From nobody@FreeBSD.org Fri Apr 8 15:13:31 2011 Return-Path: Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 75CE9106564A for ; Fri, 8 Apr 2011 15:13:31 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 671DC8FC0C for ; Fri, 8 Apr 2011 15:13:31 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p38FDV2Z007418 for ; Fri, 8 Apr 2011 15:13:31 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id p38FDVKW007414; Fri, 8 Apr 2011 15:13:31 GMT (envelope-from nobody) Message-Id: <201104081513.p38FDVKW007414@red.freebsd.org> Date: Fri, 8 Apr 2011 15:13:31 GMT From: JJ Cummings To: freebsd-gnats-submit@FreeBSD.org Subject: [if_bridge][divert][ipfw] unable to correctly re-inject packets into an unnumbered, bridged interface using divert sockets X-Send-Pr-Version: www-3.1 X-GNATS-Notify: >Number: 156279 >Category: kern >Synopsis: [if_bridge][divert][ipfw] unable to correctly re-inject packets into an unnumbered, bridged interface using divert sockets >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-net >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Apr 08 15:20:09 UTC 2011 >Closed-Date: >Last-Modified: Sat Apr 09 20:21:16 UTC 2011 >Originator: JJ Cummings >Release: 8.1-RELEASE >Organization: SourceFire / Snort >Environment: FreeBSD apsis.sf.com 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:55:53 UTC 2010 root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 >Description: More information, in terms of troubleshooting can be found here: http://forums.freebsd.org/showthread.php?t=22648 The short of it is that I cannot seem to get any process (snort or otherwise) to re-inject packets into an unnumbered if_bridge using ipfw and divert sockets. >How-To-Repeat: Follow the steps outlined at http://forums.freebsd.org/showthread.php?t=22648 >Fix: >Release-Note: >Audit-Trail: Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Sat Apr 9 20:20:17 UTC 2011 Responsible-Changed-Why: not sure how to classify this one, but give it a shot anyway. http://www.freebsd.org/cgi/query-pr.cgi?pr=156279 >Unformatted: