ipfw tee fixed [cvs commit: src/sbin/ipfw ipfw.8src/sys/netinet
ip_fw_pfil.c]
Andre Oppermann
andre at freebsd.org
Mon Sep 13 14:15:25 PDT 2004
Ruslan Ermilov wrote:
>
> I specifically said divert(4) not ipfw(8). ;)
I'm sorry. Too many tomatoes on my eyes... ;-)
What do you think of the attached patch to divert(4)?
--
Andre
Index: divert.4
===================================================================
RCS file: /home/ncvs/src/share/man/man4/divert.4,v
retrieving revision 1.29
diff -u -p -r1.29 divert.4
--- divert.4 3 Jul 2004 18:29:20 -0000 1.29
+++ divert.4 13 Sep 2004 21:13:56 -0000
@@ -128,6 +128,11 @@ packet to get diverted.
If different fragments divert to different ports,
then which port ultimately gets chosen is unpredictable.
.Pp
+Note that packets arriving on the divert socket by the
+.Xr ipfw 8
+tee action are delivered as-is and packet fragments do not get reassembled
+in this case.
+.Pp
Packets are received and sent unchanged, except that
packets read as outgoing have invalid IP header checksums, and
packets written as outgoing have their IP header checksums overwritten
More information about the freebsd-current
mailing list