Date: Mon, 15 Sep 2003 22:31:30 +0300 (E. Europe Daylight Time) From: "daniel@guitar.ro" <daniel@guitar.ro> To: <freebsd-ipfw@freebsd.org> Subject: Re: ipfw2 Message-ID: <3F661392.000001.01980@COSTI> References: <3F65F83E.2050908@tenebras.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--------------Boundary-00=_IWS9QL80000000000000 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Another issue : is ipfw / ipfw2 not working with "fwd" if the computer is acting as a bridge?=0D =0D [bridge /]7# sysctl -a | grep ipfw=0D net.link.ether.bridge_ipfw: 1=0D net.link.ether.bridge_ipfw_drop: 0=0D net.link.ether.bridge_ipfw_collisions: 0=0D net.link.ether.ipfw: 1=0D [bridge /]8#=0D =0D [bridge /]9# ipfw -a l | grep 193.213.153=0D 00010 0 0 fwd 217.156.120.41 ip from 193 213.153.0/24 to any=0D 00011 3805 172520 deny tcp from 193.213.153.0/24 to any =0D [bridge /]10#=0D =0D [bridge /]9# uname -a=0D FreeBSD bridge.something.net 5.1-RELEASE FreeBSD 5.1-RELEASE #5: Wed Aug = 20 01:25:19 EEST 2003 root@bridge.something.net:/usr/src/sys altq/i386/compile/SMP i386=0D [bridge /]10#=0D =0D =0D So, the first rule doesn't work, the second works. Why's that ?=0D =0D =0D Dan Caescu=0D =0D -------Original Message-------=0D =0D From: Michael Sierchio=0D Date: Monday, September 15, 2003 8:36:46 PM=0D To: Sean Hafeez=0D Cc: freebsd-ipfw@freebsd.org=0D Subject: Re: ipfw2=0D =0D Sean Hafeez wrote:=0D > I am having a hard time figuring something out about IPFW2. I am =0D > currently using a built of 4.8 with IPFW and DUMMYNET as a rateshapping= =0D > router. I have tried to build a kernel with the IPFW2 options but then = I =0D > seem to have issues with using DUMMYNET. The ipfw pipe comments give =0D > errors and core dumps. Am I missing something?=0D =0D USING IPFW2 IN FreeBSD-STABLE=0D ipfw2 is standard in FreeBSD CURRENT, whereas FreeBSD STABLE still uses=0D ipfw1 unless the kernel is compiled with options IPFW2, and /sbin/ipfw=0D and /usr/lib/libalias are recompiled with -DIPFW2 and reinstalled (the=0D same effect can be achieved by adding IPFW2=3DTRUE to /etc/make.conf befo= re=0D a buildworld).=0D =0D # echo "IPFW2=3D YES" >> /etc/make.conf=0D # cd /usr/src/lib/libalias=0D # make clean && make && make install && make clean=0D # cd /usr/src/sbin/ipfw=0D # make clean && make && make install && make clean=0D =0D -- =0D =0D "Well," Brahma said, "even after ten thousand explanations, a fool is no=0D wiser, but an intelligent man requires only two thousand five hundred."=0D - The Mahabharata=0D =0D _______________________________________________=0D freebsd-ipfw@freebsd.org mailing list=0D http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw=0D To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"=0D =2E=20 --------------Boundary-00=_IWS9QL80000000000000--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F661392.000001.01980>