dummynet setting ifp pointer in mbuf?
Jeremie Le Hen
jeremie at le-hen.org
Thu Nov 4 06:01:59 PST 2004
Hi Guido,
this is a known problem on RELENG_4, there is an existing patch [1] for
this in the PR database.
Which version of FreeBSD are you using ? I don't know if this problem
has been corrected in RELENG_5.
[1] http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/61685
Regards,
Jeremie
On Thu, Nov 04, 2004 at 01:16:02PM +0100, Guido van Rooij wrote:
>
> I am having problems combining ipf's ipnat rules with dummynet. The
> reason is that if I use dummmynet queues configured to
> be used outbound (queue .... out xmit if), then ipnat starts
> applying rewriting of RDR rules on the wrong interface.
>
> e.g.:
> firewall has 2 interfaces: if0 and if1
> if i say:
> rdr from any to 1.2.3.4 port 22 -> 2.2.3.4 port 2222
> then ipfilter should rewrite incoming packets on if0 (and
> outgoing packets as well).
> With a dummynet rule like
> queue 2 tcp from any 22 to any out xmit if0
> ipf starts rewriting on if1, which leads to blocked packets as
> the rewritten packet does not match the state entry for the connection.
>
> When looking in the dummynet source I see (rev 1.75, line 1190):
> pkt->ifp = fwa->oif;
> So it seems the queued packets interface is set to the outgoing interface.
> But according to me, that is wrong.
>
> Can a dummynet expert verify if my analysis is correct or come up
> with a real explanation if not?
>
> -Guido
--
Jeremie Le Hen
jeremie at le-hen.org
More information about the freebsd-net
mailing list