Skip site navigation (1)Skip section navigation (2) 
Date:      Wed,  6 Jun 2001 12:11:14 +0200 (CEST)
From:      quinot@inf.enst.fr
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   kern/27905: ipf unable to insert rule of 'log' is used
Message-ID:  <20010606101114.4F5C21134A@shalmaneser.enst.fr>
next in thread | raw e-mail | index | archive | help 

>Number:         27905
>Category:       kern
>Synopsis:       ipf unable to insert rule of 'log' is used
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jun 06 03:20:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Thomas Quinot
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:
System: 4.3-RELEASE FreeBSD 4.3-RELEASE #2: Wed Apr 25 12:49:18 CEST 2001


	
>Description:
With the following ipfilter config file:
---------- cut here
# Group 21 is outbound ACL for interface xl0
block out log quick on xl0 from any to any head 21

# Default is deny

#block out from any to any group 21
# This line works

block out log from any to any group 21
# With that line (same + 'log') ipf gets EEXIST when inserting the rule.

# Branch to group 211 for three hosts that require specific processing

skip 3 out from any to 10.10.0.142 group 21
skip 2 out from any to 10.10.0.140 group 21
skip 1 out from any to 10.10.0.154 group 21
skip 1 out from any to any group 21
block out log from any to any head 211 group 21
---------- cut here

when running 'ipf -I -Fa -f the_config_file', the following error
is produced:
  20:ioctl(add/insert rule): File exists

If the 'log' keyword is removed from line 20, then no error is
produced.

This problem is also reproduced with -CURRENT as of May 30th.

>How-To-Repeat:
	Cut/paste the ACL above to a file.
	Run ipf -I -Fa -f the_file
	Swap commenting-out of 'This line works/That line doesn't'
	Run ipf -I -Fa -f the_file again.
>Fix:

None known so far.
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010606101114.4F5C21134A>