Date: Sat, 11 Aug 2012 12:37:59 +0430 From: h bagade <bagadeh@gmail.com> To: freebsd-net@freebsd.org Subject: problem using ng_patch Message-ID: <CAARSjE3LzvfMHQAT1OO4p5HCqaeDt5ykHNpsOX0-bqnjGLpieQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi all,
I want to use the node ng_patch, to set the ToS field of special class of
packets. I try to test the function by a simple test scenario and
encountered problem using it. I have no idea why the problem occurs.
Here I explain the test scenario I've used.
I have a topology like this:
|A:192.168.8.8|<---->|192.168.8.26--(B)--192.168.7.26|<---->|C:192.168.7.20|
--------------------------------
A, C: two end stations
B: a router
--------------------------------
netgraph settings:
kldload ng_ipfw
ngctl mkpeer ipfw: patch 300 in
ngctl name ipfw:300 tos
ngctl msg tos: setconfig {count=1 csum_flags=1 ops=[ {mode=1 value=0x05
length=1 offset=1}]}
--------------------------------
ipfw rule:
ipfw add 20 netgraph 300 icmp from any to 192.168.7.20
This configuration works well and when A pings C or C pings A, the packets
destined to 192.168.7.20(station C) gets the ToS: 0x05.
The problem occurs when I change the ipfw rule to the following;
ipfw add 20 netgraph 300 icmp from 192.168.7.20 to any
By this rule, neither A can ping C nor C can ping A! the packets sent to
ng_patch node never comes back to the next ipfw rule!
I don't know what's the difference between these two scenarios (only the
checking from destination address is changed to source address), but it's
what I saw in my tests. I really hope to understand what's happening.
Any hints or comments would help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAARSjE3LzvfMHQAT1OO4p5HCqaeDt5ykHNpsOX0-bqnjGLpieQ>