Incompatibility between dummynet and PF rdr.
Simon L. Nielsen
simon at FreeBSD.org
Sat Jul 8 17:50:08 UTC 2006
On 2006.07.08 13:24:41 -0400, Scott Ullrich wrote:
> On 7/8/06, Andre Santos <andre.netvision.com.br at gmail.com> wrote:
> >Are there any known compatibility problems between dummynet and PF rdr
> >rules?
> >When I try to combine both, the packets seem to simply disappear.
> [snip]
>
> I can confirm this behavior. Glad someone else noticed as it would
> happen when we try to use dummynet traffic shaping + pf on pfSense.
> Never really was a high priority to nail down exactly what combination
> of dummynet + pf was breaking it. If anyone needs me to test
> patches, just let me know.
I also noticed problems when trying to use dummynet/ipfw and pf. I
looked a bit at it and it seemed that packets, which got queued in
dummynet, were not matched by pf's state engine when re-injected from
dummynet. At least I saw a lot of denied packets which shouldn't have
been denied on pflog. It wasn't very important for me to get this
working, so I haven't looked more at it.
--
Simon L. Nielsen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20060708/45051a28/attachment.pgp
More information about the freebsd-net
mailing list