rdr not working for transparent http - 5.4-stable
Giovanni P. Tirloni
gpt at tirloni.org
Sat Jul 30 13:01:38 GMT 2005
Giovanni P. Tirloni wrote:
> Max Laier wrote:
>
>> One thing comes to my mind: What does
>> $sysctl net.inet.ip.forwarding
>> say?
>
>
> # sysctl net.inet.ip.forwarding
> net.inet.ip.forwarding: 1
>
> I had some tweaks in /etc/sysctl but disabling them didn't help either.
>
> #net.inet.ip.check_interface=1
> #net.inet.tcp.blackhole=2
> #net.inet.udp.blackhole=1
>
I forgot to mention this box had ipfw+dummnyet (with two queues)
activated. I disabled ipfw in the kernel and pf rdr worked again! Just
removing the ipfw rules didn't work.
Weird enough, I don't have dummynet on the other 2 machines that have
the same problem. But ipfw is compiled in but disabled.
I'll try to disable ipfw on the other boxes and see what happens there
to confirm this.
--
Giovanni P. Tirloni / gpt at tirloni.org
More information about the freebsd-pf
mailing list