Date: Wed, 1 Dec 2004 17:17:16 +0200 From: John Hay <jhay@icomtek.csir.co.za> To: "James R. Van Artsalen" <james@jrv.org> Cc: freebsd-ipfw@freebsd.org Subject: Re: FreeBSD 5.3 routing IPFW FWD'd packets? Message-ID: <20041201151716.GA57183@zibbi.icomtek.csir.co.za> In-Reply-To: <41ADD688.4090807@jrv.org> References: <41AC571E.2020503@jrv.org> <7261A3E8-42C2-11D9-AC2A-000A95A0BB90@bnc.net> <41ACBEDF.3020001@jrv.org> <200411302058.07224.max@love2party.net> <20041201095052.GA43515@zibbi.icomtek.csir.co.za> <41ADD688.4090807@jrv.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> >>
> >>>>Packets sent to the directly reachable net 192.168.254/8 (rule 64000)
> >>>>seem to work. Is it possible that packets are somehow being routed
> >>>>after being FWD'd by IPFW?
> >>>>
> >>>>
> >Just apply the patch in kern/71910 and you should be happy again. It works
> >for me and a few others.
> >
> >
> >
> Thanks. But, if that is a problem then why is this code in ip_fastfwd.c
> not also a problem?
> Shouldn't this get the same change as kern/71910?
>
> #ifdef IPFIREWALL_FORWARD
> if (fwd_tag) {
> if (!in_localip(ip->ip_src) &&
> !in_localaddr(ip->ip_dst))
> dest.s_addr = ((struct sockaddr_in
> *)(fwd_tag+1))->sin_addr.s_addr;
> m_tag_delete(m, fwd_tag);
> }
> #endif /* IPFIREWALL_FORWARD */
It looks like it. It is probably not part of the patch because the
original person did not use (and me neither) fast forwarding.
John
--
John Hay -- John.Hay@icomtek.csir.co.za / jhay@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041201151716.GA57183>