Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 20 Dec 2004 10:54:32 GMT
From:      Andrew Chikin <ac@inbox.ru>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   misc/75297: I`ve got one more via in my ipfw rule.
Message-ID:  <200412201054.iBKAsW22053086@www.freebsd.org>
Resent-Message-ID: <200412201100.iBKB0h3v045919@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         75297
>Category:       misc
>Synopsis:       I`ve got one more via in my ipfw rule.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 20 11:00:43 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Andrew Chikin
>Release:        5_3_RELEASE
>Organization:
frnet
>Environment:
# uname -a
FreeBSD cerber.xxx 5.3-RELEASE-p2 FreeBSD 5.3-RELEASE-p2 #1: Thu Dec 16
11:37:21 MSK 2004     root@cerber.xxx:/usr/obj/usr/src/sys/CERBER  i386
>Description:
#ipfw list
--
..skipped
02000 divert 8668 ip from any to any via 192.168.2.6 via
---------------------------------------------------- ^^^
02100 tee 199 ip from any to any via rl1
..skipped
--

/etc/rc.firewall:

case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
${fwcmd} add divert natd all from any to any via ${natd_interface}
fi
;;
esac


->
# ipfw del 2000
# ipfw add 2000 divert natd all from any to any via 192.168.2.6
02000 divert 8668 ip from any to any via 192.168.2.6 via

# ipfw del 2000
# ipfw add 2000 divert natd all from any to any
02000 divert 8668 ip from any to any

# ipfw del 2000
# ipfw add 2000 divert natd ip from any to any via rl0
02000 divert 8668 ip from any to any via rl0

So, if the natd_interface is given in numerical form, I`ve got on more "via" in my ipfw_rule.
But if natd_interface is given in alphabetic form - no problems.

p.s. natd work properly in both cases.

p.p.s. sorry for my english.

>How-To-Repeat:
# ipfw add 2000 divert natd all from any to any via 192.168.2.6
02000 divert 8668 ip from any to any via 192.168.2.6 via
>Fix:
      no idea. use alphabetical form :)
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200412201054.iBKAsW22053086>