Date: Thu, 02 Dec 1999 09:44:55 +1100 From: Gregory Bond <gnb@itga.com.au> To: freebsd-ipfw@FreeBSD.ORG Subject: ipfw and ip aliases not working? Message-ID: <199912012244.JAA01083@lightning.itga.com.au>
next in thread | raw e-mail | index | archive | help
Either I'm very confused (not impossible!!) or IPFW is busted. I have an interface with 2 ip addresses (we are in the process of changing ISPs...) bash-2.03$ ifconfig fxp0 fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 192.83.119.129 netmask 0xfffffff0 broadcast 192.83.119.143 inet 202.53.40.210 netmask 0xfffffff8 broadcast 202.53.40.215 ether 00:90:27:4c:ea:bc media: autoselect (10baseT/UTP) status: active supported media: autoselect 100baseTX <full-duplex> 100baseTX 10baseT/UTP <full-duplex> 10baseT/UTP bash-2.03$ I have ipfw rules that are supposed to allow any arbitrary incoming & outgoing tcp sessions to this host on either IP address: 15000 13 604 allow tcp from any to 192.83.119.129 via fxp0 setup 15100 869 38236 allow tcp from 192.83.119.129 to any via fxp0 setup 15800 0 0 allow tcp from any to 203.53.40.210 via fxp0 setup 15900 0 0 allow tcp from 203.53.40.210 to any via fxp0 setup 29000 2 80 deny log tcp from any to any setup As you can see, this works for the 192.83 address, but does not work for the 203.53 address, and I get kernel messages like: Dec 2 09:16:06 ns /kernel: ipfw: 29000 Deny TCP 192.160.13.9:4251 202.53.40.210:25 in via fxp0 Dec 2 09:16:11 ns /kernel: ipfw: 29000 Deny TCP 192.160.13.9:4251 202.53.40.210:25 in via fxp0 But AFAICT this error message exactly matches rule 15800! [The same thing is also happening with UDP packets.] Any clues? Greg. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199912012244.JAA01083>