Hi,
Thanks, it's working!
raj
On Thu, Mar 10, 2011 at 4:02 PM, Julian Elischer wrote:
> yes, you are missing the fact that the return packets will never be accepted
> unless you have an ipfw rule saying:
>
> fwd localhost ip from any to any uid {uid of your process} in recv {your
> interface}
_
Hello all,
I am testing IP_BINDANY functionality with a small C program. I can
bind to a foreign (non existing) address, and syn packets are being
sent with the bound source IP address and port. Return (ACK) packets
are reaching the host (I can see the SYN-ACK packet in tcpdump), but
the third pac
On Sat, May 24, 2008 at 6:09 AM, Julian Elischer <[EMAIL PROTECTED]> wrote:
> subject says it all really..
I am using pf and rtable to setfib and get an pfctl: DIOCADDRULE:
Device busy when trying to load "pass in quick on fxp0 from any to any
keep state rtable 1"
I can successfully load "pass in
Hi,
I am trying to connect an ng_nat node between ng_ether:upper and
ng_ether:lower so that all packets traversing via ng_ether node gets
nat'd. But it does not seems to be working.
I am using the follwoing commands to connect rl1: and ng_nat
ngctl mkpeer rl1: nat upper out
ngctl name rl1:upper
On 4/7/07, Bruce M. Simpson <[EMAIL PROTECTED]> wrote:
Rajkumar S wrote:
> I have a low cost 128kbps and a high cost 512 kbps link to internet.
> Is it possible to do a "spillover" routing
This feature is almost certainly not going to be present in the base
system.
Hi,
I have a low cost 128kbps and a high cost 512 kbps link to internet.
Is it possible to do a "spillover" routing so that the high cost link
is used only when the low cost link is, say, used more than 80%.
I have seen this work in Sonicwall, from it's Manual:
Spillover-Based -- when selected,
Hi,
I am trying to install SafeNet 1141 support in one of the freebsd
boxes here. according to safe(4), I have to add "device safe" into my
kernel config and compile to enable hardware crypto acceleration. But
after I boot with safe module enabled I get a kernel panic.
The last couple of lines i
On 8/30/06, Gleb Smirnoff <[EMAIL PROTECTED]> wrote:
The cookie shouldn't be NGM_GENERIC_COOKIE, but should be NGM_BPF_COOKIE.
Thanks a lot, it's working now!
raj
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/fr
Hi,
I am trying to write a program to create a bpf node and assign a bpf
filter to that node. I am able to create the node and attch the node
to 3 other nodes, but not settng up a bpf filter to the node.
I am initialising the ng_bpf_hookprog struct using the following code:
struct ng_bpf_hookpr
On 8/28/06, Rajkumar S <[EMAIL PROTECTED]> wrote:
On 8/26/06, Ruslan Ermilov <[EMAIL PROTECTED]> wrote:
> + msg bpf: setprogram { thisHook="in1" ifNotMatch="mixed" }
This is not working, and I get an error:
ngctl: send msg: Invalid argument
Did some m
On 8/26/06, Ruslan Ermilov <[EMAIL PROTECTED]> wrote:
No, but it's trivial to set up ng_bpf(4) to do it. Since the
default BPF program will be non-matching, "ifNotMatch" action
should be used.
Cool!!
While testing this I ran into some difficulty.
# ngctl
[...]
+ mkpeer bpf mixed mixed
+ nam
On 8/26/06, Julian Elischer <[EMAIL PROTECTED]> wrote:
in addition arbtrarily complicated switching can be done with the ng_bpf
node though it takes more to set it up.
Thanks, I have a question related to the use of ng_bpf, I will post
that in a seperate thread.
there may be other nods that c
Hi,
In the ng_split node is it possible to merge 2 incoming streams into
mixed, while all packets received at mixed goes via out? If merge node
does not support that, is there any other way to get the same result?
regards,
raj
___
freebsd-net@freebsd.
On 8/20/06, Julian Elischer <[EMAIL PROTECTED]> wrote:
while the above seems harsh it turns out that /sys/netinet/ip_input.c is
in fact a very easy file to
read due to the serial nature of ip processing.. give it a try
Sure, Thanks a lot, I am just getting my feet wet in freebsd!
raj
_
On 8/19/06, Ruslan Ermilov <[EMAIL PROTECTED]> wrote:
On Sat, Aug 19, 2006 at 07:05:49PM +0530, Rajkumar S wrote:
> Any points to docs to read about a packet's traversal in FreeBSD ip
> stack? (especially wrt pf)
>
What level of detalization do you need? Filters, such as
On 8/19/06, Ruslan Ermilov <[EMAIL PROTECTED]> wrote:
On Sat, Aug 19, 2006 at 05:44:39PM +0530, Rajkumar S wrote:
> The man page states
>
> DESCRIPTION
> The ip_input node type takes all received packets and queues them into
> the IP in input processing subsystem.
Hi,
The man page states
DESCRIPTION
The ip_input node type takes all received packets and queues them into
the IP in input processing subsystem.
Can some one elaborate where does this come in ip stack and what does
this node do? I am not able to understand this just by reading the man
p
Hi,
Is it possible to take a packet from netgraph to userspace and drop it
there? ie, can I
insert some netgraph node between say lower and upper of a ng_ether
push the packets to
userspace [snort] for some processing and possibly either drop it there?
I know that NgSendData and NgRecvData can
18 matches
Mail list logo
