From owner-freebsd-net@freebsd.org Sat Aug 24 22:03:29 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6BBCACC59C for ; Sat, 24 Aug 2019 22:03:29 +0000 (UTC) (envelope-from yuri@rawbw.com) Received: from shell1.rawbw.com (shell1.rawbw.com [198.144.192.42]) by mx1.freebsd.org (Postfix) with ESMTP id 46GC2R6hsxz4CnQ for ; Sat, 24 Aug 2019 22:03:27 +0000 (UTC) (envelope-from yuri@rawbw.com) Received: from yv.noip.me (c-67-180-169-236.hsd1.ca.comcast.net [67.180.169.236]) (authenticated bits=0) by shell1.rawbw.com (8.15.1/8.15.1) with ESMTPSA id x7OM3PFa053925 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Sat, 24 Aug 2019 15:03:26 -0700 (PDT) (envelope-from yuri@rawbw.com) X-Authentication-Warning: shell1.rawbw.com: Host c-67-180-169-236.hsd1.ca.comcast.net [67.180.169.236] claimed to be yv.noip.me From: Yuri Subject: Trying to understand why the ipfw rules don't work on lo0 To: "freebsd-net@freebsd.org" Message-ID: Date: Sat, 24 Aug 2019 15:03:23 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 46GC2R6hsxz4CnQ X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of yuri@rawbw.com designates 198.144.192.42 as permitted sender) smtp.mailfrom=yuri@rawbw.com X-Spamd-Result: default: False [-5.72 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[236.169.180.67.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:198.144.192.32/27]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; DMARC_NA(0.00)[rawbw.com]; NEURAL_HAM_SHORT(-0.98)[-0.984,0]; RCVD_IN_DNSWL_NONE(0.00)[42.192.144.198.list.dnswl.org : 127.0.10.0]; TO_DN_EQ_ADDR_ALL(0.00)[]; IP_SCORE(-2.54)[ip: (-5.82), ipnet: 198.144.192.0/20(-3.11), asn: 7961(-3.71), country: US(-0.05)]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:7961, ipnet:198.144.192.0/20, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 22:03:29 -0000 I'm forwarding TCP connections coming to me on a particular port to the other interface. It works fine when the connection originates from the outside host. It doesn't work when the connection originates from my own host. The description is here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239590 Connections originating from my own host are automatically made on lo0, and the same ipfw rule that works on the physical network interface doesn't work on lo0. Is this a bug, or am I doing something wrong? Thank you, Yuri