From nobody@FreeBSD.org  Sun Apr 13 05:58:58 2014
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hub.freebsd.org (Postfix) with ESMTPS id C56EE127
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 13 Apr 2014 05:58:58 +0000 (UTC)
Received: from cgiserv.freebsd.org (cgiserv.freebsd.org [IPv6:2001:1900:2254:206a::50:4])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id B326219D5
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 13 Apr 2014 05:58:58 +0000 (UTC)
Received: from cgiserv.freebsd.org ([127.0.1.6])
	by cgiserv.freebsd.org (8.14.8/8.14.8) with ESMTP id s3D5wwPl045721
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 13 Apr 2014 05:58:58 GMT
	(envelope-from nobody@cgiserv.freebsd.org)
Received: (from nobody@localhost)
	by cgiserv.freebsd.org (8.14.8/8.14.8/Submit) id s3D5wwLU045720;
	Sun, 13 Apr 2014 05:58:58 GMT
	(envelope-from nobody)
Message-Id: <201404130558.s3D5wwLU045720@cgiserv.freebsd.org>
Date: Sun, 13 Apr 2014 05:58:58 GMT
From: Bill Yuan <bycn82@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: ipfw option `in` is not working on FreeBSD
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         188542
>Category:       misc
>Synopsis:       ipfw option `in` is not working on FreeBSD
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr 13 06:00:00 UTC 2014
>Closed-Date:    Sun Apr 13 10:42:59 UTC 2014
>Last-Modified:  Sun Apr 13 10:42:59 UTC 2014
>Originator:     Bill Yuan
>Release:        10 Release
>Organization:
cozilyworks
>Environment:
FreeBSD FB10 10.0-RELEASE FreeBSD 10.0-RELEASE #0: Sun Apr 13 03:14:30 HKT 2014     root@FB10:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
according to the man page, the rule option `in|out` are still supported in FreeBSD10. But somehow the rule with in did not match anything in my case.
>How-To-Repeat:
root@FB10:~ # ipfw -f flush
Flushed all rules.
//Create rules <---------------------------------
root@FB10:~ # ipfw add count all from any to any MAC any any in via em0
00100 count ip from any to any MAC any any in via em0
root@FB10:~ # ipfw add count all from any to any MAC any any via em0
00200 count ip from any to any MAC any any via em0
//Check counters<-----------------------------------
root@FB10:~ # ipfw show
00100    0      0 count ip from any to any MAC any any in via em0 
00200   26   2232 count ip from any to any MAC any any via em0
65535 3453 293448 allow ip from any to any

>Fix:


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Sun Apr 13 10:42:46 UTC 2014 
State-Changed-Why:  
see kern/188543. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=188542 
>Unformatted:
