From roderick@stud187236.mobiel.utwente.nl  Sat Jan 17 14:23:23 2004
Return-Path: <roderick@stud187236.mobiel.utwente.nl>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2335316A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Jan 2004 14:23:23 -0800 (PST)
Received: from netlx050.vf.utwente.nl (netlx050.vf.utwente.nl [192.87.17.19])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4E2A743D2D
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Jan 2004 14:23:21 -0800 (PST)
	(envelope-from roderick@stud187236.mobiel.utwente.nl)
Received: from stud187236.mobiel.utwente.nl (stud187236.mobiel.utwente.nl [130.89.187.236])
          by netlx050.vf.utwente.nl (8.11.7/HKD) with ESMTP id i0HMNDf22082
          for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Jan 2004 23:23:13 +0100
Received: from stud187236.mobiel.utwente.nl (localhost [127.0.0.1])
	by stud187236.mobiel.utwente.nl (8.12.10/8.12.10) with ESMTP id i0HMMX8V084522
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Jan 2004 23:22:33 +0100 (CET)
	(envelope-from roderick@stud187236.mobiel.utwente.nl)
Received: (from root@localhost)
	by stud187236.mobiel.utwente.nl (8.12.10/8.12.10/Submit) id i0HMMXGL084521;
	Sat, 17 Jan 2004 23:22:33 +0100 (CET)
	(envelope-from roderick)
Message-Id: <200401172222.i0HMMXGL084521@stud187236.mobiel.utwente.nl>
Date: Sat, 17 Jan 2004 23:22:33 +0100 (CET)
From: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Incorrect ip6fw output when adding rules
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         61502
>Category:       bin
>Synopsis:       Incorrect ip6fw output when adding rules
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    dwmalone
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jan 17 14:30:19 PST 2004
>Closed-Date:    Wed Oct 22 15:16:22 UTC 2008
>Last-Modified:  Wed Oct 22 15:16:22 UTC 2008
>Originator:     Roderick van Domburg
>Release:        FreeBSD 5.2-CURRENT sparc64
>Organization:
University of Twente 
>Environment:
System: FreeBSD stud187236.mobiel.utwente.nl 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Sun Jan 11 14:03:52 CET 2004 roderick@magog.student.utwente.nl:/usr/obj/usr/src/sys/MAGOG sparc64


	
>Description:
When adding IPv6 firewall rules without specifying a set rulenumber,
'ip6fw' incorrectly lists the new rule as being added as number 0000
even though it is added under a different rulenumber.
	
>How-To-Repeat:
1. Enable the IPv6 firewall service
2. Add any rule without specifying a number.
     Example: `ip6fw add allow tcp from any to any`
   ip6fw reports the rule being added as 0000.
3. Execute `ip6fw show`. The rule will have been added as 0100, assuming
   the ruleset was flushed. No matter if it was, the rule will have been
   assigned a correct number different from 0000.

However, executing `ip6fw add 100 allow tcp from any to any` during (2)
produces output as expected.

This incorrect behavior is _not_ displayed on plain IPv6 ipfw on sparc64.
I had no architectures readily available to see if all this was platform-
specific.
	
>Fix:
Unknown.
	


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->dwmalone 
Responsible-Changed-By: dwmalone 
Responsible-Changed-When: Sat Jan 17 14:32:30 PST 2004 
Responsible-Changed-Why:  
I'll have a look at this. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=61502 
State-Changed-From-To: open->closed 
State-Changed-By: dwmalone 
State-Changed-When: Wed Oct 22 15:13:58 UTC 2008 
State-Changed-Why:  
This is actully a quirk of how ip6fw decided to do it's rules 
setting. Because of the method used, there is no way for the 
kernel to export the actual rule number used without explicitly 
doing an ip6fw show. 

I'm going to close this, because the problem shouldn't be present 
in ipfw, which now does IPv6. 

David. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=61502 
>Unformatted:
