[ Charset ISO-8859-1 unsupported, converting... ] > sad, but > ipfw add pipe 1 ip from any to any out recv vlan10 xmit vlan1000 > ipfw add pipe 2 ip from any to any out recv vlan11 xmit vlan1000 > doesn't seems to work :( > > i've noticed if in one ipfw rule i describe directions on two interfaces - > rule doesn't work... > example: > simplified test machine: > remote icmp 8--------fxp0[vlan10]---rl0----------remote icmp2 > > "log ip from any to any" shows: > accept icmp:8.0 10.10.10.2 192.168.144.254 in via vlan10 > accept icmp:8.0 10.10.10.2 192.168.144.254 out via rl0 > accept icmp:2.0 192.168.144.254 10.10.10.2 in via rl0 > accept icmp:2.0 192.168.144.254 10.10.10.2 out via vlan10 > > > so, 2 rules should be enough > ipfw add pass all from any to any in via vlan10 out via rl0 > ipfw add pass all from any to any in via rl0 out via vlan10 > packets do not pass through these rules... > of course "via" can be changed to "recv" or "xmit" accordingly, but i don't > think i makes any sense You are mistaken. Do I wrote you literally except interface names.
> for creating a pipe between vlan10 and rl0 i cannot base on something working > like: > ipfw add pipe 1 all from any to any via vlan10, because it is not suitable in > my case... > > ipfw add pipe 1 ip from any to any out recv vlan10 xmit vlan1000 > > ipfw add pipe 2 ip from any to any out recv vlan11 xmit vlan1000 > > > > or may be better (not exact your ask) > > > > ipfw add pipe 1 ip from any to any in recv vlan10 > > ipfw add pipe 2 ip from any to any in recv vlan11 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
