From owner-freebsd-ipfw Fri Oct 11 9:45:44 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC6FD37B401 for ; Fri, 11 Oct 2002 09:45:43 -0700 (PDT) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1538B43E7B for ; Fri, 11 Oct 2002 09:45:43 -0700 (PDT) (envelope-from ddolson@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id <42S94XDS>; Fri, 11 Oct 2002 12:45:42 -0400 Message-ID: From: Dave Dolson To: "'freebsd-ipfw@freebsd.org'" Subject: Problem diverting bridged packets Date: Fri, 11 Oct 2002 12:45:35 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Is anyone aware of an ipfw1 issue with diverting packets from the bridge? I'm finding that a rule like the following will cause the packets to be dropped and not diverted. # ipfw add 400 accept icmp from 1.1.1.10 to 1.1.1.4 bridge (Addresses 1.1.1.10 and 1.1.1.4 are on opposite sides of the local machine.) I'm running -stable 4.6 code, but not quite the latest, so sorry if this is old news. 4.6-RELEASE FreeBSD 4.6-RELEASE #7 I know that my divert client is working properly because it properly reads and re-inserts packets for non-divert rules involving packets for the local host (not bridged). E.g., this works fine (1.1.1.1 is the local host) divert 9001 icmp from 1.1.1.10 to 1.1.1.1 Thanks, David Dolson Senior Software Engineer Sandvine Incorporated. Tel: 519-880-2400 x2737 www.sandvine.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message