Re: docs/113803: [patch] ipfw(8) - don't get bitten by the fwd rule
Synopsis: [patch] ipfw(8) - don't get bitten by the fwd rule State-Changed-From-To: open->closed State-Changed-By: ae State-Changed-When: Mon Jun 27 07:45:59 UTC 2011 State-Changed-Why: The manual page already has a note about need of the custom kernel configuration. When ipfw is used as module it reports that forwarding is disabled and returns error for each fwd rule. http://www.freebsd.org/cgi/query-pr.cgi?pr=113803 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Re: kern/55984: [ipfw] [patch] time based firewalling support for ipfw2
Synopsis: [ipfw] [patch] time based firewalling support for ipfw2 State-Changed-From-To: open->suspended State-Changed-By: ae State-Changed-When: Mon Jun 27 07:56:31 UTC 2011 State-Changed-Why: Personally i recommend to use sets of rules and switch between them with cron(8). But maybe someone will find this feature interesting, so i suspend this PR. http://www.freebsd.org/cgi/query-pr.cgi?pr=55984 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Current problem reports assigned to freebsd-ipfw@FreeBSD.org
Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description o kern/158066 ipfw [ipfw] ipfw + netgraph + multicast = multicast packets p kern/157957 ipfw [libalias][patch] alias_ftp does not alias data sessio p kern/157867 ipfw [patch][ipfw] natd globalport support for ipfw nat o kern/157796 ipfw [ipfw] IPFW in-kernel NAT nat loopback / Default Route o kern/157689 ipfw [ipfw] ipfw nat config does not accept nonexistent int p kern/157379 ipfw [ipfw] mtr does not work if I use ipfw nat p kern/157239 ipfw [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packet o kern/156770 ipfw [ipfw] [dummynet] [patch]: performance improvement and o bin/156653 ipfw ipfw(8) reports missing file as parameter problem o kern/155927 ipfw [ipfw] ipfw stops to check packets for compliance with o bin/153252 ipfw [ipfw][patch] ipfw lockdown system in subsequent call o kern/153161 ipfw IPFIREWALL does not allow specify rules with ICMP code o kern/152113 ipfw [ipfw] page fault on 8.1-RELEASE caused by certain amo p kern/150798 ipfw [ipfw] ipfw2 fwd rule matches packets but does not do o kern/148827 ipfw [ipfw] divert broken with in-kernel ipfw o kern/148689 ipfw [ipfw] antispoof wrongly triggers on link local IPv6 a o kern/148430 ipfw [ipfw] IPFW schedule delete broken. o kern/148091 ipfw [ipfw] ipfw ipv6 handling broken. o kern/147720 ipfw [ipfw] ipfw dynamic rules and fwd o kern/144269 ipfw [ipfw] problem with ipfw tables o kern/144187 ipfw [ipfw] deadlock using multiple ipfw nat and multiple l o kern/143973 ipfw [ipfw] [panic] ipfw forward option causes kernel reboo o kern/143621 ipfw [ipfw] [dummynet] [patch] dummynet and vnet use result o kern/143474 ipfw [ipfw] ipfw table contains the same address o kern/137346 ipfw [ipfw] ipfw nat redirect_proto is broken o kern/137232 ipfw [ipfw] parser troubles p kern/136695 ipfw [ipfw] [patch] fwd reached after skipto in dynamic rul o kern/135476 ipfw [ipfw] IPFW table breaks after adding a large number o o kern/131817 ipfw [ipfw] blocks layer2 packets that should not be blocke o kern/131558 ipfw [ipfw] Inconsistent "via" ipfw behavior p kern/129093 ipfw [ipfw] ipfw nat must not drop packets f kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n o kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/127209 ipfw [ipfw] IPFW table become corrupted after many changes o conf/123119 ipfw [patch] rc script for ipfw does not handle IPv6 o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip p kern/122109 ipfw [ipfw] ipfw nat traceroute problem s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o bin/117214 ipfw ipfw(8) fwd with IPv6 treats input as IPv4 o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v o kern/91847 ipfw [ipfw] ipfw with vlanX as the device o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o bin/83046ipfw [ipfw] ipfw2 error: "setup" is allowed for icmp, but s o kern/82724 ipfw [ipfw] [patch] [request] Add setnexthop and defaultrou o bin/78785ipfw [patch] ipfw(8) verbosity locks machine if /etc/rc.fir o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes s kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o kern/46159 ipfw [ipfw] [patch] [request] ipfw dynamic rules lifetime f a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau 59 problems total. ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd
Re: kern/128260: [ipfw] [patch] ipfw_divert damages IPv6 packets
Synopsis: [ipfw] [patch] ipfw_divert damages IPv6 packets State-Changed-From-To: open->patched State-Changed-By: ae State-Changed-When: Mon Jun 27 12:53:05 UTC 2011 State-Changed-Why: Patched in head/ with r223593. http://www.freebsd.org/cgi/query-pr.cgi?pr=128260 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
ipfw news
I'm delighted to see that so much work is being done recently on ipfw, i.e. patching. But it also makes me wonder if there is anything new cooking for FreeBSD 9.0? Anybody knows? Michael ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Re: conf/123119: [patch] rc script for ipfw does not handle IPv6
Synopsis: [patch] rc script for ipfw does not handle IPv6 Responsible-Changed-From-To: freebsd-ipfw->freebsd-rc Responsible-Changed-By: ae Responsible-Changed-When: Tue Jun 28 05:21:43 UTC 2011 Responsible-Changed-Why: Reassign to freebsd-rc@. This functionality is already present in head/ and stable/8. But stable/7 does not support some needed features in rc.subr and in the kernel to merge this support. http://www.freebsd.org/cgi/query-pr.cgi?pr=123119 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Re: kern/144187: [ipfw] deadlock using multiple ipfw nat and multiple limit statements
Synopsis: [ipfw] deadlock using multiple ipfw nat and multiple limit statements State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Tue Jun 28 05:29:45 UTC 2011 State-Changed-Why: Can you still reproduce this on a supported release? Or maybe you can test your rules on head/ branch? There were some changes related to ipfw_nat. http://www.freebsd.org/cgi/query-pr.cgi?pr=144187 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Re: kern/155927: [ipfw] ipfw stops to check packets for compliance with the rules, letting everything Rules
Synopsis: [ipfw] ipfw stops to check packets for compliance with the rules, letting everything Rules State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Tue Jun 28 05:36:11 UTC 2011 State-Changed-Why: Can you still reproduce this? It seems that you have misconfigured something. http://www.freebsd.org/cgi/query-pr.cgi?pr=155927 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Re: kern/91847: [ipfw] ipfw with vlanX as the device
Synopsis: [ipfw] ipfw with vlanX as the device State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Tue Jun 28 06:00:28 UTC 2011 State-Changed-Why: Can you still reproduce this on a supported release? http://www.freebsd.org/cgi/query-pr.cgi?pr=91847 ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
