From nobody@FreeBSD.org  Mon Dec 20 10:54:33 2004
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 679A216A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 20 Dec 2004 10:54:33 +0000 (GMT)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5246E43D3F
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 20 Dec 2004 10:54:33 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id iBKAsWFL053087
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 20 Dec 2004 10:54:32 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id iBKAsW22053086;
	Mon, 20 Dec 2004 10:54:32 GMT
	(envelope-from nobody)
Message-Id: <200412201054.iBKAsW22053086@www.freebsd.org>
Date: Mon, 20 Dec 2004 10:54:32 GMT
From: Andrew Chikin <ac@inbox.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: I`ve got one more via in my ipfw rule.
X-Send-Pr-Version: www-2.3

>Number:         75297
>Category:       misc
>Synopsis:       I`ve got one more via in my ipfw rule.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    glebius
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 20 11:00:43 GMT 2004
>Closed-Date:    Tue Jan 25 07:26:58 GMT 2005
>Last-Modified:  Tue Jan 25 07:26:58 GMT 2005
>Originator:     Andrew Chikin
>Release:        5_3_RELEASE
>Organization:
frnet
>Environment:
# uname -a
FreeBSD cerber.xxx 5.3-RELEASE-p2 FreeBSD 5.3-RELEASE-p2 #1: Thu Dec 16
11:37:21 MSK 2004     root@cerber.xxx:/usr/obj/usr/src/sys/CERBER  i386
>Description:
#ipfw list
--
..skipped
02000 divert 8668 ip from any to any via 192.168.2.6 via
---------------------------------------------------- ^^^
02100 tee 199 ip from any to any via rl1
..skipped
--

/etc/rc.firewall:

case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
${fwcmd} add divert natd all from any to any via ${natd_interface}
fi
;;
esac


->
# ipfw del 2000
# ipfw add 2000 divert natd all from any to any via 192.168.2.6
02000 divert 8668 ip from any to any via 192.168.2.6 via

# ipfw del 2000
# ipfw add 2000 divert natd all from any to any
02000 divert 8668 ip from any to any

# ipfw del 2000
# ipfw add 2000 divert natd ip from any to any via rl0
02000 divert 8668 ip from any to any via rl0

So, if the natd_interface is given in numerical form, I`ve got on more "via" in my ipfw_rule.
But if natd_interface is given in alphabetic form - no problems.

p.s. natd work properly in both cases.

p.p.s. sorry for my english.

>How-To-Repeat:
# ipfw add 2000 divert natd all from any to any via 192.168.2.6
02000 divert 8668 ip from any to any via 192.168.2.6 via
>Fix:
      no idea. use alphabetical form :)
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->patched 
State-Changed-By: glebius 
State-Changed-When: Tue Jan 18 15:13:36 GMT 2005 
State-Changed-Why:  
Fixed in HEAD. 


Responsible-Changed-From-To: freebsd-bugs->glebius 
Responsible-Changed-By: glebius 
Responsible-Changed-When: Tue Jan 18 15:13:36 GMT 2005 
Responsible-Changed-Why:  
MFC reminder. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=75297 
State-Changed-From-To: patched->closed 
State-Changed-By: glebius 
State-Changed-When: Tue Jan 25 07:26:39 GMT 2005 
State-Changed-Why:  
MFC done. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=75297 
>Unformatted:
