From owner-freebsd-ipfw@FreeBSD.ORG  Wed Mar 30 09:35:20 2011
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B141C106567B
	for <freebsd-ipfw@freebsd.org>; Wed, 30 Mar 2011 09:35:20 +0000 (UTC)
	(envelope-from smithi@nimnet.asn.au)
Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159])
	by mx1.freebsd.org (Postfix) with ESMTP id 2D90F8FC12
	for <freebsd-ipfw@freebsd.org>; Wed, 30 Mar 2011 09:35:19 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id p2U9ZIp4034521;
	Wed, 30 Mar 2011 20:35:18 +1100 (EST)
	(envelope-from smithi@nimnet.asn.au)
Date: Wed, 30 Mar 2011 20:35:18 +1100 (EST)
From: Ian Smith <smithi@nimnet.asn.au>
To: Marcin Wisnicki <mwisnicki+freebsd@gmail.com>
In-Reply-To: <imqmfl$812$1@dough.gmane.org>
Message-ID: <20110330195614.P33521@sola.nimnet.asn.au>
References: <201103280614.p2S6EKUC032325@freefall.freebsd.org>
	<20110328064454.GA63583@onelab2.iet.unipi.it>
	<20110328173822.J33521@sola.nimnet.asn.au>
	<imqmfl$812$1@dough.gmane.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Cc: freebsd-ipfw@freebsd.org
Subject: Re: kern/155927: [ipfw] ipfw stops to check bags for compliance with
 the rules, letting everything Rules
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Mar 2011 09:35:20 -0000

On Mon, 28 Mar 2011, Marcin Wisnicki wrote:
 > On Mon, 28 Mar 2011 17:51:06 +1100, Ian Smith wrote:
 > 
 > > On Mon, 28 Mar 2011, Luigi Rizzo wrote:
 > >  > On Mon, Mar 28, 2011 at 06:14:20AM +0000, linimon@freebsd.org wrote:
 > >  > > Old Synopsis: Ipfw stops to check bags for compliance with the
 > >  > > rules, letting everything Rules New Synopsis: [ipfw] ipfw stops to
 > >  > > check bags for compliance with the rules, letting everything Rules
 > >  > > 
 > >  > > Responsible-Changed-From-To: freebsd-standards->freebsd-ipfw
 > >  > > Responsible-Changed-By: linimon
 > >  > > Responsible-Changed-When: Mon Mar 28 06:13:10 UTC 2011
 > >  > > Responsible-Changed-Why:
 > >  > > reclassify, although I do not think there is enough information
 > >  > > here to proceed.
 > >  > 
 > >  > interesting use of the term 'bag' for 'packet'!
 > > 
 > > Even with that cleared up, I can't make out what it may have to do with
 > > syslogging .. perhaps one of our Russian speakers could intermediate?
 > > 
 > 
 > I think it means that if newsyslog rotates /var/log/security then ipfw 
 > warnings are not logged anymore ;)

I've tried imagining how that could happen, without success - unless 
/var/log/security somehow wasn't truncated by newsyslog on rotation?

% grep security /etc/*syslog.conf
/etc/syslog.conf:security.*                             /var/log/security
/etc/newsyslog.conf:/var/log/security                   640  21    500  *  J

 > I haven't seen such behaviour myself and that file is handled by syslog 
 > just like many others.

+1.  Smells a bit like permissions .. from thousands of miles away :)

cheers, Ian