Date: Thu, 30 Jan 1997 10:53:04 -0000 From: "Brian Somers" <brian@utell.co.uk> To: <archie@whistle.com> Cc: <terry@lambert.org>, <ari.suutari@ps.carel.fi>, <hackers@freebsd.org>, <cmott@srv.net>, <brian@awfulhak.demon.co.uk> Subject: Re: ipdivert & masqd Message-ID: <199701301057.KAA00746@ui-gate.utell.co.uk>
next in thread | raw e-mail | index | archive | help
> > I've essentially got the following:
> >
> > ---------------- ----------------------
> > | 10.0.10.2 |------------------| 10.0.10.1 |
> > ---------------- | |
> > | 10.0.1.254 (ed0) |
> > ----------------------
> > |
> > |
> > ----------------- |
> > | 10.0.1.1 |---------------------------
> > -----------------
> >
> > with a mask of ffffff00 everywhere and the machine in the middle using
> > the following:
> >
> > ipfw add 100 divert 6668 all from any to any via ed0
>
> A-HAH! :-)
>
> Could you try the following patch?
>
> Thanks,
> - -Archie
>
> [.....]
I tried it, and I'm a bit confused about the results ! It
allows connections in both directions between 10.0.1.1 and
10.0.1.254, but sending a packet from 10.0.10.2 to 10.0.1.1
goes to 10.0.10.1, gets aliased as 10.0.1.254->10.0.1.1,
gets accepted and replied to by 10.0.1.1 and gets changed
from 10.0.1.1->10.0.1.254 to 10.0.1.1->10.0.10.3 by the
PacketAlias stuff and then disappears.
Maybe the problem is with the forwarding code - where ip_input()
calls ip_output(). I didn't realize this happened ! Surely, we
should be remembering and zero'ing ip_divert_ignore before
calling ip_output here, and restoring it afterwards. I'll check this
when I get home this evening !
Brian <brian@awfulhak.demon.co.uk> <brian@freebsd.org> <brian@utell.co.uk>
<http://www.awfulhak.demon.co.uk>;
Don't _EVER_ lose your sense of humour
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701301057.KAA00746>