From owner-freebsd-net@FreeBSD.ORG  Sat Jul  8 17:50:08 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6F6D916A4DA
	for <freebsd-net@freebsd.org>; Sat,  8 Jul 2006 17:50:08 +0000 (UTC)
	(envelope-from simon@zaphod.nitro.dk)
Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D8C5C43D45
	for <freebsd-net@freebsd.org>; Sat,  8 Jul 2006 17:50:07 +0000 (GMT)
	(envelope-from simon@zaphod.nitro.dk)
Received: from zaphod.nitro.dk (unknown [192.168.3.39])
	by mx.nitro.dk (Postfix) with ESMTP id 606D72D4857;
	Sat,  8 Jul 2006 17:50:06 +0000 (UTC)
Received: by zaphod.nitro.dk (Postfix, from userid 3000)
	id 2B94D1141F; Sat,  8 Jul 2006 19:50:06 +0200 (CEST)
Date: Sat, 8 Jul 2006 19:50:05 +0200
From: "Simon L. Nielsen" <simon@FreeBSD.org>
To: Scott Ullrich <sullrich@gmail.com>
Message-ID: <20060708175004.GA1087@zaphod.nitro.dk>
References: <efb1abb0607080657o3f1959b7v96626c8869c4d714@mail.gmail.com>
	<d5992baf0607081024kab08328xaf425cafb5c0a3bd@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="u3/rZRmxL6MmkK24"
Content-Disposition: inline
In-Reply-To: <d5992baf0607081024kab08328xaf425cafb5c0a3bd@mail.gmail.com>
User-Agent: Mutt/1.5.11
Cc: freebsd-net@freebsd.org, Andre Santos <andre.netvision.com.br@gmail.com>
Subject: Re: Incompatibility between dummynet and PF rdr.
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Jul 2006 17:50:08 -0000


--u3/rZRmxL6MmkK24
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2006.07.08 13:24:41 -0400, Scott Ullrich wrote:
> On 7/8/06, Andre Santos <andre.netvision.com.br@gmail.com> wrote:
> >Are there any known compatibility problems between dummynet and PF rdr=
=20
> >rules?
> >When I try to combine both, the packets seem to simply disappear.
> [snip]
>=20
> I can confirm this behavior.   Glad someone else noticed as it would
> happen when we try to use dummynet traffic shaping + pf on pfSense.
> Never really was a high priority to nail down exactly what combination
> of dummynet + pf was breaking it.   If anyone needs me to test
> patches, just let me know.

I also noticed problems when trying to use dummynet/ipfw and pf.  I
looked a bit at it and it seemed that packets, which got queued in
dummynet, were not matched by pf's state engine when re-injected from
dummynet.  At least I saw a lot of denied packets which shouldn't have
been denied on pflog.  It wasn't very important for me to get this
working, so I haven't looked more at it.

--=20
Simon L. Nielsen

--u3/rZRmxL6MmkK24
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (FreeBSD)

iD8DBQFEr/BMh9pcDSc1mlERAj/mAKCiXmpxalcY9HrG7dEguA9TGnPdJwCfaaql
y4frc2I09ZAkRY8GicaZmSI=
=hdpI
-----END PGP SIGNATURE-----

--u3/rZRmxL6MmkK24--