kern/129036: [ipfw] 'ipfw fwd' does not change outgoing
interface name
Eugene Grosbein
egrosbein at rdtc.ru
Tue Feb 28 17:40:14 UTC 2012
The following reply was made to PR kern/129036; it has been noted by GNATS.
From: Eugene Grosbein <egrosbein at rdtc.ru>
To: Sergey Matveychuk <sem at freebsd.org>
Cc: bug-followup at freebsd.org
Subject: Re: kern/129036: [ipfw] 'ipfw fwd' does not change outgoing interface
name
Date: Wed, 29 Feb 2012 00:38:10 +0700
27.02.2012 20:11, Sergey Matveychuk ÐÉÛÅÔ:
> Can't reproduce on both 9.0 and 8.3. Could you test on them please?
I've just testet 8.3-PRERELEASE and problem is still here.
In my current setup, the router based on 8.3-PRE has 3 interfaces:
- vr0 is LAN
- ng0 is primary uplink (default route points to ng0)
- vr1 is secondary uplink.
The very first lines of ipfw ruleset are:
ipfw add 10 fwd G.G.G.G ip from any to 1.1.1.1 in recv vr0
ipfw add 15 allow ip from any to 1.1.1.1 in
ipfw add 20 count ip from any to 1.1.1.1 out xmit ng0
Here G.G.G.G is gateway address of secondary uplink,
so route to G.G.G.G points to vr1. And I run "ping -c1 1.1.1.1"
from LAN while running "tcpdump -np vr1 host 1.1.1.1".
tcpdump shows me that rule 10 works and ICMP packet goes out via vr1.
But the packes still matchs rule 20 - that's the problem.
Eugene Grosbein
More information about the freebsd-ipfw
mailing list