From owner-freebsd-net@freebsd.org  Sat Oct 10 13:21:02 2015
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 876409D2546
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Sat, 10 Oct 2015 13:21:02 +0000 (UTC)
 (envelope-from archycho@gmail.com)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 64960A8F
 for <freebsd-net@freebsd.org>; Sat, 10 Oct 2015 13:21:02 +0000 (UTC)
 (envelope-from archycho@gmail.com)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 61CE29D2545; Sat, 10 Oct 2015 13:21:02 +0000 (UTC)
Delivered-To: net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 492EF9D2544
 for <net@mailman.ysv.freebsd.org>; Sat, 10 Oct 2015 13:21:02 +0000 (UTC)
 (envelope-from archycho@gmail.com)
Received: from mail-pa0-x244.google.com (mail-pa0-x244.google.com
 [IPv6:2607:f8b0:400e:c03::244])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 1CFA1A8A
 for <net@freebsd.org>; Sat, 10 Oct 2015 13:21:02 +0000 (UTC)
 (envelope-from archycho@gmail.com)
Received: by pablk4 with SMTP id lk4so13360179pab.1
 for <net@freebsd.org>; Sat, 10 Oct 2015 06:21:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=content-type:mime-version:subject:from:in-reply-to:date:cc
 :message-id:references:to;
 bh=GvWqLyvBwot+5Pcqcbh+Ip56hq3dBCD5YcETw1FBtg8=;
 b=JBfGDcnCTXywU0JpZW4NQHAkTSvKGvAUkZkhmp/o+OSdQp0PU1Srl+uDsWPFgBggXv
 3gsAWJBxOObPnIg8DIykhjMZpOa4IaSFaEzrI69ZZ92axwXN5BoEq6p4mbwwR0jdiadn
 hY0b7aBvD96QOXsQcESvf4uPzRwayAxmmyPi5rYZP/uK+Y0ddA3K8d+CpZbVVPXMFTXc
 t1aGwyAxsIbcdoxCmM0LgZsvlgM6E/xs+OiBwXdfiv5y61sf0pMq8JsJDrUa3jNvaadP
 Ujtjnz14YSn3Qn3shntpr5n7YyOrzSEKTvhEKsHkpasXAwv4roSwa2ar3su+WYUiPt+m
 tFnw==
X-Received: by 10.68.69.108 with SMTP id d12mr22063529pbu.137.1444483261725;
 Sat, 10 Oct 2015 06:21:01 -0700 (PDT)
Received: from [192.168.168.178] (183179028116.ctinets.com. [183.179.28.116])
 by smtp.gmail.com with ESMTPSA id
 z6sm8244593pbt.51.2015.10.10.06.21.00
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Sat, 10 Oct 2015 06:21:01 -0700 (PDT)
Mime-Version: 1.0 (Mac OS X Mail 9.0 \(3094\))
Subject: Re: Freebsd 10.2 amd64 netmap ipfw
From: Archy Cho <archycho@gmail.com>
In-Reply-To: <70A66D48-19E8-4C32-B2A7-5173C82CE3C1@netgate.com>
Date: Sat, 10 Oct 2015 21:20:58 +0800
Cc: net@freebsd.org,
 rizzo@iet.unipi.it
Message-Id: <7337D8A6-B708-425B-B5B3-9E8FFBB8C411@gmail.com>
References: <803EEF77-2371-4F1C-9251-0BCB47897879@gmail.com>
 <70A66D48-19E8-4C32-B2A7-5173C82CE3C1@netgate.com>
To: Jim Thompson <jim@netgate.com>
X-Mailer: Apple Mail (2.3094)
X-Mailman-Approved-At: Sat, 10 Oct 2015 13:33:21 +0000
Content-Type: text/plain;
	charset=big5
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.20
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Oct 2015 13:21:02 -0000

Dear Jim and all

My map as follow:

+---------------------+            +---------------------------------+   =
          +------------------------+
| Cisco Router        |            | Freebsd 10.2 amd64 custom kernel|   =
          | Linux box with         |
| IP 10.0.85.1/30     |            | recompiled with "device netmap" |   =
          | IP 172.16.0.1/30       |
|                     | +--------->+ ix0 =3D 10.0.85.2/30              | =
<-----------+ control the Freebsd box=20
|                     |            | ix1 =3D down                      | =
            | via ssh                |
|                     |            | igb0 =3D 172.16.0.2/30            | =
            |                        |
+---------------------+            +---------------------------------+   =
          +------------------------+

1) I have recompiled the kernel with device netmap
2) I downloaded the next.zip and compiled got the kipfw and ipfw
3) I connect via linux box , ssh 172.16.0.2

Do anyone advise , how could I enable netmap ipfw to filter traffic from =
Cisco Router ?

Archy Cho

> Jim Thompson <jim@netgate.com> =A9=F3 2015=A6~10=A4=EB10=A4=E9 =
=A4W=A4=C81:14 =BCg=B9D=A1G
>=20
>=20
>> On Oct 9, 2015, at 7:14 AM, Archy Cho <archycho@gmail.com> wrote:
>>=20
>> I think I must misunderstand something , could anyone send me advise?
>> Or any documents could help to build a NETMAP IPFW firewall box ?
>=20
> See the last several paragraphs of:=20
>=20
> https://github.com/luigirizzo/netmap-ipfw/blob/next/README
>=20
> Note that the "telnet localhost 5566" traffic generator hack mentioned =
in the README doesn't work without a recompile, but you won't need it =
for running real traffic.
>=20
> Jim
>=20