From owner-freebsd-bugs@FreeBSD.ORG Mon Mar 29 14:40:04 2004 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C6E6716A4CF for ; Mon, 29 Mar 2004 14:40:04 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id BE64743D41 for ; Mon, 29 Mar 2004 14:40:04 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i2TMe4bv013029 for ; Mon, 29 Mar 2004 14:40:04 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i2TMe4m4013028; Mon, 29 Mar 2004 14:40:04 -0800 (PST) (envelope-from gnats) Date: Mon, 29 Mar 2004 14:40:04 -0800 (PST) Message-Id: <200403292240.i2TMe4m4013028@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: "Grant Millar" Subject: Re: misc/64694: UID/GID matching in ipfw non-functional X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Grant Millar List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Mar 2004 22:40:05 -0000 The following reply was made to PR misc/64694; it has been noted by GNATS. From: "Grant Millar" To: , Cc: Subject: Re: misc/64694: UID/GID matching in ipfw non-functional Date: Mon, 29 Mar 2004 23:37:44 +0100 This is a multi-part message in MIME format. ------=_NextPart_000_0001_01C415E6.D66CEA60 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Ok so still no clarification as to whether this is an ipfw bug. I've also tried trying to match the uid to the current user whom is running the process as well as root. 00100 1086 99590 allow ip from 66.90.98.2 to any uid root 00200 1556 83728 allow ip from any to 66.90.98.2 in 00400 0 0 deny ip from 66.90.98.2 to any uid root 00500 107 14366 deny ip from 66.90.98.2 to any uid admin 65535 32314 3262298 allow ip from any to any Seems to be able to deny if a uid is specified so why not any? Grant ------=_NextPart_000_0001_01C415E6.D66CEA60 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Ok so still no clarification as to whether this is an ipfw bug. I’ve = also tried trying

to match the uid to the current user whom is running the process as well as = root.

 

00100  1086   99590 allow ip from 66.90.98.2 to any uid = root

00200  1556   83728 allow ip from any to 66.90.98.2 = in

00400     0       0 deny ip from 66.90.98.2 to any = uid root

00500   107   14366 deny ip from 66.90.98.2 to any uid = admin

65535 32314 3262298 allow ip from any to any

 

Seems to be able to deny if a uid is specified so why not = any?

 

Grant

------=_NextPart_000_0001_01C415E6.D66CEA60--