Apologies if this is something silly but I want to completely eliminate
ipfw from outgoing traffic perspective. I just want to have it on
incoming. I can always add "allow ip from any to any out" as the first
rule but that is still ipfw doing something.
Is there a way to tell ipfw to not look at o
Getting back to this now to see if I can avoid ipfw on outgoing packets.
@@ -500,7 +507,7 @@ ipfw_hook(int onoff, int pf)
hook_func = (pf == AF_LINK) ? ipfw_check_frame : ipfw_check_packet;
(void) (onoff ? pfil_add_hook : pfil_remove_hook)
- (hook_func, NULL, PFIL_IN |
On 05/21/15 at 12:42P, hiren panchasara wrote:
> Getting back to this now to see if I can avoid ipfw on outgoing packets.
>
> @@ -500,7 +507,7 @@ ipfw_hook(int onoff, int pf)
> hook_func = (pf == AF_LINK) ? ipfw_check_frame : ipfw_check_packet;
>
> (void) (ono
On 05/21/15 at 02:05P, hiren panchasara wrote:
> On 05/21/15 at 12:42P, hiren panchasara wrote:
> > Getting back to this now to see if I can avoid ipfw on outgoing packets.
> >
> > @@ -500,7 +507,7 @@ ipfw_hook(int onoff, int pf)
> > hook_func = (pf ==
This is driving me nuts. I've had an ipfw/dummynet working config on
separate setup and the same thing doesn't work on this new setup I have
so I tried to narrow it down and removed all complexity and trying to
see if this works on just single host. But it doesn't work as I expect
it to. I am prett
On 07/18/15 at 12:40P, hiren panchasara wrote:
> This is driving me nuts. I've had an ipfw/dummynet working config on
> separate setup and the same thing doesn't work on this new setup I have
> so I tried to narrow it down and removed all complexity and trying to
> see if thi
Bah.
So I removed ipfw and dummynet from kernconf and loaded them manually
after machine came up and it worked as expected.
Looks like some ordering issue between ipfw and dummynet. Fwiw, for
working setup, kldstat shows:
132 0x81e21000 21490ipfw.ko
141 0x81e43000 d0f
(For various reason's I didn't get/see Ian's message. Trying to do the
right thing by setting "In-Reply-To".)
On 07/27/15 at 01:07P, Ian Smith wrote:
> On Sun, 19 Jul 2015 21:05:53 -0700, hiren panchasara wrote:
> > Bah.
> >
> > So I removed i
