fwd'ing packet originally destined to local interface problem
George S
c0sine at yahoo.com
Fri Sep 3 12:00:41 PDT 2004
I am having some trouble with a specialized IDS testing framework I am
working on.
Here is my setup:
-FreeBSD 5.2.1-release running with firewall options configured, bridging
off, default to accept
-fxp0: inet 10.0.0.50 netmask 255.255.255.0
-fxp1: inet 192.168.1.3 netmask 255.255.255.0
-default gateway 10.0.0.1 / no static-routes set
-ipfw ruleset as follows:
ipfw add 1 skipto 10 tcp from 10.0.0.50 to any setup recv fxp1 keep-state
ipfw add 5 allow ip from any to any
ipfw add 10 fwd 10.0.0.1 tcp from 10.0.0.50 to any
ipfw add 11 fwd 192.168.1.2 tcp from any to 10.0.0.50
ipfw add 65536 allow ip from any to any
When a custom packet (with src ip 10.0.0.50 and SYN bit) arrives at the fxp1
interface, it is forwarded out of the fxp0 interface, as expected. When the
response (with dst ip 10.0.0.50 and SYN+ACK) arrives on fxp0 however, rule
#11 registers the packet by updating its counter, but the packet does not
get written out on the fxp1 wire, as I would expect (or hope) it to!
Is this a problem with the code or my ruleset or did I erroneously predict
the resulting behaviour?
Many thanks in advance for any help any guru here can provide.
Kindest regards,
George
_______________________________
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
http://promotions.yahoo.com/goldrush
More information about the freebsd-ipfw
mailing list