5.3 IPFW bug
Andre Oppermann
andre at freebsd.org
Wed Dec 15 05:12:29 PST 2004
Dmitry A. Bondareff wrote:
> Hello hackers!
>
> Today I upgraded my 5.2.1-p11 box up to 5.3-p2.
> My firewall rules includes like this:
> ...
> /sbin/ipfw add tee 10000 ip from 1.2.3.4 to 4.3.2.1
> ...
> On 5.2.1-FreeBSD it's works fine.
> But FreeBSD 5.3 halted each time!!!
>
> After changed "tee 10000" to "allow" now works all fine.
>
> Is this bug ??
No. It was a bug before. 'tee' now behaves as it should and
your packet gets copied and delivered to the divert socket and
it continues with the next rule. Prior to 5.3 it was terminating
the rule processing and accepting the packet the moment the 'tee'
action was hit.
--
Andre
More information about the freebsd-hackers
mailing list