From owner-freebsd-questions Wed May 29 8:29:41 2002 Delivered-To: freebsd-questions@freebsd.org Received: from blv-smtpout-01.boeing.com (blv-smtpout-01.boeing.com [192.161.36.5]) by hub.freebsd.org (Postfix) with ESMTP id 2166437B401 for ; Wed, 29 May 2002 08:29:34 -0700 (PDT) Received: from slb-av-01.boeing.com ([129.172.13.4]) by blv-smtpout-01.boeing.com (8.9.2/8.8.5-M2) with ESMTP id IAA05869; Wed, 29 May 2002 08:27:08 -0700 (PDT) Received: from blv-hub-01.boeing.com (localhost [127.0.0.1]) by slb-av-01.boeing.com (8.9.3/8.9.2/MBS-AV-01) with ESMTP id IAA08783; Wed, 29 May 2002 08:29:32 -0700 (PDT) Received: from xch-nwbh-02.nw.nos.boeing.com (xch-nwbh-02.nw.nos.boeing.com [192.54.12.28]) by blv-hub-01.boeing.com (8.11.3/8.11.3/MBS-LDAP-01) with ESMTP id g4TFTUH19268; Wed, 29 May 2002 08:29:30 -0700 (PDT) Received: by xch-nwbh-02.nw.nos.boeing.com with Internet Mail Service (5.5.2650.21) id ; Wed, 29 May 2002 08:29:30 -0700 Message-ID: From: "Albuquerque, Marcelo M" To: "'Mike Grissom'" Cc: freebsd-questions@freebsd.org Subject: RE: configuring dummynet/ipfw in bridging mode Date: Wed, 29 May 2002 08:29:22 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Thanks Mike. The "via fxp1" command worked but only if I am filtering all packets going through fxp1. However, what I really need is to filter packets that are both received on fxp0 AND transmitted on fxp1. In that case, using "in recv fxp0" and "via fxp1" in the same filter will not work (incompatible commands). I'll move this question to the freebsd-net. Thanks again. -----Original Message----- From: Mike Grissom [mailto:mikeyg@igalaxy.net] Sent: Tuesday, May 28, 2002 5:38 PM To: freebsd-questions@freebsd.org Subject: Re: configuring dummynet/ipfw in bridging mode With bridge enabled, you cannot use the "out" keyword in the rules because say it comes in on say fxp0 and goes out on fxp1, that means that fxp1 is actually sending it out so you would use "via fxp1" ----- Original Message ----- From: "Albuquerque, Marcelo M" To: Sent: Tuesday, May 28, 2002 5:14 PM Subject: configuring dummynet/ipfw in bridging mode > I am using FreeBSD 4.5 and have 3 NIC cards installed. Traffic is being > bridged between the three interfaces. I am trying to configure ipfw such > that I can have different impairments (delay, losses, etc..) between each > possible pair of NIC cards. It seems to be a simple setup but I'm having > problems getting it to work. The following is my testbed setup: > > ___________________ > | | > 192.168.1.1 ------------ | FreeBSD 4.5 Bridge | ------------ > 192.168.1.2 > |___________________| > | > | > 192.168.1.3 > > The following command works fine: ' ipfw add 100 deny ip from any to any > in recv fxp0 ' > The result is that when I ping from or to the ip address connected to fxp0 > it will timeout. > > I expected the same to happen with the following command: ' ipfw add 100 > deny ip from any to any out xmit fxp0 ' > The result is that pings from or to the ip address connected to fxp0 are > successful. The same happens if I replace 'xmit' with 'recv' > > My ultimate goal is to use the following command: ' ipfw add 100 deny ip > from any to any out recv fxp0 xmit fxp0 ' > This will also fail like in the previous case, even though this command is > shown as an example in the ipfw(8) documentation. This will allow me to have > a set of impairments for each pair of NICs, in each direction. > > The same thing happen if a pipe is created and configured with impairments > such as a 100ms delay. > > Can anyone help me figure out what is wrong with my setup/configuration. > > Thanks. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message