Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 15 Sep 2003 22:31:30 +0300 (E. Europe Daylight Time)
From:      "daniel@guitar.ro" <daniel@guitar.ro>
To:        <freebsd-ipfw@freebsd.org>
Subject:   Re: ipfw2
Message-ID:  <3F661392.000001.01980@COSTI>
References:  <3F65F83E.2050908@tenebras.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

Another issue : is ipfw / ipfw2 not working with "fwd" if the computer is
acting as a bridge?



[bridge /]7# sysctl -a | grep ipfw

net.link.ether.bridge_ipfw: 1

net.link.ether.bridge_ipfw_drop: 0

net.link.ether.bridge_ipfw_collisions: 0

net.link.ether.ipfw: 1

[bridge /]8#



[bridge /]9# ipfw -a l | grep 193.213.153

00010              0                     0 fwd 217.156.120.41 ip from 193
213.153.0/24 to any

00011        3805         172520 deny tcp from 193.213.153.0/24 to any 

[bridge /]10#



[bridge /]9# uname -a

FreeBSD bridge.something.net 5.1-RELEASE FreeBSD 5.1-RELEASE #5: Wed Aug 20
01:25:19 EEST 2003     root@bridge.something.net:/usr/src/sys
altq/i386/compile/SMP  i386

[bridge /]10#





So, the first rule doesn't work, the second works. Why's that ?





Dan Caescu

 

-------Original Message-------

 

From: Michael Sierchio

Date: Monday, September 15, 2003 8:36:46 PM

To: Sean Hafeez

Cc: freebsd-ipfw@freebsd.org

Subject: Re: ipfw2

 

Sean Hafeez wrote:

> I am having a hard time figuring something out about IPFW2. I am 

> currently using a built of 4.8 with IPFW and DUMMYNET as a rateshapping 

> router. I have tried to build a kernel with the IPFW2 options but then I 

> seem to have issues with using DUMMYNET. The ipfw pipe comments give 

> errors and core dumps. Am I missing something?



USING IPFW2 IN FreeBSD-STABLE

ipfw2 is standard in FreeBSD CURRENT, whereas FreeBSD STABLE still uses

ipfw1 unless the kernel is compiled with options IPFW2, and /sbin/ipfw

and /usr/lib/libalias are recompiled with -DIPFW2 and reinstalled (the

same effect can be achieved by adding IPFW2=TRUE to /etc/make.conf before

a buildworld).



# echo "IPFW2= YES" >> /etc/make.conf

# cd /usr/src/lib/libalias

# make clean && make && make install && make clean

# cd /usr/src/sbin/ipfw

# make clean && make && make install && make clean



-- 



"Well," Brahma said, "even after ten thousand explanations, a fool is no

wiser, but an intelligent man requires only two thousand five hundred."

- The Mahabharata



_______________________________________________

freebsd-ipfw@freebsd.org mailing list

http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw

To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"

.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F661392.000001.01980>