Lytochkin Boris wrote:
Hi!
sbin/ipfw in RELENG_8 do not set sin_len in fwd rule, so sockaddr_in
from ipfw is sucked into rtalloc1_fib() at last with zero length and
is routed to lo0 instead of correct interface.
Returning sin_len into sbin/ipfw resolves issue.
sin_len setting was removed in revision 1.146 by luigi.
What is correct solution? Return sin_len setting into sbin/ipfw or
something else?
poke luigi
On Fri, Dec 4, 2009 at 11:47 AM, Lytochkin Boris <lytbo...@gmail.com> wrote:
Hi!
It seems that FreeBSD 8 has ipfw fwd and pf's route-to malfunctioning:
1) ipfw fwd
a) net.inet.ip.forwarding = 0
Packets altered by fwd rule are silently dropped somewhere
between ip_output() checking forward tag and bpf (tcpdump does not
show these packets)
b) net.inet.ip.forwarding = 1
Packets altered by fwd rule are forwarded according to normal
routing table (in my case they were forwarded to default gateway), not
fwd statement
2) pf route-to
Both values of net.inet.ip.forwarding replicates 1b case.
Sample configs
1) ipfw
add 60 fwd 10.60.128.254 ip from 10.60.128.0/24 to any out
add 65534 allow ip from any to any
2) pf
scrub in all fragment reassemble
pass in all flags S/SA keep state
pass out quick route-to (em0 10.60.128.254) inet from 10.60.128.0/24
to any flags S/SA keep state
~>uname -a
FreeBSD thost 8.0-PRERELEASE FreeBSD 8.0-PRERELEASE #5: Wed Dec 2
13:43:48 MSK 2009 r...@thost:/usr/obj/usr/src/sys/CSUP amd64
--
Regards,
Boris Lytochkin
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
