Dear All I wish to try the new netmap driver with IPFW2 and dummynet.
I have google around and could not find any documents of all steps to set a working filtering box. I have recompile the kernel with the followings. ########################################### cpu HAMMER ident ROUTER options DUMMYNET options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT device pf device pflog device pfsync options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_CDNR options ALTQ_PRIQ options ALTQ_NOPCC options TCP_SIGNATURE options IPSEC options IPSEC_FILTERTUNNEL device cryptodev device crypto options HZ=1000 device carp device netmap ########################################### /etc/rc.conf as follow: ########################################### firewall_enable="YES" firewall_script="/etc/rc.firewall" firewall_type="/etc/ipfw.conf" firewall_quiet="YES" firewall_logging_enable=“YES" ########################################### /etc/ipfw.conf ########################################### add 65535 pass ip from any to any ########################################### with command ipfw show , ########################################### 65535 369224 135934287 allow ip from any to any ########################################### I have downloaded https://github.com/luigirizzo/netmap/archive/master.zip <https://github.com/luigirizzo/netmap/archive/master.zip> https://github.com/luigirizzo/netmap-ipfw/archive/next.zip <https://github.com/luigirizzo/netmap-ipfw/archive/next.zip> and compiled with the command make NETMAP_INC=/root/netmap-master/src after getting kipfw , and try the command , ./kipfw netmap:ix0 netmap:ix1 all connection lost with ix0 ( I just ping the connecting IP address ) ifconfig ix0 ix0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8407bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWTSO> ether 00:1b:21:ba:89:50 inet 10.0.85.2 netmask 0xfffffffc broadcast 10.0.85.3 nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect (10Gbase-SR <full-duplex>) status: active I think I must misunderstand something , could anyone send me advise? Or any documents could help to build a NETMAP IPFW firewall box ? Thanks all for kindly helping hands. ArchyCho _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
