,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd July 27, 2010
+.Dd May 30, 2011
.Dt IPFW 8
.Os
.Sh NAME
@@ -867,13 +867,16 @@ for more information on
and
.Cm ngtee
actions.
-.It Cm setfib Ar fibnum
+.It Cm setfib Ar fibnum | tablearg
The packet is tagged so as to use the FIB (routing table)
.Ar fibnum
in any subsequent forwarding decisions.
Initially this is limited to the values 0 through 15, see
.Xr setfib 1 .
Processing continues at the next rule.
+It is possible to use the
+.Cm tablearg
+keyword with a setfib. If tablearg value is not within compiled FIB range
packet fib is set to 0.
.It Cm reass
Queue and reassemble ip fragments.
If the packet is not fragmented, counters are updated and processing
continues with the next rule.
@@ -1697,7 +1700,7 @@ is used.
The
.Cm tablearg
argument can be used with the following actions:
-.Cm nat, pipe , queue, divert, tee, netgraph, ngtee, fwd, skipto
+.Cm nat, pipe , queue, divert, tee, netgraph, ngtee, fwd, skipto, setfib,
action parameters:
.Cm tag, untag,
rule options:
Modified: stable/8/sbin/ipfw/ipfw2.c
==
--- stable/8/sbin/ipfw/ipfw2.c Tue Jun 14 04:34:20 2011(r223069)
+++ stable/8/sbin/ipfw/ipfw2.c Tue Jun 14 04:37:09 2011(r223070)
@@ -2826,14 +2826,19 @@ chkarg:
size_t intsize = sizeof(int);
action->opcode = O_SETFIB;
- NEED1("missing fib number");
- action->arg1 = strtoul(*av, NULL, 10);
- if (sysctlbyname("net.fibs", &numfibs, &intsize, NULL, 0) == -1)
- errx(EX_DATAERR, "fibs not suported.\n");
- if (action->arg1 >= numfibs) /* Temporary */
- errx(EX_DATAERR, "fib too large.\n");
- av++;
- break;
+ NEED1("missing fib number");
+ if (_substrcmp(*av, "tablearg") == 0) {
+ action->arg1 = IP_FW_TABLEARG;
+ } else {
+ action->arg1 = strtoul(*av, NULL, 10);
+ if (sysctlbyname("net.fibs", &numfibs, &intsize,
+ NULL, 0) == -1)
+ errx(EX_DATAERR, "fibs not suported.\n");
+ if (action->arg1 >= numfibs) /* Temporary */
+ errx(EX_DATAERR, "fib too large.\n");
+ }
+ av++;
+ break;
}
case TOK_REASS:
Modified: stable/8/sys/netinet/ipfw/ip_fw2.c
==
--- stable/8/sys/netinet/ipfw/ip_fw2.c Tue Jun 14 04:34:20 2011
(r223069)
+++ stable/8/sys/netinet/ipfw/ip_fw2.c Tue Jun 14 04:37:09 2011
(r223070)
@@ -2101,14 +2101,21 @@ do {
\
done = 1; /* exit outer loop */
break;
- case O_SETFIB:
+ case O_SETFIB: {
+ uint32_t fib;
+
f->pcnt++; /* update stats */
f->bcnt += pktlen;
f->timestamp = time_uptime;
- M_SETFIB(m, cmd->arg1);
- args->f_id.fib = cmd->arg1;
+ fib = (cmd->arg1 == IP_FW_TABLEARG) ? tablearg:
+ cmd->arg1;
+ if (fib >= rt_numfibs)
+ fib = 0;
+
Re: kern/157867: [patch][ipfw] natd globalport support for ipfw nat
Synopsis: [patch][ipfw] natd globalport support for ipfw nat Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw Responsible-Changed-By: ae Responsible-Changed-When: Tue Jun 14 06:36:57 UTC 2011 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=157867 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Re: kern/152360: [dummynet] [panic] Crash related to dummynet.
Synopsis: [dummynet] [panic] Crash related to dummynet. Responsible-Changed-From-To: freebsd-net->freebsd-ipfw Responsible-Changed-By: ae Responsible-Changed-When: Tue Jun 14 06:56:18 UTC 2011 Responsible-Changed-Why: Reassign. It's ipfw related. http://www.freebsd.org/cgi/query-pr.cgi?pr=152360 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
