Date: Thu, 13 Jun 2002 11:57:26 -0700 (PDT) From: Walid Nehme <walidn@yahoo.com> To: freebsd questions <freebsd-questions@freebsd.org> Subject: net.inet.ip.fw.one_pass (ipfw , dummynet, Bridge) Message-ID: <20020613185726.56388.qmail@web10003.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Dear sirs. I installed freebsd 4.5 and configured my kernel to work as a bridge with ipfw and dummynet. bridge is working cool with dummynet, but in documentations all over the internet says that net.inet.ip.fw.one_pass if given a "0" value the packages getting out from the traffic shaper will be reinjected to continue throught the rules of the firewall. but that is not happening here. after shapping i want to specify the ipaddress that would see the internet. the shapper i made for the whole rang that i have 10.20.0.0:255.255.0.0. It should not pass the traffic to the whole rang because after the shapper i put deny from any to any. what is happening is that my machines after the freebsd is geting the traffic as these packages are collected with the deny rule, when net.inet.ip.fw.one_pass=0. if changing it to 1 , the machines still get the traffic but deny rule dont show anything. Q- How to rule the firewall so that after the shapping the traffic won't be send to the machines if i didnt include a pass rule for their IPaddress??? __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020613185726.56388.qmail>