From owner-freebsd-ipfw@FreeBSD.ORG Tue Aug 12 12:22:29 2008 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 13C881065695 for ; Tue, 12 Aug 2008 12:22:29 +0000 (UTC) (envelope-from fportnoy@mail.plymouth.edu) Received: from cygnus.plymouth.edu (cygnus.plymouth.edu [158.136.1.191]) by mx1.freebsd.org (Postfix) with ESMTP id DDFD28FC1E for ; Tue, 12 Aug 2008 12:22:28 +0000 (UTC) (envelope-from fportnoy@mail.plymouth.edu) Received: from localhost (localhost.localdomain [127.0.0.1]) by cygnus.plymouth.edu (Postfix) with ESMTP id 1DF8460880D5; Tue, 12 Aug 2008 08:22:27 -0400 (EDT) X-Virus-Scanned: amavisd-new at X-Spam-Flag: NO X-Spam-Score: -2.961 X-Spam-Level: X-Spam-Status: No, score=-2.961 tagged_above=-10 required=6.6 tests=[AWL=-0.462, BAYES_00=-2.599, RDNS_NONE=0.1] Received: from cygnus.plymouth.edu ([127.0.0.1]) by localhost (cygnus.plymouth.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9s7MAz4EO-8N; Tue, 12 Aug 2008 08:22:23 -0400 (EDT) Received: from cygnus.plymouth.edu (cygnus.plymouth.edu [158.136.1.191]) by cygnus.plymouth.edu (Postfix) with ESMTP id D74F660880F4; Tue, 12 Aug 2008 08:22:23 -0400 (EDT) Date: Tue, 12 Aug 2008 08:22:23 -0400 (EDT) From: Fred Portnoy To: Adrian Penisoara Message-ID: <666535032.311481218543743824.JavaMail.root@cygnus.plymouth.edu> In-Reply-To: <1837587044.311191218543618034.JavaMail.root@cygnus.plymouth.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [158.136.33.81] X-Mailer: Zimbra 5.0.7_GA_2450.RHEL4_64 (ZimbraWebClient - FF3.0 (Win)/5.0.7_GA_2450.RHEL4_64) Cc: freebsd-ipfw Subject: Re: ipv4 diffserv entry X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2008 12:22:29 -0000 First question, ipfw on FreeBSD 5.4-RELEASE. Other questions are more difficult, since we're dealing with a production network.... thanks Fred Portnoy Network Analyst Plymouth State University "unfettered by edgy modernisms, or classical influences" ----- Original Message ----- From: "Adrian Penisoara" To: "Fred Portnoy" Cc: "freebsd-ipfw" Sent: Tuesday, August 12, 2008 7:21:45 AM GMT -05:00 US/Canada Eastern Subject: Re: ipv4 diffserv entry Hi, On Mon, Aug 11, 2008 at 10:30 PM, Fred Portnoy wrote: > By using Sniffer and tcpdump together, it appears that the entry in the "TOS" field of the IPv4 header is getting stripped off as the packet leaves the external facing interface of the firewall. Is this known behavior? Is there a way to preserve the TOS? Which firewall framework are we talking about (ipfw / pf / ipf) ? Does it reproduce with all/other firewalls ? If you completely disable the firewall, does the issue stop reproducing ? Regards, Adrian.