From owner-freebsd-bugs@FreeBSD.ORG Wed Feb 18 15:50:01 2009 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6F19F1065674 for ; Wed, 18 Feb 2009 15:50:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 2F1FE8FC0C for ; Wed, 18 Feb 2009 15:50:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n1IFo1Eq036576 for ; Wed, 18 Feb 2009 15:50:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n1IFo1O7036575; Wed, 18 Feb 2009 15:50:01 GMT (envelope-from gnats) Resent-Date: Wed, 18 Feb 2009 15:50:01 GMT Resent-Message-Id: <200902181550.n1IFo1O7036575@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Eugene Grosbein Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9290D1065675 for ; Wed, 18 Feb 2009 15:40:49 +0000 (UTC) (envelope-from eugen@grosbein.pp.ru) Received: from grosbein.pp.ru (grosbein.pp.ru [89.189.172.146]) by mx1.freebsd.org (Postfix) with ESMTP id 6A6878FC0C for ; Wed, 18 Feb 2009 15:40:47 +0000 (UTC) (envelope-from eugen@grosbein.pp.ru) Received: from grosbein.pp.ru (localhost [127.0.0.1]) by grosbein.pp.ru (8.14.3/8.14.3) with ESMTP id n1IFARnA001548 for ; Wed, 18 Feb 2009 22:10:27 +0700 (KRAT) (envelope-from eugen@grosbein.pp.ru) Received: (from eugen@localhost) by grosbein.pp.ru (8.14.3/8.14.3/Submit) id n1IFAQGj001547; Wed, 18 Feb 2009 22:10:26 +0700 (KRAT) (envelope-from eugen) Message-Id: <200902181510.n1IFAQGj001547@grosbein.pp.ru> Date: Wed, 18 Feb 2009 22:10:26 +0700 (KRAT) From: Eugene Grosbein To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: kern/131817: ipfw blocks layer2 packets that should not be blocked X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Eugene Grosbein List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 15:50:01 -0000 >Number: 131817 >Category: kern >Synopsis: ipfw blocks layer2 packets that should not be blocked >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Feb 18 15:50:00 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Eugene Grosbein >Release: FreeBSD 7.1-STABLE i386 >Organization: Svyaz-Service >Environment: System: FreeBSD grosbein.pp.ru 7.1-STABLE FreeBSD 7.1-STABLE #13: Tue Feb 17 20:11:39 KRAT 2009 eu@grosbein.pp.ru:/usr/local/obj/usr/local/src/sys/DADV i386 >Description: The rule: ipfw add 1000 deny ip from any to any out recv fxp0 xmit fxp0 blocks outgoing ARP replys on the interface fxp0 if sysctl net.link.ether.ipfw is set to 1. ARP reply is not transit packet received from fxp0 and must not be blocked in this case. This is serious bug and it exists in ipfw2 since RELENG_4. >How-To-Repeat: See above. >Fix: Unknown. Eugene Grosbein >Release-Note: >Audit-Trail: >Unformatted: