[Bug 255705] Is 'ipfw fwd' completely broken now?
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat May 8 12:30:19 UTC 2021
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255705
Bug ID: 255705
Summary: Is 'ipfw fwd' completely broken now?
Product: Base System
Version: 13.0-RELEASE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: bugs at FreeBSD.org
Reporter: bugs.freebsd.org at mx.zzux.com
In addition to https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245277
on 13-0.RELEASE
routing table is fully ignored by ipfw fwd.
Example:
route -4 add default 192.168.68.64 (is a gateway which rejects all)
route -4 add -host 169.254.1.1 192.168.68.1 (is a real gateway)
Routing tables
Internet:
Destination Gateway Flags Use Mtu Netif Expire
default 192.168.68.64 UGS 26 1500 lan1
127.0.0.1 link#3 UH 2589737 16384 lo0
169.254.1.1 192.168.68.1 UGHS 18 1500 lan1
192.168.68.0/24 link#1 U 8126264 1500 lan1
192.168.68.125 link#1 UHS 0 16384 lo0
ipfw table 8 add 8.8.8.8 169.254.1.1
ipfw add 8 fwd tablearg ip from any to table(8)
ipfw add 9 fwd 169.254.1.1 ip from any to 8.8.4.4
ipfw add 10 fwd 192.168.68.1 ip from any to 1.1.1.1
on 10.3-RELEASE (and up to 11.2-RELEASE)
PING 5.5.5.5 (5.5.5.5): 56 data bytes
36 bytes from 192.168.68.64: Destination Host Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 5ac8 0 0000 3f 01 11b2 192.168.68.125 5.5.5.5
but
64 bytes from 8.8.8.8: icmp_seq=0 ttl=106 time=17.876 ms
64 bytes from 8.8.4.4: icmp_seq=0 ttl=109 time=16.055 ms
64 bytes from 1.1.1.1: icmp_seq=0 ttl=54 time=23.887 ms
on 13.0-RELEASE it forwards all the destinations via default gw
PING 1.1.1.1 (1.1.1.1): 56 data bytes
36 bytes from 192.168.68.64: Destination Host Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 b346 0 0000 3f 01 c3d5 192.168.68.125 1.1.1.1
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list