From owner-freebsd-bugs@FreeBSD.ORG Fri Jan 2 08:40:04 2009 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7639A1065670 for ; Fri, 2 Jan 2009 08:40:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 506A58FC0C for ; Fri, 2 Jan 2009 08:40:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n028e4ht046028 for ; Fri, 2 Jan 2009 08:40:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n028e4fr046027; Fri, 2 Jan 2009 08:40:04 GMT (envelope-from gnats) Resent-Date: Fri, 2 Jan 2009 08:40:04 GMT Resent-Message-Id: <200901020840.n028e4fr046027@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Eugen Konkov Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 38CC41065670 for ; Fri, 2 Jan 2009 08:38:49 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 2528A8FC08 for ; Fri, 2 Jan 2009 08:38:49 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n028cmtR028829 for ; Fri, 2 Jan 2009 08:38:48 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id n028cmP3028828; Fri, 2 Jan 2009 08:38:48 GMT (envelope-from nobody) Message-Id: <200901020838.n028cmP3028828@www.freebsd.org> Date: Fri, 2 Jan 2009 08:38:48 GMT From: Eugen Konkov To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: misc/130109: Can not set fib for packets originated from local host X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jan 2009 08:40:04 -0000 >Number: 130109 >Category: misc >Synopsis: Can not set fib for packets originated from local host >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Jan 02 08:40:03 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Eugen Konkov >Release: 7.1-PRERELEASE >Organization: ISP Konkov >Environment: kes# uname -a FreeBSD kes.net.ua 7.1-PRERELEASE FreeBSD 7.1-PRERELEASE #: Sun Nov 23 17:19:12 EET 2008 kes@home.kes.net.ua:/usr/obj/usr/src/sys/KES_KERN_v7 i386 >Description: Packets originated from localhost are goes out with FIB 0 and can not be changed. by having two routing tables and rl0, rl1 external, rl2 internal you can: ipfw add 3 setfib 1 from any to any in recv rl2 so packet originated from LAN (rl2) will out with rl1 interface. But packet originated from localhost (from router itself) has FIB = 0. and rule: ipfw add 2 setfib 1 from any to any out xmit rl0 has no effect =( >How-To-Repeat: setfib 0 route add default G.A.T.E1 setfib 1 route add default G.A.T.E2 ipfw add 2 setfib 1 from any to any out xmit rl0 ipfw add 3 setfib 1 from any to any in recv rl2 Packets originated from LAN (rl2) will out with rl1 because of FIB =1. (NOTICE ipfw rule 3) But packets originated from router itself will out with rl0, because of FIB=0. and ipfw rule 2 has no any effect because of packet already routed >Fix: I suggest that packet is routed and then it put into ipfw. If so you must reroute packet if it have been changed its FIB. You must not put packet to ipfw again, because of this will result next problem: packet will never leave router: ipfw add 1 setfib 1 from any to any out xmit rl0 ipfw add 2 setfib 0 from any to any out xmit rl1 >Release-Note: >Audit-Trail: >Unformatted: