Date: Fri, 3 Sep 2004 12:00:40 -0700 (PDT) From: George S <c0sine@yahoo.com> To: freebsd-ipfw@freebsd.org Subject: fwd'ing packet originally destined to local interface problem Message-ID: <20040903190040.58544.qmail@web40412.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I am having some trouble with a specialized IDS testing framework I am working on. Here is my setup: -FreeBSD 5.2.1-release running with firewall options configured, bridging off, default to accept -fxp0: inet 10.0.0.50 netmask 255.255.255.0 -fxp1: inet 192.168.1.3 netmask 255.255.255.0 -default gateway 10.0.0.1 / no static-routes set -ipfw ruleset as follows: ipfw add 1 skipto 10 tcp from 10.0.0.50 to any setup recv fxp1 keep-state ipfw add 5 allow ip from any to any ipfw add 10 fwd 10.0.0.1 tcp from 10.0.0.50 to any ipfw add 11 fwd 192.168.1.2 tcp from any to 10.0.0.50 ipfw add 65536 allow ip from any to any When a custom packet (with src ip 10.0.0.50 and SYN bit) arrives at the fxp1 interface, it is forwarded out of the fxp0 interface, as expected. When the response (with dst ip 10.0.0.50 and SYN+ACK) arrives on fxp0 however, rule #11 registers the packet by updating its counter, but the packet does not get written out on the fxp1 wire, as I would expect (or hope) it to! Is this a problem with the code or my ruleset or did I erroneously predict the resulting behaviour? Many thanks in advance for any help any guru here can provide. Kindest regards, George _______________________________ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040903190040.58544.qmail>