From owner-freebsd-net@FreeBSD.ORG Mon Apr 14 18:40:07 2008 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from [127.0.0.1] (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by hub.freebsd.org (Postfix) with ESMTP id 2CD7B106564A; Mon, 14 Apr 2008 18:40:06 +0000 (UTC) (envelope-from jkim@FreeBSD.org) From: Jung-uk Kim To: freebsd-net@FreeBSD.org Date: Mon, 14 Apr 2008 14:39:48 -0400 User-Agent: KMail/1.6.2 References: <20080412062251.GA2199@svzserv.kemerovo.su> In-Reply-To: <20080412062251.GA2199@svzserv.kemerovo.su> MIME-Version: 1.0 Content-Disposition: inline Content-Type: Multipart/Mixed; boundary="Boundary-00=_4T6AI2V2Lk3dFXI" Message-Id: <200804141439.52231.jkim@FreeBSD.org> Cc: Eugene Grosbein Subject: Re: bpf does not see packets forwarded with ipfw fwd X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2008 18:40:07 -0000 --Boundary-00=_4T6AI2V2Lk3dFXI Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline On Saturday 12 April 2008 02:22 am, Eugene Grosbein wrote: > Hi! > > One of 7.0 users has reported in some cyrillic newsgroup > a problem that I have reproduced in my 7.0-STABLE system. > That is: tcpdump does not show locally originated outgoing IP > packets that were processed by 'ipfw fwd' rule. The same > configuration presents no problems with 6.3-STABLE. > > Consider simple schema: two FreeBSD boxes (A and B) directly > connected with ethernet intefaces. The box A has another ethernet > interface and uses "ipfw fwd" as its very first ipfw rule to > forward some packets to B, while these packets would normally go > out trough mentioned another interface. Now, tcpdump does NOT show > outgoing packets but host B also runs tcpdump on its incoming > interface and does see them. > > I double-checked all paramerets for tcpdump, all routing tables. > I even connected A and B with cross-over ethernet cable, without a > switch. Still, B sees incoming packets coming over the cable and A > does not see them leaving. This bothers me a bit :-) Can you try the attached patch? Thanks! Jung-uk Kim --Boundary-00=_4T6AI2V2Lk3dFXI Content-Type: text/plain; charset="iso-8859-1"; name="bpf.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="bpf.diff" Index: sys/net/bpf.c =================================================================== RCS file: /home/ncvs/src/sys/net/bpf.c,v retrieving revision 1.191 diff -u -r1.191 bpf.c --- sys/net/bpf.c 7 Apr 2008 02:51:00 -0000 1.191 +++ sys/net/bpf.c 14 Apr 2008 18:37:07 -0000 @@ -88,8 +88,6 @@ #define PRINET 26 /* interruptible */ -#define M_SKIP_BPF M_SKIP_FIREWALL - /* * bpf_iflist is a list of BPF interface structures, each corresponding to a * specific DLT. The same network interface might have several BPF interface @@ -843,9 +841,9 @@ mc = m_dup(m, M_DONTWAIT); if (mc != NULL) mc->m_pkthdr.rcvif = ifp; - /* XXX Do not return the same packet twice. */ + /* Set M_PROMISC as it is seen already. */ if (d->bd_direction == BPF_D_INOUT) - m->m_flags |= M_SKIP_BPF; + m->m_flags |= M_PROMISC; } else mc = NULL; @@ -1588,8 +1586,9 @@ int gottime; struct timeval tv; - if (m->m_flags & M_SKIP_BPF) { - m->m_flags &= ~M_SKIP_BPF; + /* Clear M_PROMISC if it is re-entered. */ + if (m->m_flags & M_PROMISC) { + m->m_flags &= ~M_PROMISC; return; } @@ -1642,8 +1641,9 @@ int gottime; struct timeval tv; - if (m->m_flags & M_SKIP_BPF) { - m->m_flags &= ~M_SKIP_BPF; + /* Clear M_PROMISC if it is re-entered. */ + if (m->m_flags & M_PROMISC) { + m->m_flags &= ~M_PROMISC; return; } --Boundary-00=_4T6AI2V2Lk3dFXI--