From barney@pit.databus.com  Fri Nov 19 06:57:42 2004
Return-Path: <barney@pit.databus.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 57DFA16A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 19 Nov 2004 06:57:42 +0000 (GMT)
Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D146443D54
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 19 Nov 2004 06:57:41 +0000 (GMT)
	(envelope-from barney@pit.databus.com)
Received: from pit.databus.com (localhost [127.0.0.1])
	by pit.databus.com (8.13.1/8.13.1) with ESMTP id iAJ6vfd1002736
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 19 Nov 2004 01:57:41 -0500 (EST)
	(envelope-from barney@pit.databus.com)
Received: (from barney@localhost)
	by pit.databus.com (8.13.1/8.13.1/Submit) id iAJ6vflU002735;
	Fri, 19 Nov 2004 01:57:41 -0500 (EST)
	(envelope-from barney)
Message-Id: <200411190657.iAJ6vflU002735@pit.databus.com>
Date: Fri, 19 Nov 2004 01:57:41 -0500 (EST)
From: Barney Wolff <barney@pit.databus.com>
Reply-To: Barney Wolff <barney@pit.databus.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: ipfw2/1 conflict not detected or reported, manpage unclear
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         74104
>Category:       kern
>Synopsis:       [ipfw] ipfw2/1 conflict not detected or reported, manpage unclear
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ipfw
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Nov 19 07:00:49 GMT 2004
>Closed-Date:    Mon Jun 06 06:05:27 UTC 2011
>Last-Modified:  Mon Jun 06 06:05:27 UTC 2011
>Originator:     Barney Wolff
>Release:        FreeBSD 4.10-STABLE i386
>Organization:
Databus Inc.
>Environment:
System: FreeBSD pit.databus.com 4.10-STABLE FreeBSD 4.10-STABLE #1: Fri Nov 19 01:22:10 EST 2004 toor@pit.databus.com:/usr/obj/usr/src/sys/PIT i386


	
>Description:
	ipfw manpage for running ipfw2 under STABLE (RELENG-4) is not clear that
	kernel option IPFW2 is required along with IPFW2=TRUE in /etc/make.conf.
	The result is a system that appears to run but has no rules applied,
	because ipfw hangs and presumably the startup scripts never complete.
	There is no log entry indicating anything wrong.

>How-To-Repeat:
	add IPFW2=TRUE to /etc/make.conf without option IPFW2 in kernel conf.
>Fix:

	At the very minimum, clarify the manpage to indicate that the make.conf
	setting controls only world, not the kernel.  I at least was fooled,
	and I don't consider myself mentally challenged - although admittedly
	I should have taken the reference to buildworld as a hint.

	Beyond that, "it would be nice" if ipfw complained loudly on a mismatch
	between world and kernel conf.  Better, of course, would be a single
	flag to control both world and kernel, as there is no conceivable reason
	ever to want them out of sync.


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->ipfw 
Responsible-Changed-By: arved 
Responsible-Changed-When: Fri Nov 19 11:18:38 GMT 2004 
Responsible-Changed-Why:  
Over to ipfw mailinglist 

http://www.freebsd.org/cgi/query-pr.cgi?pr=74104 
State-Changed-From-To: open->closed 
State-Changed-By: ae 
State-Changed-When: Mon Jun 6 06:05:01 UTC 2011 
State-Changed-Why:  
We are sorry, but 4.x releases are not supported. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=74104 
>Unformatted:
