Date: Sat, 28 Feb 2009 11:07:35 +0200 From: Zinevich Denis <link@ngc.net.ua> To: Tom Uffner <tom@uffner.com> Cc: freebsd-pf@freebsd.org Subject: Re: freebsd 7.1 pf route-to connection stall Message-ID: <49A8FED7.3000603@ngc.net.ua> In-Reply-To: <49A85BD4.7050105@uffner.com> References: <49A7D547.9040801@ngc.net.ua> <49A811D4.5030900@uffner.com> <49A8177B.9010209@ngc.net.ua> <49A85BD4.7050105@uffner.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"pass in on $if_bce0 route-to ($if_bce0 $if_bce0_gw) to any" will not work. But anyway question is not in syntax of rules, because nobody touched it and it was working on 6.3, 7.1-p2, but not on 7.1-p3 Network is quite simple. Server has 2 cards bce0 and bce1 bce0 - 172.20.51.10 bce1 - 172.20.1.130 default gw - 172.20.1.1 networks are /24 As i described before qoal of my rule is to ignore default route when request comes on 172.20.51.10. Without such rule reply will go to 172.20.1.1 and with pf rule it will go out to 172.20.51.1 via bce0. For example similar rule for ipfw: ipfw add 1 fwd 172.20.51.1 from 172.20.51.10 to any May i misunderstood something in your reply... But i was not talking about chipset, I was talking about patch level of freebsd. and such behaviour appears only in 7.1-p3 Tom Uffner пишет: > Link wrote: >> Tom Uffner wrote: > >>> i'm having trouble making sense of that rule. could you explain (or >>> maybe >>> draw a simple diagram) what you are trying to accomplish with it? > >> Seems that i found problem. And I`m going to post it to freebsd bugs. > > you're probably better of staying on freebsd-pf > >> My full configuration is: >> >> if_bce0="bce0" >> if_bce0_gw="172.20.51.1" >> if_bce1="bce1" >> >> scrub in all >> >> pass out on $if_bce1 route-to ($if_bce0 $if_bce0_gw) from $if_bce0 to >> any no state flags any >> >> The sense is: when packet comes in on bce0 server should ignore >> default route ( set on bce1 ) and reply via bce0 using gateway if_bce0_gw > > just guessing (based on very incomplete info) you might want > "pass in on $if_bce0 route-to ($if_bce0 $if_bce0_gw) to any" > > but it seems like there should be a simpler way to do that. > > can you give us a little more info about your net topology? for example, > what IP addresses, if any, are bound to the interfaces? what network(s) > are directly attached? location(s)/address(es) of your router(s)? do you > have any static routes defined? > >> Now i have about 15 hosts with freebsd 7.1 >> Part of them are p2 and part of them p3 >> This problem appears only in p3 > > not sure why the chipset would make a difference. maybe that is a bug. > > tom > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49A8FED7.3000603>