Date: Fri, 23 Dec 2005 00:54:05 +0100 (CET) From: Stefan `Sec` Zehl <sec@42.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/90834: ipfw fwd host,port is broken with udp Message-ID: <20051222235405.9631054A3@ice.42.org> Resent-Message-ID: <200512230200.jBN20JUf029707@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 90834 >Category: kern >Synopsis: ipfw fwd host,port is broken with udp >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Dec 23 02:00:18 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Stefan `Sec` Zehl >Release: FreeBSD 5.4-STABLE i386 >Organization: >Environment: System: FreeBSD elvis 5.4-STABLE FreeBSD 5.4-STABLE #8: Wed Oct 26 12:55:13 CEST 2005 root@elvis:/usr/obj/usr/src/sys/ELVIS i386 >Description: Redirecting udp packets to a different local port with "ipfw fwd" fails. The rule is matched (the counter in "ipfw show") increases, but the packet is still delivered to the original port and thus generates an icmp packet if nothin is listening there. >How-To-Repeat: ipfw add 100 fwd 10.1.1.3,8053 udp from any to 10.1.1.3 53 nc -vvul 10.1.1.3 8053 from another host nc -vvu 10.1.1.3 53 <enter text> Results in an icmp port unreachable, no text is received on the listening netcat instance >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051222235405.9631054A3>