Freebsd 10.2 amd64 netmap ipfw

Archy Cho archycho at gmail.com
Sat Oct 10 13:43:00 UTC 2015 

Dear All

Sorry , I would like to ask do netmap with ipfw will only work as a bridge ?

ie:
+-----------------------+           +---------------------------+           +----------------------+
| Cisco Router A        |           | Freebsd 10.2 amd64        |           | Cisco Router B       |
| Int Te1/1             |           | ix0 connect to Cisco A    |           | Int Te1/1            |
| 10.0.85.1/30          |  +----->  | Int Te1/1                 |  +------> | 10.0.85.2/30         |
|                       |  ^-----+  | ix1 connect to Cisco B    |  ^------+ |                      |
|                       |           | Int Te1/1                 |           |                      |
+-----------------------+           +---------------------------+           +----------------------+

Do the kipfw with netmap should work as this diagram ?

Archy Cho

> Archy Cho <archycho at gmail.com> 於 2015年10月10日 下午9:20 寫道:
> 
> Dear Jim and all
> 
> My map as follow:
> 
> +---------------------+            +---------------------------------+             +------------------------+
> | Cisco Router        |            | Freebsd 10.2 amd64 custom kernel|             | Linux box with         |
> | IP 10.0.85.1/30     |            | recompiled with "device netmap" |             | IP 172.16.0.1/30       |
> |                     | +--------->+ ix0 = 10.0.85.2/30              | <-----------+ control the Freebsd box 
> |                     |            | ix1 = down                      |             | via ssh                |
> |                     |            | igb0 = 172.16.0.2/30            |             |                        |
> +---------------------+            +---------------------------------+             +------------------------+
> 
> 1) I have recompiled the kernel with device netmap
> 2) I downloaded the next.zip and compiled got the kipfw and ipfw
> 3) I connect via linux box , ssh 172.16.0.2
> 
> Do anyone advise , how could I enable netmap ipfw to filter traffic from Cisco Router ?
> 
> Archy Cho
> 
>> Jim Thompson <jim at netgate.com <mailto:jim at netgate.com>> 於 2015年10月10日 上午1:14 寫道:
>> 
>> 
>>> On Oct 9, 2015, at 7:14 AM, Archy Cho <archycho at gmail.com <mailto:archycho at gmail.com>> wrote:
>>> 
>>> I think I must misunderstand something , could anyone send me advise?
>>> Or any documents could help to build a NETMAP IPFW firewall box ?
>> 
>> See the last several paragraphs of: 
>> 
>> https://github.com/luigirizzo/netmap-ipfw/blob/next/README <https://github.com/luigirizzo/netmap-ipfw/blob/next/README>
>> 
>> Note that the "telnet localhost 5566" traffic generator hack mentioned in the README doesn't work without a recompile, but you won't need it for running real traffic.
>> 
>> Jim
>> 
>

More information about the freebsd-net mailing list