From owner-freebsd-ipfw@FreeBSD.ORG Mon Nov 15 11:06:58 2010 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6695E10656AA for ; Mon, 15 Nov 2010 11:06:58 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 492E78FC1A for ; Mon, 15 Nov 2010 11:06:58 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id oAFB6wbm086316 for ; Mon, 15 Nov 2010 11:06:58 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id oAFB6vfW086314 for freebsd-ipfw@FreeBSD.org; Mon, 15 Nov 2010 11:06:57 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 15 Nov 2010 11:06:57 GMT Message-Id: <201011151106.oAFB6vfW086314@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-ipfw@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-ipfw@FreeBSD.org X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Nov 2010 11:06:58 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/150798 ipfw [ipfw] ipfw2 fwd rule matches packets but does not do o kern/150141 ipfw [ipfw]: Not working kernel nat freeBSD 8.1 o kern/149572 ipfw [ipfw] ipfw kernel nat not working properly o kern/148928 ipfw [ipfw] Problem with loading of ipfw NAT rules during s o kern/148827 ipfw [ipfw] divert broken with in-kernel ipfw o kern/148689 ipfw [ipfw] antispoof wrongly triggers on link local IPv6 a o kern/148430 ipfw [ipfw] IPFW schedule delete broken. o kern/148157 ipfw [ipfw] IPFW in kernel nat BUG found in FreeBSD 8.1-PRE o conf/148144 ipfw [patch] add ipfw_nat support for rc.firewall simple ty o conf/148137 ipfw [ipfw] call order of natd and ipfw startup scripts o kern/148091 ipfw [ipfw] ipfw ipv6 handling broken. o kern/147720 ipfw [ipfw] ipfw dynamic rules and fwd o kern/145733 ipfw [ipfw] [patch] ipfw flaws with ipv6 fragments o kern/145305 ipfw [ipfw] ipfw problems, panics, data corruption, ipv6 so o kern/145167 ipfw [ipfw] ipfw nat does not follow its documentation o kern/144269 ipfw [ipfw] problem with ipfw tables o kern/144187 ipfw [ipfw] deadlock using multiple ipfw nat and multiple l o kern/143973 ipfw [ipfw] [panic] ipfw forward option causes kernel reboo o kern/143653 ipfw [ipfw] [patch] ipfw nat redirect_port "buf is too smal o kern/143621 ipfw [ipfw] [dummynet] [patch] dummynet and vnet use result o kern/143474 ipfw [ipfw] ipfw table contains the same address f kern/142951 ipfw [dummynet] using pipes&queues gives OUCH! pipe should o kern/139581 ipfw [ipfw] "ipfw pipe" not limiting bandwidth o kern/139226 ipfw [ipfw] install_state: entry already present, done o kern/137346 ipfw [ipfw] ipfw nat redirect_proto is broken o kern/137232 ipfw [ipfw] parser troubles o kern/136695 ipfw [ipfw] [patch] fwd reached after skipto in dynamic rul o kern/135476 ipfw [ipfw] IPFW table breaks after adding a large number o o bin/134975 ipfw [patch] ipfw(8) can't work with set in rule file. o kern/132553 ipfw [ipfw] ipfw doesn't understand ftp-data port o kern/131817 ipfw [ipfw] blocks layer2 packets that should not be blocke o kern/131601 ipfw [ipfw] [panic] 7-STABLE panic in nat_finalise (tcp=0) o kern/131558 ipfw [ipfw] Inconsistent "via" ipfw behavior o bin/130132 ipfw [patch] ipfw(8): no way to get mask from ipfw pipe sho o kern/129103 ipfw [ipfw] IPFW check state does not work =( o kern/129093 ipfw [ipfw] ipfw nat must not drop packets o kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n o kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/127209 ipfw [ipfw] IPFW table become corrupted after many changes o bin/125370 ipfw [ipfw] [patch] increase a line buffer limit o conf/123119 ipfw [patch] rc script for ipfw does not handle IPv6 o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip o kern/122109 ipfw [ipfw] ipfw nat traceroute problem s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121382 ipfw [dummynet] 6.3-RELEASE-p1 page fault in dummynet (corr o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o kern/118993 ipfw [ipfw] page fault - probably it's a locking problem o bin/117214 ipfw ipfw(8) fwd with IPv6 treats input as IPv4 o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from o docs/113803 ipfw [patch] ipfw(8) - don't get bitten by the fwd rule o kern/112561 ipfw [ipfw] ipfw fwd does not work with some TCP packets o kern/105330 ipfw [ipfw] [patch] ipfw (dummynet) does not allow to set q o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support o kern/98831 ipfw [ipfw] ipfw has UDP hickups o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v o kern/93300 ipfw [ipfw] ipfw pipe lost packets o kern/91847 ipfw [ipfw] ipfw with vlanX as the device o kern/88659 ipfw [modules] ipfw and ip6fw do not work properly as modul o kern/87032 ipfw [ipfw] [patch] ipfw ioctl interface implementation o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o bin/83046 ipfw [ipfw] ipfw2 error: "setup" is allowed for icmp, but s o kern/82724 ipfw [ipfw] [patch] [request] Add setnexthop and defaultrou s kern/80642 ipfw [ipfw] [patch] ipfw small patch - new RULE OPTION o bin/78785 ipfw [patch] ipfw(8) verbosity locks machine if /etc/rc.fir o kern/74104 ipfw [ipfw] ipfw2/1 conflict not detected or reported, manp o kern/73910 ipfw [ipfw] serious bug on forwarding of packets after NAT o kern/72987 ipfw [ipfw] ipfw/dummynet pipe/queue 'queue [BYTES]KBytes ( o kern/71366 ipfw [ipfw] "ipfw fwd" sometimes rewrites destination mac a o kern/69963 ipfw [ipfw] install_state warning about already existing en o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes o kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/51274 ipfw [ipfw] [patch] ipfw2 create dynamic rules with parent o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o kern/46159 ipfw [ipfw] [patch] [request] ipfw dynamic rules lifetime f a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau 81 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Tue Nov 16 15:20:11 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B743E106570E for ; Tue, 16 Nov 2010 15:20:10 +0000 (UTC) (envelope-from sorem-real-atualcard@sorem.onda.com.br) Received: from sorem.onda.com.br (sorem.onda.com.br [200.195.197.42]) by mx1.freebsd.org (Postfix) with ESMTP id B630A8FC0C for ; Tue, 16 Nov 2010 15:20:09 +0000 (UTC) Received: by sorem.onda.com.br (Postfix, from userid 0) id B545422583D5; Tue, 16 Nov 2010 12:52:02 -0200 (BRST) To: freebsd-ipfw@freebsd.org From: REVENDA BRINDES Content-Transfer-Encoding: 7bit X-SOREM-Campaign-ID: 38_309343001289916828 X-Mailer: SOREM Message-Id: <20101116145202.B545422583D5@sorem.onda.com.br> Date: Tue, 16 Nov 2010 12:52:02 -0200 (BRST) MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Chaveiro Moto por 0,39 e Canetas por 0,67 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: REVENDA BRINDES List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Nov 2010 15:20:11 -0000 [1]REVENDABRINDES.COM.BR [2]REVENDABRINDES.COM.BR [3]Chaveiro Metálico Anzol por R$ 0,96 cada [4]Chaveiro de moto por R$ 0,39 cada [5]Canetas Plásticas impressas em uma cor por R$0,67 cada [6]REVENDABRINDES.COM.BR [7]VÁRIAS FORMAS DE PAGAMENTO Caso você não queira receber nossas mensagens, [8]clique aqui que seu e-mail será retirado imediatamente de nossa lista. References 1. http://sorem.onda.com.br/sorem/click.php?s=94275876c08c3d230eb03f62e099a967&e=149e648b794be562f85e0af66b7edb65&u=http://www.revendabrindes.com.br 2. http://sorem.onda.com.br/sorem/click.php?s=94275876c08c3d230eb03f62e099a967&e=149e648b794be562f85e0af66b7edb65&u=http://www.revendabrindes.com.br 3. http://sorem.onda.com.br/sorem/click.php?s=94275876c08c3d230eb03f62e099a967&e=149e648b794be562f85e0af66b7edb65&u=http://www.revendabrindes.com.br/produto/info/16/chaveiros-metalicos-1-cod-108-mosquetao-cromado.html 4. http://sorem.onda.com.br/sorem/click.php?s=94275876c08c3d230eb03f62e099a967&e=149e648b794be562f85e0af66b7edb65&u=http://www.revendabrindes.com.br/produto/lista/36/moto.html 5. http://sorem.onda.com.br/sorem/click.php?s=94275876c08c3d230eb03f62e099a967&e=149e648b794be562f85e0af66b7edb65&u=http://www.revendabrindes.com.br 6. http://sorem.onda.com.br/sorem/click.php?s=94275876c08c3d230eb03f62e099a967&e=149e648b794be562f85e0af66b7edb65&u=http://www.revendabrindes.com.br/produto/lista/6/plasticas.html 7. http://sorem.onda.com.br/sorem/click.php?s=94275876c08c3d230eb03f62e099a967&e=149e648b794be562f85e0af66b7edb65&u=http://www.revendabrindes.com.br 8. http://sorem.onda.com.br/sorem/optout.php?s=94275876c08c3d230eb03f62e099a967&e=149e648b794be562f85e0af66b7edb65&u=http://www.ondaexpress.com.br From owner-freebsd-ipfw@FreeBSD.ORG Fri Nov 19 20:06:42 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0E6241065670 for ; Fri, 19 Nov 2010 20:06:42 +0000 (UTC) (envelope-from gumbo@bsdmail.org) Received: from imr-db03.mx.aol.com (imr-db03.mx.aol.com [205.188.91.97]) by mx1.freebsd.org (Postfix) with ESMTP id C06238FC27 for ; Fri, 19 Nov 2010 20:06:41 +0000 (UTC) Received: from imo-da04.mx.aol.com (imo-da04.mx.aol.com [205.188.169.202]) by imr-db03.mx.aol.com (8.14.1/8.14.1) with ESMTP id oAJJuFZ0008117 for ; Fri, 19 Nov 2010 14:56:15 -0500 Received: from gumbo@bsdmail.org by imo-da04.mx.aol.com (mail_out_v42.9.) id n.f04.e7c6790 (56034) for ; Fri, 19 Nov 2010 14:56:06 -0500 (EST) Received: from smtprly-de03.mx.aol.com (smtprly-de03.mx.aol.com [205.188.249.170]) by cia-md08.mx.aol.com (v129.7) with ESMTP id MAILCIAMD088-b2404ce6d654295; Fri, 19 Nov 2010 14:56:06 -0500 Received: from web-mmc-m01 (web-mmc-m01.sim.aol.com [64.12.224.134]) by smtprly-de03.mx.aol.com (v129.5) with ESMTP id MAILSMTPRLYDE031-b2404ce6d654295; Fri, 19 Nov 2010 14:56:04 -0500 To: freebsd-ipfw@freebsd.org Date: Fri, 19 Nov 2010 14:56:04 -0500 X-MB-Message-Source: WebUI X-AOL-IP: 67.180.99.85 X-MB-Message-Type: User MIME-Version: 1.0 From: gumbo@bsdmail.org X-Mailer: Mail.com Webmail 32945-STANDARD Received: from 67.180.99.85 by web-mmc-m01.sysops.aol.com (64.12.224.134) with HTTP (WebMailUI); Fri, 19 Nov 2010 14:56:04 -0500 Message-Id: <8CD563AEEF556DE-1A54-477C@web-mmc-m01.sysops.aol.com> X-Spam-Flag: NO X-AOL-SENDER: gumbo@bsdmail.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ipfw "fwd" command fails using ipv6 addresses X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Nov 2010 20:06:42 -0000 I'm running freebsd 7.2 and trying to find a way to forward a packet to di= fferent subnets based on it's source address. The following command works fine for ipv4 addresses but fails for ipv6 add= resses. ipfw add 101 fwd nextaddr ip from myaddr to any out This works fine if nextaddr and myaddr are ipv4 but fails to work if they= resolve to ipv6. Is this not yet supported or is there another way to accomplish the same= thing ? Thanks for any insight, Rick From owner-freebsd-ipfw@FreeBSD.ORG Sat Nov 20 09:23:14 2010 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 51F1E1065670; Sat, 20 Nov 2010 09:23:14 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 28D968FC0A; Sat, 20 Nov 2010 09:23:14 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id oAK9NEpN010254; Sat, 20 Nov 2010 09:23:14 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id oAK9NEiG010250; Sat, 20 Nov 2010 09:23:14 GMT (envelope-from linimon) Date: Sat, 20 Nov 2010 09:23:14 GMT Message-Id: <201011200923.oAK9NEiG010250@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/152113: [ipfw] page fault on 8.1-RELEASE caused by certain amount of traffic through router X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Nov 2010 09:23:14 -0000 Old Synopsis: page fault on 8.1-RELEASE caused by certain amount of traffic through router New Synopsis: [ipfw] page fault on 8.1-RELEASE caused by certain amount of traffic through router Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw Responsible-Changed-By: linimon Responsible-Changed-When: Sat Nov 20 09:22:46 UTC 2010 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=152113 From owner-freebsd-ipfw@FreeBSD.ORG Sat Nov 20 10:18:59 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 44C03106564A for ; Sat, 20 Nov 2010 10:18:59 +0000 (UTC) (envelope-from lars.eggert@nokia.com) Received: from mgw-sa02.nokia.com (smtp.nokia.com [147.243.1.48]) by mx1.freebsd.org (Postfix) with ESMTP id E61CB8FC12 for ; Sat, 20 Nov 2010 10:18:58 +0000 (UTC) Received: from mail.fit.nokia.com (esdhcp030222.research.nokia.com [172.21.30.222]) by mgw-sa02.nokia.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id oAK9gm8M009368 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 20 Nov 2010 11:42:48 +0200 X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.96.4 at fit.nokia.com Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: multipart/signed; boundary=Apple-Mail-4-553827658; protocol="application/pkcs7-signature"; micalg=sha1 From: Lars Eggert In-Reply-To: <8CD563AEEF556DE-1A54-477C@web-mmc-m01.sysops.aol.com> Date: Sat, 20 Nov 2010 11:42:36 +0200 Message-Id: <459A620A-9F67-40FE-A0A4-E390EE39F4CC@nokia.com> References: <8CD563AEEF556DE-1A54-477C@web-mmc-m01.sysops.aol.com> To: gumbo@bsdmail.org X-Mailer: Apple Mail (2.1082) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.6 (mail.fit.nokia.com); Sat, 20 Nov 2010 11:42:41 +0200 (EET) X-Spam-Status: No, score=-98.9 required=5.0 tests=AWL, BAYES_00, MISSING_SUBJECT, RDNS_NONE,SPF_SOFTFAIL,USER_IN_WHITELIST autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on fit.nokia.com X-Nokia-AV: Clean X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw "fwd" command fails using ipv6 addresses X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Nov 2010 10:18:59 -0000 --Apple-Mail-4-553827658 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On 2010-11-19, at 21:56, gumbo@bsdmail.org wrote: > The following command works fine for ipv4 addresses but fails for ipv6 = addresses. > ipfw add 101 fwd nextaddr ip from myaddr to any out > This works fine if nextaddr and myaddr are ipv4 but fails to work if = they resolve to ipv6. > Is this not yet supported or is there another way to accomplish the = same thing ? I ran into the same issue a few months ago, and the answer was that IPv6 = support in ipfw is generally still not on par with IPv4. So yes, this is = known. (I do think that this lack of IPv6 features is a problem. But FreeBSD is = a volunteer effort, and I can't commit any of my own cycles to fixing = this so I really don't have a right to complain either.) Lars= --Apple-Mail-4-553827658--