Date: Fri, 9 Oct 2015 18:14:58 +0800 From: Archy Cho <archycho@gmail.com> To: net@freebsd.org, rizzo@iet.unipi.it Subject: Freebsd 10.2 amd64 netmap ipfw Message-ID: <803EEF77-2371-4F1C-9251-0BCB47897879@gmail.com>
next in thread | raw e-mail | index | archive | help
Dear All I wish to try the new netmap driver with IPFW2 and dummynet. I have google around and could not find any documents of all steps to = set a working filtering box. I have recompile the kernel with the followings. ########################################### cpu HAMMER ident ROUTER options DUMMYNET options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT device pf device pflog device pfsync options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_CDNR options ALTQ_PRIQ options ALTQ_NOPCC options TCP_SIGNATURE options IPSEC options IPSEC_FILTERTUNNEL device cryptodev device crypto options HZ=3D1000 device carp device netmap ########################################### /etc/rc.conf as follow: ########################################### firewall_enable=3D"YES" firewall_script=3D"/etc/rc.firewall" firewall_type=3D"/etc/ipfw.conf" firewall_quiet=3D"YES" firewall_logging_enable=3D=A1=A7YES" ########################################### /etc/ipfw.conf ########################################### add 65535 pass ip from any to any ########################################### with command ipfw show ,=20 ########################################### 65535 369224 135934287 allow ip from any to any ########################################### I have downloaded https://github.com/luigirizzo/netmap/archive/master.zip = <https://github.com/luigirizzo/netmap/archive/master.zip>; https://github.com/luigirizzo/netmap-ipfw/archive/next.zip = <https://github.com/luigirizzo/netmap-ipfw/archive/next.zip>; and compiled with the command make NETMAP_INC=3D/root/netmap-master/src after getting kipfw , and try the command , ./kipfw netmap:ix0 netmap:ix1 all connection lost with ix0 ( I just ping the connecting IP address ) ifconfig ix0 ix0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu = 1500 = options=3D8407bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCS= UM,TSO4,TSO6,LRO,VLAN_HWTSO> ether 00:1b:21:ba:89:50 inet 10.0.85.2 netmask 0xfffffffc broadcast 10.0.85.3=20 nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect (10Gbase-SR <full-duplex>) status: active I think I must misunderstand something , could anyone send me advise? Or any documents could help to build a NETMAP IPFW firewall box ? Thanks all for kindly helping hands. ArchyCho
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?803EEF77-2371-4F1C-9251-0BCB47897879>