From owner-freebsd-net@FreeBSD.ORG  Sat Apr 12 18:25:32 2008
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9B27E106564A
	for <net@FreeBSD.org>; Sat, 12 Apr 2008 18:25:32 +0000 (UTC)
	(envelope-from eugen@kuzbass.ru)
Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su
	[213.184.65.80])
	by mx1.freebsd.org (Postfix) with ESMTP id E295D8FC1D
	for <net@FreeBSD.org>; Sat, 12 Apr 2008 18:25:31 +0000 (UTC)
	(envelope-from eugen@kuzbass.ru)
Received: from www.svzserv.kemerovo.su (eugen@localhost [127.0.0.1])
	by www.svzserv.kemerovo.su (8.13.8/8.13.8) with ESMTP id m3CIPSoV077865;
	Sun, 13 Apr 2008 02:25:28 +0800 (KRAST)
	(envelope-from eugen@www.svzserv.kemerovo.su)
Received: (from eugen@localhost)
	by www.svzserv.kemerovo.su (8.13.8/8.13.8/Submit) id m3CIPSbX077863;
	Sun, 13 Apr 2008 02:25:28 +0800 (KRAST) (envelope-from eugen)
Date: Sun, 13 Apr 2008 02:25:28 +0800
From: Eugene Grosbein <eugen@kuzbass.ru>
To: Robert Watson <rwatson@FreeBSD.org>
Message-ID: <20080412182528.GA77159@svzserv.kemerovo.su>
References: <20080412062251.GA2199@svzserv.kemerovo.su>
	<20080412190939.O7693@fledge.watson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20080412190939.O7693@fledge.watson.org>
User-Agent: Mutt/1.4.2.3i
Cc: net@FreeBSD.org
Subject: Re: bpf does not see packets forwarded with ipfw fwd
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Apr 2008 18:25:32 -0000

On Sat, Apr 12, 2008 at 07:10:38PM +0100, Robert Watson wrote:

> If you ping from host A to host B, does tcpdump see both the ICMP echo 
> request and reply on both boxes?  In principle, ipfw fwd uses the same 
> output paths as the rest of the IP stack, so it would be useful to know 
> whether it sees other outbound traffic properly or not.

Yes, it does. It sees oubound traffic that is not processed with 'ipfw fwd'.
That's so funny:

1) A has IP 10.58.0.2/24 and B has. 10.58.0.1/24. From A, I start to
ping 10.58.0.1, tcpdump shows requests and replys.
2) I add a rule: "ipfw add 5 fwd 10.58.0.1 from any to 10.58.0.1"
ping contiunes to run Ok, ipfw shows that rule maches packes
(counters increase) but now tcpdump shows only replies. No request.
Very funny.

Eugene Grosbein