Date: Mon, 2 Dec 2002 09:49:03 -0500 From: Don Bowman <don@sandvine.com> To: "'freebsd-net@freebsd.org'" <freebsd-net@freebsd.org> Subject: SO_DONTROUTE, arp's, ipfw fwd, etc Message-ID: <FE045D4D9F7AED4CBFF1B3B813C853370102309B@mail.sandvine.com>
next in thread | raw e-mail | index | archive | help
I have a setup where I have a transparent proxy using ipfw fwd (to localhost). Data is sent to this device using a MAC rewrite so that packets arrive with my MAC, but the original source and destination IP. When I receive the SYN, i accept the connection, which causes an ARP to be emitted for the source address, and then the SYN/ACK. Now, I would like to have my default route not be on the 'data' interface which has the ipfw rule. It seems like this would work if: a) the MAC address for the source address (the router which sent me the packet) was entered into the ARP cache automatically when the SYN was received. b) I used SO_DONTROUTE in my proxy application. Does anybody have any comments on that? Is there a reason that learning ARP entries isn't done passively? I assume that since the receive interface is cached in the syncache, and then proxied through to the PCB, that the SO_DONTROUTE will cause the return packets to go back through that same interface? Is there a simpler way? --don (don@sandvine.com www.sandvine.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FE045D4D9F7AED4CBFF1B3B813C853370102309B>