Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Oct 1998 07:55:42 -0400 (EDT)
From:      Vince Vielhaber <vev@michvhf.com>
To:        Luigi Rizzo <luigi@labinfo.iet.unipi.it>
Cc:        freebsd-net@FreeBSD.ORG
Subject:   Re: ipfw and dummynet
Message-ID:  <Pine.HPP.3.94.981013063312.13506F-100000@cinnamon.michvhf.com>
In-Reply-To: <199810130138.CAA21888@labinfo.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, 13 Oct 1998, Luigi Rizzo wrote:

> > I installed the patches to 2.2.7-REL for dummynet and enabled it in 
> > the kernel and built a new kernel with these options:
> 
> First and most important:  how do your sources (src/sys/netinet)
> compare with the ones in -stable ? i thought you were using -stable,
> which is much more up-to-date than the version on my web page
> (especially for bugfixes).

It is now at -stable (I sent Luigi the diffs off list), only difference
was the jumpto stuff.

> * have you seen any difference by adding a catchall rule (much like
>   setting IPFIREWALL_DEFAULT_TO_ACCEPT ?)

I rebuilt with this, and here's the output of ipfw show and ipfw pipe show

01000        720      50963 pipe 1 ip from any to any
65535          0          0 allow ip from any to any


00001: 800.000 Mbit/s    0 ms 100 sl.  -- 0 pkts (0 B) 0 drops

Note, I was able to access it from the local subnet, but nowhere else.
This was immediately after bootup.

> 
> * does local traffic always flow ?

As far as I can tell, yes.  The server's showing no backlogs.

> 
> * have you tried pinging a remote host for which you already have an
>   ARP cache entry ?

Only things I see there are local.

> 
> * what is the output of "ipfw show" "ipfw pipe show" "netstat -nr"
>   while traffic is being blocked ?

show and pipe show are above, I blew the -nr and did -ns.  Now traffic
is flowing again so I'll pass it along once things stop again.

Vince.
-- 
==========================================================================
Vince Vielhaber -- KA8CSH   email: vev@michvhf.com   flame-mail: /dev/null
       # include <std/disclaimers.h>                   TEAM-OS2
   Online Searchable Campground Listings    http://www.camping-usa.com
       "There is no outfit less entitled to lecture me about bloat
               than the federal government"  -- Tony Snow
==========================================================================







To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.HPP.3.94.981013063312.13506F-100000>