From root@a1poweruser.com  Thu Jan  1 10:32:59 2004
Return-Path: <root@a1poweruser.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6489E16A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  1 Jan 2004 10:32:59 -0800 (PST)
Received: from smtp.a1poweruser.com (oh-chardon-cmts6a-103.clvdoh.adelphia.net [67.20.101.103])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 593F043D45
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  1 Jan 2004 10:32:58 -0800 (PST)
	(envelope-from root@a1poweruser.com)
Received: by smtp.a1poweruser.com (Postfix, from userid 0)
	id 3080630F; Thu,  1 Jan 2004 13:33:37 -0500 (EST)
Message-Id: <20040101183337.3080630F@smtp.a1poweruser.com>
Date: Thu,  1 Jan 2004 13:33:37 -0500 (EST)
From: fbsd_user@a1poweruser.com
Reply-To: fbsd_user@a1poweruser.com
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: IPFW loadable module is useless as released
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         60790
>Category:       kern
>Synopsis:       IPFW loadable module is useless as released
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 01 10:40:10 PST 2004
>Closed-Date:    Thu Jan 01 11:14:35 PST 2004
>Last-Modified:  Thu Jan  1 11:40:09 PST 2004
>Originator:     Charlie &
>Release:        FreeBSD 4.7  4.9  5.2 RELEASE i386
>Organization:
>Environment:
Description: The IPFW loadable module was created with these options
Divert disabled, logging disabled, rule-based forwarding enabled, default to deny
Configured this way the loadable module is pretty much useless. 
So much so that it should not even have been created in the first place.

>Description:
>How-To-Repeat:
	
>Fix:
recompile the loadable module with all of the possable options enabled
execpt the default to pass option. Make it part of the next stable
 branch production release scheduled for May 2004  5.3 or 5.4 or whatever.


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: billf 
State-Changed-When: Thu Jan 1 11:12:26 PST 2004 
State-Changed-Why:  
use -DIPFIREWALL_DEFAULT_TO_ACCEPT to compile ipfw with a 
ruleset that permits all traffic 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60790 

From: "fbsd_user" <fbsd_user@a1poweruser.com>
To: <freebsd-gnats-submit@FreeBSD.org>
Cc:  
Subject: Re: kern/60790: IPFW loadable module is useless as released
Date: Thu, 1 Jan 2004 14:37:23 -0500

 You must have miss-read the problem description.
 
 The ipfw loadable module is useless as it's currently distributed
 with the FBSD operation system software.
 You need to correctly compile it with all the options and make it
 part of the new 5.2 version of FBSD
 when you release the next stable production 5.2 release.
 
 How does telling me to do my own kernel compile including IPFW fix
 this problem?
 This does not fix the problem for all the other users of the FBSD
 software.
 
 It has to be fixed at your end an made part of the next software
 release.
 
>Unformatted:
