Date: Mon, 14 Apr 2008 14:39:48 -0400 From: Jung-uk Kim <jkim@FreeBSD.org> To: freebsd-net@FreeBSD.org Cc: Eugene Grosbein <eugen@kuzbass.ru> Subject: Re: bpf does not see packets forwarded with ipfw fwd Message-ID: <200804141439.52231.jkim@FreeBSD.org> In-Reply-To: <20080412062251.GA2199@svzserv.kemerovo.su> References: <20080412062251.GA2199@svzserv.kemerovo.su>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-00=_4T6AI2V2Lk3dFXI Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline On Saturday 12 April 2008 02:22 am, Eugene Grosbein wrote: > Hi! > > One of 7.0 users has reported in some cyrillic newsgroup > a problem that I have reproduced in my 7.0-STABLE system. > That is: tcpdump does not show locally originated outgoing IP > packets that were processed by 'ipfw fwd' rule. The same > configuration presents no problems with 6.3-STABLE. > > Consider simple schema: two FreeBSD boxes (A and B) directly > connected with ethernet intefaces. The box A has another ethernet > interface and uses "ipfw fwd" as its very first ipfw rule to > forward some packets to B, while these packets would normally go > out trough mentioned another interface. Now, tcpdump does NOT show > outgoing packets but host B also runs tcpdump on its incoming > interface and does see them. > > I double-checked all paramerets for tcpdump, all routing tables. > I even connected A and B with cross-over ethernet cable, without a > switch. Still, B sees incoming packets coming over the cable and A > does not see them leaving. This bothers me a bit :-) Can you try the attached patch? Thanks! Jung-uk Kim --Boundary-00=_4T6AI2V2Lk3dFXI Content-Type: text/plain; charset="iso-8859-1"; name="bpf.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="bpf.diff" Index: sys/net/bpf.c =================================================================== RCS file: /home/ncvs/src/sys/net/bpf.c,v retrieving revision 1.191 diff -u -r1.191 bpf.c --- sys/net/bpf.c 7 Apr 2008 02:51:00 -0000 1.191 +++ sys/net/bpf.c 14 Apr 2008 18:37:07 -0000 @@ -88,8 +88,6 @@ #define PRINET 26 /* interruptible */ -#define M_SKIP_BPF M_SKIP_FIREWALL - /* * bpf_iflist is a list of BPF interface structures, each corresponding to a * specific DLT. The same network interface might have several BPF interface @@ -843,9 +841,9 @@ mc = m_dup(m, M_DONTWAIT); if (mc != NULL) mc->m_pkthdr.rcvif = ifp; - /* XXX Do not return the same packet twice. */ + /* Set M_PROMISC as it is seen already. */ if (d->bd_direction == BPF_D_INOUT) - m->m_flags |= M_SKIP_BPF; + m->m_flags |= M_PROMISC; } else mc = NULL; @@ -1588,8 +1586,9 @@ int gottime; struct timeval tv; - if (m->m_flags & M_SKIP_BPF) { - m->m_flags &= ~M_SKIP_BPF; + /* Clear M_PROMISC if it is re-entered. */ + if (m->m_flags & M_PROMISC) { + m->m_flags &= ~M_PROMISC; return; } @@ -1642,8 +1641,9 @@ int gottime; struct timeval tv; - if (m->m_flags & M_SKIP_BPF) { - m->m_flags &= ~M_SKIP_BPF; + /* Clear M_PROMISC if it is re-entered. */ + if (m->m_flags & M_PROMISC) { + m->m_flags &= ~M_PROMISC; return; } --Boundary-00=_4T6AI2V2Lk3dFXI--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200804141439.52231.jkim>