Problem with sending SYN/ACK

Roman Petrov melkor at pikenet.ru
Fri Jul 22 14:38:05 GMT 2005


Hello,

Suppose I have three daemons, who grab all the packets which are
forwarded to their addresses via different vlans 

fwd 10.104.50.2,9998 tcp from any to any dst-port 80 in recv vlan0
fwd 10.104.50.6,9998 tcp from any to any dst-port 80 in recv vlan1
fwd 10.104.50.10,9998 tcp from any to any dst-port 80 in recv vlan2

Those daemons then proceed to answer with a static responce
(well, I mean they actually accept connection, give the responce 
and close socket which they've created accepting connection)

Those daemons run with uids of 20000 20001 and 20002.
So, I forward the answers to the proper gateway by using ipfw rules:

fwd 10.104.50.1 tcp from any to any out uid 20000
fwd 10.104.50.5 tcp from any to any out uid 20001
fwd 10.104.50.9 tcp from any to any out uid 20002

The problem is that the SYN/ACK packet seems to be sent from another uid,
and thus cannot be forwarded to the proper gateway. Is there a way I can 
force sending SYN/ACK from uids I need?

I don't want to use additional natd's on those gateways,
neither I want to run those daemons on gateways.

Thank You for reading this.

-- 
	Roman Petrov


More information about the freebsd-net mailing list