problems with ipfw2
Patrick Mauritz
oxygene at openbios.org
Tue Aug 24 12:14:45 PDT 2004
I'm posting on behalf of a friend of mine, who gave me this information:
kernel, sources of about last sunday noon (CEST):
DragonFly gate.int.diddens.de 1.1-CURRENT DragonFly 1.1-CURRENT #0: Tue Aug
24 08:34:28 CEST 2004 p at xxxxxxxxxxxxxxxxxxx:/usr/obj/usr/src/sys/APOLLO
i386
upgraded from freebsd 4.10 beta system, build complete dragonflybsd world
and kernel according to the website, using
IPFW2=TRUE in make.conf and
options IPFW2 in the kernel configuration
network setup:
3 interfaces + PPPoE
LAN: xl0 (192.168.0.0/24)
PPPoE: tun0 over ed0
DMZ: ed2 (10.0.0.0/24)
ed1 doesn't exist, ed2 is an ISA card
natd is started via "natd -f /etc/natd.conf"
/etc/natd.conf:
interface tun0
use_sockets yes
dynamic yes
the ipfw configuration is:
divert all from any to any via tun0
he also tried adding more finegrained rules (from 192.168.0.0/24 to any,
etc) but that didn't change anything
packets from ed2 to tun0 are processed by natd (so the source IP in the
tcpdump would match the IP from tun0), those from xl0 to tun0 are not:
tcpdump -n -i tun0:
21:01:32.337727 IP 192.168.0.100 > 216.240.41.25: icmp 64: echo request seq
1
21:01:33.347884 IP 192.168.0.100 > 216.240.41.25: icmp 64: echo request seq
2
the ipfw rule counter isn't counting
thanks for help
More information about the Bugs
mailing list