From proks@photos.odtel.net  Fri Apr 11 00:10:30 2003
Return-Path: <proks@photos.odtel.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 01F3037B401
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 11 Apr 2003 00:10:30 -0700 (PDT)
Received: from photos.uptel.net (photos.uptel.net [195.138.160.125])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 743DC43F85
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 11 Apr 2003 00:10:28 -0700 (PDT)
	(envelope-from proks@photos.odtel.net)
Received: from photos.odtel.net (localhost [127.0.0.1])
	by photos.uptel.net (8.12.6/8.12.6) with ESMTP id h3B7APbW003897
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO)
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 11 Apr 2003 10:10:25 +0300 (EEST)
Received: (from proks@localhost)
	by photos.odtel.net (8.12.6/8.12.6/Submit) id h3B7AOh6003896;
	Fri, 11 Apr 2003 10:10:24 +0300 (EEST)
Message-Id: <200304110710.h3B7AOh6003896@photos.odtel.net>
Date: Fri, 11 Apr 2003 10:10:24 +0300 (EEST)
From: "Prokofiev S.P." <proks@uptel.net>
Reply-To: "Prokofiev S.P." <proks@uptel.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject:
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         50806
>Category:       kern
>Synopsis:       The action "skipto" does not work in ipfw2 on FreeBSD 5.0-RELEASE only
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    maxim
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Apr 11 00:20:07 PDT 2003
>Closed-Date:    Sun Apr 13 21:42:37 PDT 2003
>Last-Modified:  Sun Apr 13 21:42:37 PDT 2003
>Originator:     Prokofiev S.P.
>Release:        FreeBSD 5.0-RELEASE i386
>Organization:
>Environment:
 System: FreeBSD 5.0-RELEASE FreeBSD 5.0-RELEASE #1: Mon Mar 17 11:14:24 EET 2003
>Description:
 The action "skipto" does not work in ipfw2 on FreeBSD 5.0-RELEASE only.	
 How-To-Repeat:
 	ipfw add 300 skipto 400 log ip from $ip_any_host to me
 	ipfw add 350 count log ip from $ip_any_host to me
 	ipfw add 400 count log ip from $ip_any_host to me
  
 for example, ping this host from $any_ip, /var/log/security:
 
 Apr 10 15:20:09 my_host kernel: ipfw: 300 SkipTo 400 ICMP:0.0 ip_any_host
 ip_my_host in via fxp0
 Apr 10 15:20:09 my_host kernel: ipfw: 350 Count ICMP:0.0 ip_any_host
 ip_my_host in via fxp0
 Apr 10 15:20:09 my_host kernel: ipfw: 400 Accept ICMP:0.0 ip_any_host
 ip_my_host in via fxp0 
 
 ipfw show:
 
 00300	37011	10082852  skipto 400 log ip from $ip_any_host to me
 00350   37011   10082852  count log ip from $ip_any_host to me
 00400   37011   10082852  count log ip from $ip_any_host to me
 
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->freebsd-bugs 
Responsible-Changed-By: ceri 
Responsible-Changed-When: Fri Apr 11 13:07:23 PDT 2003 
Responsible-Changed-Why:  
Reassign misfiled PR. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=50806 
Responsible-Changed-From-To: freebsd-bugs->ipfw 
Responsible-Changed-By: dwmalone 
Responsible-Changed-When: Sun Apr 13 14:52:53 PDT 2003 
Responsible-Changed-Why:  
Assign this PR to the ipfw list. I'd guess this bug may already have 
been fixed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=50806 
State-Changed-From-To: open->closed 
State-Changed-By: maxim 
State-Changed-When: Sun Apr 13 21:41:12 PDT 2003 
State-Changed-Why:  
Already fixed in -CURRENT. Please check ERRATA for 5.0-RELEASE: 

http://www.freebsd.org/releases/5.0R/errata.html#AEN210 


Responsible-Changed-From-To: ipfw->maxim 
Responsible-Changed-By: maxim 
Responsible-Changed-When: Sun Apr 13 21:41:12 PDT 2003 
Responsible-Changed-Why:  
Already fixed in -CURRENT. Please check ERRATA for 5.0-RELEASE: 

http://www.freebsd.org/releases/5.0R/errata.html#AEN210 

http://www.freebsd.org/cgi/query-pr.cgi?pr=50806 
>Unformatted:
