Date: Sat, 11 Aug 2012 11:27:37 +0300 From: Nikolay Denev <ndenev@gmail.com> To: h bagade <bagadeh@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: problem using ng_patch Message-ID: <37DC844A-4A65-438D-8DD3-B8EFA7B7FE2A@gmail.com> In-Reply-To: <CAARSjE3LzvfMHQAT1OO4p5HCqaeDt5ykHNpsOX0-bqnjGLpieQ@mail.gmail.com> References: <CAARSjE3LzvfMHQAT1OO4p5HCqaeDt5ykHNpsOX0-bqnjGLpieQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 11, 2012, at 11:07 AM, h bagade <bagadeh@gmail.com> wrote:
> Hi all,
>=20
> I want to use the node ng_patch, to set the ToS field of special class =
of
> packets. I try to test the function by a simple test scenario and
> encountered problem using it. I have no idea why the problem occurs.
>=20
> Here I explain the test scenario I've used.
>=20
> I have a topology like this:
>=20
> =
|A:192.168.8.8|<---->|192.168.8.26--(B)--192.168.7.26|<---->|C:192.168.7.2=
0|
> --------------------------------
> A, C: two end stations
> B: a router
> --------------------------------
> netgraph settings:
> kldload ng_ipfw
> ngctl mkpeer ipfw: patch 300 in
> ngctl name ipfw:300 tos
> ngctl msg tos: setconfig {count=3D1 csum_flags=3D1 ops=3D[ {mode=3D1 =
value=3D0x05
> length=3D1 offset=3D1}]}
> --------------------------------
> ipfw rule:
> ipfw add 20 netgraph 300 icmp from any to 192.168.7.20
>=20
> This configuration works well and when A pings C or C pings A, the =
packets
> destined to 192.168.7.20(station C) gets the ToS: 0x05.
> The problem occurs when I change the ipfw rule to the following;
>=20
> ipfw add 20 netgraph 300 icmp from 192.168.7.20 to any
>=20
> By this rule, neither A can ping C nor C can ping A! the packets sent =
to
> ng_patch node never comes back to the next ipfw rule!
>=20
> I don't know what's the difference between these two scenarios (only =
the
> checking from destination address is changed to source address), but =
it's
> what I saw in my tests. I really hope to understand what's happening.
>=20
> Any hints or comments would help
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Hi,
Do you have "sysctl net.inet.ip.fw.one_pass=3D0" set?
Regards,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37DC844A-4A65-438D-8DD3-B8EFA7B7FE2A>