From nobody@FreeBSD.ORG Fri Aug 20 14:50:19 1999
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id EB34014D37; Fri, 20 Aug 1999 14:50:18 -0700 (PDT)
Message-Id: <19990820215018.EB34014D37@hub.freebsd.org>
Date: Fri, 20 Aug 1999 14:50:18 -0700 (PDT)
From: bks@CS.Berkeley.EDU
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@freebsd.org
Subject: ipfw does not permit multicast packets to pass when configured to do so.
X-Send-Pr-Version: www-1.0

>Number:         13273
>Category:       misc
>Synopsis:       ipfw does not permit multicast packets to pass when configured to do so.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Aug 20 15:00:01 PDT 1999
>Closed-Date:    Tue Aug 24 23:47:23 PDT 1999
>Last-Modified:  Tue Aug 24 23:49:16 PDT 1999
>Originator:     Brian Shiratsuki
>Release:        3.2-STABLE
>Organization:
University of California
>Environment:
FreeBSD destroyer.CS.Berkeley.EDU 3.2-STABLE
FreeBSD 3.2-STABLE #1: Tue Aug 10 20:32:52 PDT 1999
bks@destroyer.CS.Berkeley.EDU:/usrext/src/sys/compile/MASH  i386
>Description:
$fwcmd add pass all from 224.0.0.0/8 to ${ip}224.0.0.0/8
$fwcmd add pass all from ${ip} to 224.0.0.0/8

produces

ipfw: 2000 Deny P:2 128.32.35.1 224.0.0.1 in via fxp0
ipfw: 2000 Deny P:2 128.32.35.1 224.0.0.1 in via fxp0

>How-To-Repeat:
add $fwcmd's above to rc.firewall, and run sdr.
>Fix:


>Release-Note:
>Audit-Trail:

From: Ruslan Ermilov <ru@FreeBSD.ORG>
To: bks@CS.Berkeley.EDU
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: Re: misc/13273: ipfw does not permit multicast packets to pass when configured to do so.
Date: Sat, 21 Aug 1999 09:59:55 +0300

 On Fri, Aug 20, 1999 at 02:50:18PM -0700, bks@CS.Berkeley.EDU wrote:
 > 
 > $fwcmd add pass all from 224.0.0.0/8 to ${ip}224.0.0.0/8
 > $fwcmd add pass all from ${ip} to 224.0.0.0/8
 > 
 > produces
 > 
 > ipfw: 2000 Deny P:2 128.32.35.1 224.0.0.1 in via fxp0
 > ipfw: 2000 Deny P:2 128.32.35.1 224.0.0.1 in via fxp0
 > 
 `all' keyword is a synonym for `ip' (see `ipfw list' output).
 You need to add the following rule:
 
 $fwcmd add allow igmp ...
 
 Can I close this PR?
 -- 
 Ruslan Ermilov		Sysadmin and DBA of the
 ru@ucb.crimea.ua	United Commercial Bank,
 ru@FreeBSD.org		FreeBSD committer,
 +380.652.247.647	Simferopol, Ukraine
 
 http://www.FreeBSD.org	The Power To Serve
 http://www.oracle.com	Enabling The Information Age
 
State-Changed-From-To: open->closed 
State-Changed-By: ru 
State-Changed-When: Tue Aug 24 23:47:23 PDT 1999 
State-Changed-Why:  
Originator reports that the problem is fixed by properly configuring ipfw(8). 
>Unformatted:
