Date: Fri, 28 Feb 2003 15:57:04 +0300 (MSK) From: Maxim Konovalov <maxim@FreeBSD.org> To: denb <denb@front.ru> Cc: ipfw@FreeBSD.org, hackers@FreeBSD.org Subject: Re: Question about divert in ipfw2 on 5.0 release Message-ID: <20030228155353.I91707@news1.macomnet.ru> In-Reply-To: <200302281010.h1SAA3VD087527@www3.mailru.com> References: <200302281010.h1SAA3VD087527@www3.mailru.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, On 13:10+0300, Feb 28, 2003, denb wrote: > I write program simular to natd, witch receives packets at divert port X. > Question: > On ipfw1 (FreeBSD 4.7) this rules work excellent: > > ipfw add divert X from any to any Y > ipfw add divert X from any Y to any > > We're diverting all received and sended packets (from\to port Y) to divert port X. > But these rules are not working together with ipfw2 (5.0 Release). Each single rule > works fine, but when i combine them together only first of them triggers. The order > doesn't matter. > > What am I doing wrong? Can't reproduce: # ipfw add 1 divert 1111 tcp from any to any 1973 00001 divert 1111 tcp from any to any dst-port 1973 # ipfw add 2 divert 1111 tcp from any 1973 to any 00002 divert 1111 tcp from any 1973 to any # nc localhost 1973 # nc -p 1973 localhost 21 # ipfw show 1 2 00001 1 60 divert 1111 tcp from any to any dst-port 1973 00002 1 60 divert 1111 tcp from any 1973 to any What am I doing wrong? :-) -- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030228155353.I91707>