Re: How to Force Packet Traversal Order (IPFW2 => PF)
- In reply to: Juraj Lutter : "Re: How to Force Packet Traversal Order (IPFW2 => PF)"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 31 Jul 2021 14:10:56 UTC
On Sat, 2021-07-31 at 15:10 +0200, Juraj Lutter wrote: > > > > On 31 Jul 2021, at 10:17, Eugene Grosbein <eugen@grosbein.net> > > wrote: > > > > > > IPFW and PF startup order definitions are in this files > > > > > > Code: > > > > > > /usr/src/sys/netpfil/ipfw/ip_fw2.c > > > /usr/src/sys/netpfil/pf/pf_ioctl.c > > > > > > I have not sufficient skills to editing kernel level files > > > and tried instructions below but i couldn't changed that order. > > > > > > I am stuck on this for weeks my mind gonna blow > > > Any help would be appreciated at this point.. > > > > You need not to edit kernel sources. AFAIK it is possible to > > achieve what you need > > building custom kernel with ipfw included but pf not included to > > the kernel and loaded as module. > > > > > I wonder if some tweaking using pfilctl(8) would do the trick. I > don’t have any pf+ipfw boxes. > > otis > > — > Juraj Lutter > otis@FreeBSD.org > > > I wonder if netgraph+ipfw might be a better combo than pf+ipfw to get round-robin load balancing. Or if not that directly, then maybe netgraph could help force the ordering the way you want. -- Ian