Date: Fri, 20 Jun 2003 14:18:17 -0400 From: Don Bowman <don@sandvine.com> To: 'Luigi Rizzo' <rizzo@icir.org>, Don Bowman <don@sandvine.com> Cc: "'freebsd-net@freebsd.org'" <freebsd-net@freebsd.org> Subject: RE: nested ipfw dummynet pipes Message-ID: <FE045D4D9F7AED4CBFF1B3B813C8533702741AF6@mail.sandvine.com>
next in thread | raw e-mail | index | archive | help
From: Luigi Rizzo [mailto:rizzo@icir.org] > > On Fri, Jun 20, 2003 at 01:41:21PM -0400, Don Bowman wrote: > > is there any way, in a bridging config, to have nested pipes? > > net.inet.ip.fw.one_pass=0 should do the job, i think the comment > in the manpage is now incorrect and the code (in net/bridge.c) > has been fixed (one-line) to implement this. > > Check the commit logs, i don't have them handy at the moment. Thanks very much, I will check this. I assume this will be true for IPFW2 rather than IPFW. It appears that 1.16.2.23, nov 21 2002, RELENG_4 has this from the log: "MFC: obey to fw_one_pass in bridge and layer 2 firewalling (the latter only affects ipfw2 users). Move fw_one_pass from ip_fw[2].c to ip_input.c to avoid depending on IPFIREWALL." I will try this out.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FE045D4D9F7AED4CBFF1B3B813C8533702741AF6>