From jh@cr1003333-a.crdva1.bc.wave.home.com  Sun Sep 27 21:34:42 1998
Received: from cr1003333-a.crdva1.bc.wave.home.com (cr1003333-a.crdva1.bc.wave.home.com [24.113.51.240])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA27354
          for <FreeBSD-gnats-submit@freebsd.org>; Sun, 27 Sep 1998 21:34:41 -0700 (PDT)
          (envelope-from jh@cr1003333-a.crdva1.bc.wave.home.com)
Received: (from jh@localhost)
	by cr1003333-a.crdva1.bc.wave.home.com (8.9.1/8.8.7) id VAA01315;
	Sun, 27 Sep 1998 21:34:31 -0700 (PDT)
Message-Id: <199809280434.VAA01315@cr1003333-a.crdva1.bc.wave.home.com>
Date: Sun, 27 Sep 1998 21:34:31 -0700 (PDT)
From: Jonathan Hanna <jh@cr1003333-a.crdva1.bc.wave.home.com>
Reply-To: pangolin@home.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: ipfw flags size change causes ICMP filter to fail
X-Send-Pr-Version: 3.2

>Number:         8067
>Category:       bin
>Synopsis:       ipfw flags size change causes ICMP filter to fail
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Sep 27 21:40:00 PDT 1998
>Closed-Date:    Mon Sep 28 15:56:46 PDT 1998
>Last-Modified:  Mon Sep 28 15:57:40 PDT 1998
>Originator:     Jonathan Hanna
>Release:        FreeBSD 3.0-BETA i386
>Organization:
>Environment:

Current as of ip_fw.h 1.35, I think.

>Description:

"fill_icmptypes", uses the old size for fw_flg, and forgets IP_FW_F_ICMPBIT.

>How-To-Repeat:

# ipfw add deny icmp from any to any in via de0 icmptype 5
00000 deny icmp from any to any in recv de0

>Fix:
	
--- ipfw.c.save	Sun Sep 27 20:38:01 1998
+++ ipfw.c	Sun Sep 27 21:19:05 1998
@@ -747,7 +747,7 @@
 fill_icmptypes(types, vp, fw_flg)
 	u_long *types;
 	char **vp;
-	u_short *fw_flg;
+	u_int *fw_flg;
 {
 	char *c = *vp;
 
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: alex 
State-Changed-When: Mon Sep 28 15:56:46 PDT 1998 
State-Changed-Why:  
Patch applied to rev 1.60 of src/sbin/ipfw/ipfw.c.  Thanks! 
>Unformatted:
