From gavin@itworks.com.au  Sun Aug 25 04:55:33 2002
Return-Path: <gavin@itworks.com.au>
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8CE8937B400
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 25 Aug 2002 04:55:33 -0700 (PDT)
Received: from itworks.com.au (dsl-210-15-243-112.Melbourne.netspace.net.au [210.15.243.112])
	by mx1.FreeBSD.org (Postfix) with SMTP id E795443E3B
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 25 Aug 2002 04:55:30 -0700 (PDT)
	(envelope-from gavin@itworks.com.au)
Received: (qmail 29665 invoked by uid 0); 25 Aug 2002 11:54:36 -0000
Message-Id: <20020825115436.29664.qmail@itworks.com.au>
Date: 25 Aug 2002 11:54:36 -0000
From: Gavin Cameron <gavin@itworks.com.au>
Reply-To: Gavin Cameron <gavin@itworks.com.au>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: IPFW2 forward rule fails
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         41996
>Category:       kern
>Synopsis:       IPFW2 forward rule fails
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    luigi
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Aug 25 05:00:10 PDT 2002
>Closed-Date:    Sun Nov 17 15:29:56 PST 2002
>Last-Modified:  Sun Nov 17 15:29:56 PST 2002
>Originator:     Gavin Cameron
>Release:        FreeBSD 4.6-STABLE i386
>Organization:
>Environment:
System: FreeBSD chip.gav.itworks.com.au 4.6-STABLE FreeBSD 4.6-STABLE #32: Sat Aug 24 23:13:23 EST 2002 gavin@chip.gav.itworks.com.au:/home2/src/FreeBSD/src/sys/compile/CHIP i386


	
>Description:

I've just enable IPFW2 on my -stable box.

Under IPFW I had a rule that forwarded outgoing mail to a local
port which had an encryption package listening on it. This
functionality worked fine.

Under IPFW2 the rule does not forward the packet to the local port.

The rule is

	add 3500 fwd 127.0.0.1,26 tcp from any to mail-server 25 out

I can talk to 127.0.0.1:26 just fine. Telneting to mail-server:25
gives

	telnet: connect to address xxx.xxx.xxx.xxx: Connection refused
	telnet: Unable to connect to remote host


	
>How-To-Repeat:

As above.
	
>Fix:

	


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->luigi 
Responsible-Changed-By: luigi 
Responsible-Changed-When: Sun Sep 22 11:25:58 PDT 2002 
Responsible-Changed-Why:  
my code -- this is fixed on -current, waiting for an MFC on -stable. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=41996 
State-Changed-From-To: open->closed 
State-Changed-By: luigi 
State-Changed-When: Sun Nov 17 15:29:10 PST 2002 
State-Changed-Why:  
fixed in 1.4.2.6 of src/sbin/ipfw2.c 

http://www.freebsd.org/cgi/query-pr.cgi?pr=41996 
>Unformatted:
