Problem with sending SYN/ACK
melkor at pikenet.ru
Fri Jul 22 14:38:05 GMT 2005
Suppose I have three daemons, who grab all the packets which are
forwarded to their addresses via different vlans
fwd 10.104.50.2,9998 tcp from any to any dst-port 80 in recv vlan0
fwd 10.104.50.6,9998 tcp from any to any dst-port 80 in recv vlan1
fwd 10.104.50.10,9998 tcp from any to any dst-port 80 in recv vlan2
Those daemons then proceed to answer with a static responce
(well, I mean they actually accept connection, give the responce
and close socket which they've created accepting connection)
Those daemons run with uids of 20000 20001 and 20002.
So, I forward the answers to the proper gateway by using ipfw rules:
fwd 10.104.50.1 tcp from any to any out uid 20000
fwd 10.104.50.5 tcp from any to any out uid 20001
fwd 10.104.50.9 tcp from any to any out uid 20002
The problem is that the SYN/ACK packet seems to be sent from another uid,
and thus cannot be forwarded to the proper gateway. Is there a way I can
force sending SYN/ACK from uids I need?
I don't want to use additional natd's on those gateways,
neither I want to run those daemons on gateways.
Thank You for reading this.
More information about the freebsd-net