Date: Mon, 29 Aug 2005 08:24:28 +0300 From: "Donatas" <donatas@lrtc.net> To: "Julian Elischer" <julian@elischer.org>, <freebsd-net@freebsd.org> Subject: Re: routing problem (with corrected scheme) Message-ID: <004001c5ac59$eda111b0$9f90a8c0@donatas> References: <026001c59e7a$c6ca69c0$9f90a8c0@donatas> <42FBC0AE.8020803@elischer.org> <027701c59f02$0eb808a0$9f90a8c0@donatas> <42FCF148.5010400@elischer.org> <000d01c5a223$53799840$0500a8c0@donatas> <4306C04B.4010008@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Good morning,
after comprehensive tests I am glad to inform that your suggestions =
works just fine, so - thanks for help solving our problem.
Truth, i've got one question realated to the exampel rule below:
>ipfw add 1000 fwd ip4 ip from any to any out recv em0 xmit vlan{mumble}
After several tests i have recognized that localy generated packets =
(like icmp traffic) never matches this rule. The problem is in "xmit =
vlan{number}" part. Is it so because of different place of packet input? =
Transit packets come to firewall from ether_demux and passes the rule, =
while localy generated packets come to firewall from ip_input and fails =
on this rule? Using "pass" instead of "fwd" results in the same.
----- Original Message -----=20
From: "Julian Elischer" <julian@elischer.org>
To: "Donatas" <donatas@lrtc.net>
Sent: Saturday, August 20, 2005 8:31 AM
Subject: Re: routing problem (with corrected scheme)
> did my sugestion work?
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004001c5ac59$eda111b0$9f90a8c0>