Current problem reports assigned to freebsd-ipfw@FreeBSD.org
Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description o kern/158066 ipfw [ipfw] ipfw + netgraph + multicast = multicast packets p kern/157957 ipfw [libalias][patch] alias_ftp does not alias data sessio p kern/157867 ipfw [patch][ipfw] natd globalport support for ipfw nat o kern/157796 ipfw [ipfw] IPFW in-kernel NAT nat loopback / Default Route o kern/157689 ipfw [ipfw] ipfw nat config does not accept nonexistent int p kern/157379 ipfw [ipfw] mtr does not work if I use ipfw nat p kern/157239 ipfw [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packet o kern/156770 ipfw [ipfw] [dummynet] [patch]: performance improvement and p bin/156653 ipfw ipfw(8) reports missing file as parameter problem f kern/155927 ipfw [ipfw] ipfw stops to check packets for compliance with o bin/153252 ipfw [ipfw][patch] ipfw lockdown system in subsequent call o kern/153161 ipfw IPFIREWALL does not allow specify rules with ICMP code o kern/152113 ipfw [ipfw] page fault on 8.1-RELEASE caused by certain amo p kern/150798 ipfw [ipfw] ipfw2 fwd rule matches packets but does not do o kern/148827 ipfw [ipfw] divert broken with in-kernel ipfw o kern/148689 ipfw [ipfw] antispoof wrongly triggers on link local IPv6 a o kern/148430 ipfw [ipfw] IPFW schedule delete broken. o kern/148091 ipfw [ipfw] ipfw ipv6 handling broken. p kern/147720 ipfw [ipfw] ipfw dynamic rules and fwd o kern/144269 ipfw [ipfw] problem with ipfw tables o kern/143973 ipfw [ipfw] [panic] ipfw forward option causes kernel reboo o kern/143621 ipfw [ipfw] [dummynet] [patch] dummynet and vnet use result o kern/143474 ipfw [ipfw] ipfw table contains the same address o kern/137346 ipfw [ipfw] ipfw nat redirect_proto is broken o kern/137232 ipfw [ipfw] parser troubles p kern/136695 ipfw [ipfw] [patch] fwd reached after skipto in dynamic rul o kern/135476 ipfw [ipfw] IPFW table breaks after adding a large number o p kern/131817 ipfw [ipfw] blocks layer2 packets that should not be blocke p kern/129093 ipfw [ipfw] ipfw nat must not drop packets f kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n p kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/127209 ipfw [ipfw] IPFW table become corrupted after many changes o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip p kern/122109 ipfw [ipfw] ipfw nat traceroute problem s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o bin/117214 ipfw ipfw(8) fwd with IPv6 treats input as IPv4 o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v f kern/91847 ipfw [ipfw] ipfw with vlanX as the device o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o bin/83046ipfw [ipfw] ipfw2 error: "setup" is allowed for icmp, but s o kern/82724 ipfw [ipfw] [patch] [request] Add setnexthop and defaultrou o bin/78785ipfw [patch] ipfw(8) verbosity locks machine if /etc/rc.fir o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes s kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o kern/46159 ipfw [ipfw] [patch] [request] ipfw dynamic rules lifetime f a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau 56 problems total. ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
Natd + dummynet
Hi, I try to use dummynet with natd, but I don't understand where I must write pipes/queues lines. I want to use fair queueing on my sdsl line, and I don't understand if I must write rules : 1) before the firsts lines of nat 2) Between nat and chek-state 3) before allow/deny 4) After allow/deny 5) After lasts natd lines. I wonder also if pipes rules replace allow rules : if a packet is accepted in a pipe, it's also allowed, isn't it ? My rules are : # Les paquets autorises sont nattes -> important $cmd 55300 divert 8868 ip from any to any in via $adsl1_if $cmd 55301 divert 8869 ip from any to any in via $adsl2_if $cmd 55302 divert 8870 ip from any to any in via $sdsl_if # On accepte les paquets autorises par keep-state $cmd 55320 check-state ... some deny/allow/skipto lines ... #nat everything that get's here, should be ok as local allowed in first $cmd 61000 divert 8868 ip from $interne to any in $cmd 61100 divert 8868 ip from $interne to any out $cmd 61300 allow all from any to any $cmd 62000 divert 8869 ip from $interne to any out $cmd 62500 divert 8869 ip from $interne to any in $cmd 62700 allow all from any to any $cmd 63000 divert 8870 ip from $interne_all to any out $cmd 63500 divert 8870 ip from $interne_all to any in $cmd 63600 allow all from any to any #policy route to send traffic to correct isp $cmd 61200 fwd $isp1 ip from $adsl1_ip to any $cmd 62550 fwd $isp2 ip from $adsl2_ip to any $cmd 63700 fwd $isp3 ip from $sdsl_ip to any $cmd 65534 allow all from any to any Tkanks for your help, Grégoire Leroy ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
