From owner-freebsd-ipfw@FreeBSD.ORG  Fri May  7 22:04:37 2010
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id E601F1065675;
	Fri,  7 May 2010 22:04:37 +0000 (UTC)
	(envelope-from julian@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40])
	by mx1.freebsd.org (Postfix) with ESMTP id D70078FC0A;
	Fri,  7 May 2010 22:04:37 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o47M4bM4035841;
	Fri, 7 May 2010 22:04:37 GMT
	(envelope-from julian@freefall.freebsd.org)
Received: (from julian@localhost)
	by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o47M4b8w035837;
	Fri, 7 May 2010 15:04:37 -0700 (PDT) (envelope-from julian)
Date: Fri, 7 May 2010 15:04:37 -0700 (PDT)
Message-Id: <201005072204.o47M4b8w035837@freefall.freebsd.org>
To: melifaro@ipfw.ru, julian@FreeBSD.org, freebsd-ipfw@FreeBSD.org
From: julian@FreeBSD.org
Cc: 
Subject: Re: kern/146372: [ipfw] ipfw setfib does not work on local outgoing
	connections
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 07 May 2010 22:04:38 -0000

Synopsis: [ipfw] ipfw setfib does not work on local outgoing connections

State-Changed-From-To: open->closed
State-Changed-By: julian
State-Changed-When: Fri May 7 15:00:00 PDT 2010
State-Changed-Why: 
Unfortunatly this is mostly unavoidable. The routing decision has already been made by the time that 
ipfw is called. There is a small possibility that  a change of fib could make the stack do teh same thing
as ipfw fwd and force he packet to go back to the start and get rerouted, but it's not quite as easy as that.

You should look at possibly setting the fib for the application in question or maybe jsut its socket
if you have source. contact me directly to get some ideas we may be able to work with you on.


http://www.freebsd.org/cgi/query-pr.cgi?pr=146372