Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2005-01-21 Thread Maxim Konovalov
Andre, Is your silence is an approval to commit a diff in kern/73129? On Wed, 12 Jan 2005, 13:26+0300, Maxim Konovalov wrote: > On Sat, 11 Dec 2004, 11:58+0100, Andre Oppermann wrote: > > > Edwin Groothuis wrote: > > > > > > On Sun, Dec 05, 2004 at 01:14:49AM +0300, Gleb Smirnoff wrote: > > > >

Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2005-01-12 Thread Edwin Groothuis
On Wed, Jan 12, 2005 at 01:26:52PM +0300, Maxim Konovalov wrote: > On Sat, 11 Dec 2004, 11:58+0100, Andre Oppermann wrote: > > > Edwin Groothuis wrote: > > > > > > On Sun, Dec 05, 2004 at 01:14:49AM +0300, Gleb Smirnoff wrote: > > > > On Sun, Dec 05, 2004 at 12:53:52AM +0300, Maxim Konovalov wrote

Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2005-01-12 Thread Maxim Konovalov
On Sat, 11 Dec 2004, 11:58+0100, Andre Oppermann wrote: > Edwin Groothuis wrote: > > > > On Sun, Dec 05, 2004 at 01:14:49AM +0300, Gleb Smirnoff wrote: > > > On Sun, Dec 05, 2004 at 12:53:52AM +0300, Maxim Konovalov wrote: > > > M> IMHO restoring the historic behaviour (even broken in some respect

Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2004-12-11 Thread Andre Oppermann
Edwin Groothuis wrote: > > On Sun, Dec 05, 2004 at 01:14:49AM +0300, Gleb Smirnoff wrote: > > On Sun, Dec 05, 2004 at 12:53:52AM +0300, Maxim Konovalov wrote: > > M> IMHO restoring the historic behaviour (even broken in some respects) > > M> is the best thing we can do at the moment. > > > > + my

Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2004-12-11 Thread Edwin Groothuis
On Sun, Dec 05, 2004 at 01:14:49AM +0300, Gleb Smirnoff wrote: > On Sun, Dec 05, 2004 at 12:53:52AM +0300, Maxim Konovalov wrote: > M> IMHO restoring the historic behaviour (even broken in some respects) > M> is the best thing we can do at the moment. > > + my vote. Mine too. > Using 'ipfw fwd'

Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2004-12-04 Thread Gleb Smirnoff
On Sun, Dec 05, 2004 at 12:53:52AM +0300, Maxim Konovalov wrote: M> IMHO restoring the historic behaviour (even broken in some respects) M> is the best thing we can do at the moment. + my vote. Using 'ipfw fwd' on packets just being nated, is a very common and used technique. I know several place

Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2004-12-04 Thread Maxim Konovalov
On Sat, 4 Dec 2004, 21:37+0100, Andre Oppermann wrote: [...] > > Investigating pre-PFIL_HOOKS ipfw I have not found any analog of > > this check. These checks do break some useful functionality: > > > > 1) policy routing of hosts from connected networks > > 2) policy routing of locally originated

Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2004-12-04 Thread Andre Oppermann
Gleb Smirnoff wrote: > > Andre, > > what is reason for these two checks in ip_output(): > > if (!in_localip(ip->ip_src) && !in_localaddr(ip->ip_dst)) { > dst = (struct sockaddr_in *)&ro->ro_dst; > bcopy((fwd_tag+1), dst, sizeof(

Re: kern/73129: [patch] IPFW misbehaviour in RELENG_5

2004-12-02 Thread Gleb Smirnoff
Andre, what is reason for these two checks in ip_output(): if (!in_localip(ip->ip_src) && !in_localaddr(ip->ip_dst)) { dst = (struct sockaddr_in *)&ro->ro_dst; bcopy((fwd_tag+1), dst, sizeof(struct sockaddr_in));