misc/130493: BUG or FEATURE
Eugen Konkov
kes-kes at yandex.ru
Tue Jan 13 01:30:02 PST 2009
>Number: 130493
>Category: misc
>Synopsis: BUG or FEATURE
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Jan 13 09:30:00 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Eugen Konkov
>Release:
>Organization:
ISP Konkov
>Environment:
FreeBSD kes.net.ua 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Sat Jan 3 01:15:39 EET 2009 kes at kes.net.ua:/usr/obj/usr/src/sys/KES_KERN_v7 i386
>Description:
I have two routing tables, three LAN: one internal, two external.
I have connected VIA VPN to server through internal LAN.
if in firewall I add:
setfib 1 all from internal.lan.ip to any
The packet inside VPN tunnel is marked to have fib 1 and will leave router acording routing table 2 (fib 1)
If client IP is 10.0.0.2 and router IP is 10.0.0.1 and LAN interface is rl2
If VPN interface on router is ng0 and framed IP for VPN client is 192.168.0.2
it seems that
setfib 1 all from internal.lan.ip to any in recv rl2
is equivalent to
setfib 1 all from 192.168.0.2 to any in recv ng0
Is this feature or bug that packet inside tunnel is also marked to have same fib as tunnel/transport packet has?
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list