From owner-freebsd-ipfw@FreeBSD.ORG Mon Mar 28 11:02:12 2005 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F8DE16A4CE for ; Mon, 28 Mar 2005 11:02:12 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 257BA43D46 for ; Mon, 28 Mar 2005 11:02:12 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j2SB2CEg035939 for ; Mon, 28 Mar 2005 11:02:12 GMT (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j2SB2B5K035931 for ipfw@freebsd.org; Mon, 28 Mar 2005 11:02:11 GMT (envelope-from owner-bugmaster@freebsd.org) Date: Mon, 28 Mar 2005 11:02:11 GMT Message-Id: <200503281102.j2SB2B5K035931@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster To: ipfw@FreeBSD.org Subject: Current problem reports assigned to you X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Mar 2005 11:02:12 -0000 Current FreeBSD problem reports Critical problems Serious problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2003/04/22] kern/51274 ipfw ipfw2 create dynamic rules with parent nu f [2003/04/24] kern/51341 ipfw ipfw rule 'deny icmp from any to any icmp o [2003/12/11] kern/60154 ipfw ipfw core (crash) o [2004/03/03] kern/63724 ipfw IPFW2 Queues dont t work f [2004/03/25] kern/64694 ipfw [ipfw] UID/GID matching in ipfw non-funct o [2004/11/13] kern/73910 ipfw [ipfw] serious bug on forwarding of packe o [2004/11/19] kern/74104 ipfw ipfw2/1 conflict not detected or reported o [2004/12/25] i386/75483 ipfw ipfw count does not count 8 problems total. Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- a [2001/04/13] kern/26534 ipfw Add an option to ipfw to log gid/uid of w o [2002/12/10] kern/46159 ipfw ipfw dynamic rules lifetime feature o [2003/02/11] kern/48172 ipfw ipfw does not log size and flags o [2003/03/10] kern/49086 ipfw [patch] Make ipfw2 log to different syslo o [2003/04/09] bin/50749 ipfw ipfw2 incorrectly parses ports and port r o [2003/08/26] kern/55984 ipfw [patch] time based firewalling support fo o [2003/12/30] kern/60719 ipfw ipfw: Headerless fragments generate cryp o [2004/08/03] kern/69963 ipfw ipfw: install_state warning about already o [2004/09/04] kern/71366 ipfw "ipfw fwd" sometimes rewrites destination 9 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Mon Mar 28 12:47:13 2005 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 32E9216A4CE for ; Mon, 28 Mar 2005 12:47:13 +0000 (GMT) Received: from mail8.dr.myx.net (ns8.dr.myx.net [217.10.193.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id 555F343D2F for ; Mon, 28 Mar 2005 12:47:12 +0000 (GMT) (envelope-from hpuiu@xentra.ro) Received: from xentra (unknown [84.247.40.98]) by mail8.dr.myx.net (mydomain.myx.net) with ESMTP id 5C0AC292FD8 for ; Mon, 28 Mar 2005 15:47:10 +0300 (EEST) Message-ID: <002101c53394$43dd9a60$6228f754@xentra> From: "Puiu @ Xentra" To: Date: Mon, 28 Mar 2005 15:47:12 +0300 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2527 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: ipfw+dummynet - TCP connections fail X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Mar 2005 12:47:13 -0000 Hi, I have a small LAN behind a FreeBSD box connected to internet. I have installed pppoe+freeradius to give access to internet to = computers from the LAN, everything works fine. I decided to setup ipfw+dummynet for traffic shaping and here a=20 problem occurs. If I set up even a single pipe without anything else the TCP connections doesn't work anymore. For e.g. : ipfw -q add pipe 1 ip from any to any in via rl1 ipfw -q pipe 1 config bw 512Kbit/s this causes all TCP connections to fail ( although existing TCP = connections are still working, I can't initiate new TCP connections ) also tried : ipfw -q add pipe 1 ip from any to 84.247.XX.0/24 in via rl1 ipfw -q pipe 1 config bw 512Kbit/s same thing happends. ipfw -q add pipe 1 ip from any to 84.247.XX.0/24 in via tunX ipfw -q pipe 1 config bw 512Kbit/s this works, but it is not useful since I have to shape the traffic from the external interface and not the one from a single ppp tun interface ( one user ) queues doesn't work either : ipfw -q add 000400 pipe 1 ip from any to any in via rl1 ipfw -q pipe 1 config bw 512Kbit/s ipfw -q queue 1 config pipe 1 weight 10 ipfw -q add 000401 queue 1 ip from any to 84.247.XX.YY/32 this also causes TCP connections to fail. 84.247.XX.00/24 - the network fro which IPs are provided to the LAN computers when they are connecting to pppoe rl1 - the NIC that connects to internet tunXX - interfaces for the connected users. Looked everywhere, but I haven't found any answer. I have used ipfw+dummynet in another LAN ( without pppoe ) and it works fine. Any ideas please ? Regards, Puiu Hrenciuc.