Hi! It seems that FreeBSD 8 has ipfw fwd and pf's route-to malfunctioning: 1) ipfw fwd a) net.inet.ip.forwarding = 0 Packets altered by fwd rule are silently dropped somewhere between ip_output() checking forward tag and bpf (tcpdump does not show these packets) b) net.inet.ip.forwarding = 1 Packets altered by fwd rule are forwarded according to normal routing table (in my case they were forwarded to default gateway), not fwd statement
2) pf route-to Both values of net.inet.ip.forwarding replicates 1b case. Sample configs 1) ipfw add 60 fwd 10.60.128.254 ip from 10.60.128.0/24 to any out add 65534 allow ip from any to any 2) pf scrub in all fragment reassemble pass in all flags S/SA keep state pass out quick route-to (em0 10.60.128.254) inet from 10.60.128.0/24 to any flags S/SA keep state ~>uname -a FreeBSD thost 8.0-PRERELEASE FreeBSD 8.0-PRERELEASE #5: Wed Dec 2 13:43:48 MSK 2009 r...@thost:/usr/obj/usr/src/sys/CSUP amd64 -- Regards, Boris Lytochkin _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
