ipfw fwd question
Russell Sutherland
russ at madhaus.cns.utoronto.ca
Wed Nov 19 07:58:04 PST 2003
I am currently using the ipfw fwd rule action to perform
source based policy routing.
Specifically I'm fwd'ing traffic that has come in on intf1 and
is going out intf2. (The reason the traffic is normally heading out
this interface is its the interface for the default route).
As the packet is going out, I forward it, which causes it
to be sent to another machine on the same LAN as attached
to intf1.
So the packet:
- comes in on intf1
- traverses the routing table
- matches the default route (whose next hop is out intf2)
- goes out on intf2
- gets fwd'ed to IP1 (whose next hop is back out intf1)
This all works fine... except the fwd rule seems to only count
the first forwarded packet. I'm testing the routing/fwding using
ping from a remote machine. tcpdump indicates that each packet
is being sent from the test machine to intf1. (Rather than getting
a redirect from my router/firewall).
Any ideas as to why the count is not being incremented correctly?
--
Russell P. Sutherland Email: russ @ madhaus.cns.utoronto.ca
4 Bancroft Ave., Rm. 102 Voice: +1.416.978.0470
University of Toronto Fax: +1.416.978.6620
Toronto, ON M5S 1C1 WWW: http://madhaus.cns.utoronto.ca/~russ
CANADA
More information about the freebsd-ipfw
mailing list