From owner-freebsd-ipfw@FreeBSD.ORG Mon Nov 22 11:07:07 2010 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 802061065697 for ; Mon, 22 Nov 2010 11:07:07 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6262E8FC2B for ; Mon, 22 Nov 2010 11:07:07 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id oAMB77YU051724 for ; Mon, 22 Nov 2010 11:07:07 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id oAMB76xq051719 for freebsd-ipfw@FreeBSD.org; Mon, 22 Nov 2010 11:07:06 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 22 Nov 2010 11:07:06 GMT Message-Id: <201011221107.oAMB76xq051719@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-ipfw@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-ipfw@FreeBSD.org X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Nov 2010 11:07:07 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/152113 ipfw [ipfw] page fault on 8.1-RELEASE caused by certain amo o kern/150798 ipfw [ipfw] ipfw2 fwd rule matches packets but does not do o kern/150141 ipfw [ipfw]: Not working kernel nat freeBSD 8.1 o kern/149572 ipfw [ipfw] ipfw kernel nat not working properly o kern/148928 ipfw [ipfw] Problem with loading of ipfw NAT rules during s o kern/148827 ipfw [ipfw] divert broken with in-kernel ipfw o kern/148689 ipfw [ipfw] antispoof wrongly triggers on link local IPv6 a o kern/148430 ipfw [ipfw] IPFW schedule delete broken. o kern/148157 ipfw [ipfw] IPFW in kernel nat BUG found in FreeBSD 8.1-PRE o conf/148144 ipfw [patch] add ipfw_nat support for rc.firewall simple ty o conf/148137 ipfw [ipfw] call order of natd and ipfw startup scripts o kern/148091 ipfw [ipfw] ipfw ipv6 handling broken. o kern/147720 ipfw [ipfw] ipfw dynamic rules and fwd o kern/145733 ipfw [ipfw] [patch] ipfw flaws with ipv6 fragments o kern/145305 ipfw [ipfw] ipfw problems, panics, data corruption, ipv6 so o kern/145167 ipfw [ipfw] ipfw nat does not follow its documentation o kern/144269 ipfw [ipfw] problem with ipfw tables o kern/144187 ipfw [ipfw] deadlock using multiple ipfw nat and multiple l o kern/143973 ipfw [ipfw] [panic] ipfw forward option causes kernel reboo o kern/143653 ipfw [ipfw] [patch] ipfw nat redirect_port "buf is too smal o kern/143621 ipfw [ipfw] [dummynet] [patch] dummynet and vnet use result o kern/143474 ipfw [ipfw] ipfw table contains the same address f kern/142951 ipfw [dummynet] using pipes&queues gives OUCH! pipe should o kern/139581 ipfw [ipfw] "ipfw pipe" not limiting bandwidth o kern/139226 ipfw [ipfw] install_state: entry already present, done o kern/137346 ipfw [ipfw] ipfw nat redirect_proto is broken o kern/137232 ipfw [ipfw] parser troubles o kern/136695 ipfw [ipfw] [patch] fwd reached after skipto in dynamic rul o kern/135476 ipfw [ipfw] IPFW table breaks after adding a large number o o bin/134975 ipfw [patch] ipfw(8) can't work with set in rule file. o kern/132553 ipfw [ipfw] ipfw doesn't understand ftp-data port o kern/131817 ipfw [ipfw] blocks layer2 packets that should not be blocke o kern/131601 ipfw [ipfw] [panic] 7-STABLE panic in nat_finalise (tcp=0) o kern/131558 ipfw [ipfw] Inconsistent "via" ipfw behavior o bin/130132 ipfw [patch] ipfw(8): no way to get mask from ipfw pipe sho o kern/129103 ipfw [ipfw] IPFW check state does not work =( o kern/129093 ipfw [ipfw] ipfw nat must not drop packets o kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n o kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/127209 ipfw [ipfw] IPFW table become corrupted after many changes o bin/125370 ipfw [ipfw] [patch] increase a line buffer limit o conf/123119 ipfw [patch] rc script for ipfw does not handle IPv6 o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip o kern/122109 ipfw [ipfw] ipfw nat traceroute problem s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121382 ipfw [dummynet] 6.3-RELEASE-p1 page fault in dummynet (corr o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o kern/118993 ipfw [ipfw] page fault - probably it's a locking problem o bin/117214 ipfw ipfw(8) fwd with IPv6 treats input as IPv4 o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from o docs/113803 ipfw [patch] ipfw(8) - don't get bitten by the fwd rule o kern/112561 ipfw [ipfw] ipfw fwd does not work with some TCP packets o kern/105330 ipfw [ipfw] [patch] ipfw (dummynet) does not allow to set q o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support o kern/98831 ipfw [ipfw] ipfw has UDP hickups o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v o kern/93300 ipfw [ipfw] ipfw pipe lost packets o kern/91847 ipfw [ipfw] ipfw with vlanX as the device o kern/88659 ipfw [modules] ipfw and ip6fw do not work properly as modul o kern/87032 ipfw [ipfw] [patch] ipfw ioctl interface implementation o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o bin/83046 ipfw [ipfw] ipfw2 error: "setup" is allowed for icmp, but s o kern/82724 ipfw [ipfw] [patch] [request] Add setnexthop and defaultrou s kern/80642 ipfw [ipfw] [patch] ipfw small patch - new RULE OPTION o bin/78785 ipfw [patch] ipfw(8) verbosity locks machine if /etc/rc.fir o kern/74104 ipfw [ipfw] ipfw2/1 conflict not detected or reported, manp o kern/73910 ipfw [ipfw] serious bug on forwarding of packets after NAT o kern/72987 ipfw [ipfw] ipfw/dummynet pipe/queue 'queue [BYTES]KBytes ( o kern/71366 ipfw [ipfw] "ipfw fwd" sometimes rewrites destination mac a o kern/69963 ipfw [ipfw] install_state warning about already existing en o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes o kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/51274 ipfw [ipfw] [patch] ipfw2 create dynamic rules with parent o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o kern/46159 ipfw [ipfw] [patch] [request] ipfw dynamic rules lifetime f a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau 82 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Tue Nov 23 14:48:36 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 401BE106564A for ; Tue, 23 Nov 2010 14:48:36 +0000 (UTC) (envelope-from nangergong@gmail.com) Received: from mail-gx0-f182.google.com (mail-gx0-f182.google.com [209.85.161.182]) by mx1.freebsd.org (Postfix) with ESMTP id F014A8FC22 for ; Tue, 23 Nov 2010 14:48:35 +0000 (UTC) Received: by gxk5 with SMTP id 5so251134gxk.13 for ; Tue, 23 Nov 2010 06:48:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=pLS7anYHDv5BJTBlmlro+yZIofKdC+kZqdNvi7pyfwI=; b=nib/jzzX4pfHRcr6GqDkXIz5Aqi9S5zsHBf/QHe5NKv3djbFHwqGX+xAB3QdwTlXnF d4vC8n+qEBhR3iu99geXkSa9LG75qO07ruaDC4wzSj+IG2ih8MqEnJq50nQA4um2jEQP SHIxX6IB9+uZMV4aIisw45NpHPwz1Bt4fDGUI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=EfwDWu27ybL3yONJIzlmVj1Zx+WJd0DqKetVQrQ6IA7Gmq3hN023YvmmruiRa6HZrZ 37loRO01BtoLTxiTcwdMkrsj7ifHfVchfhj8RduYTPKZxPWMbRqWw4Jka0SdoemzlLF+ EagL2an6djIvo4lz4BI95lH/xaSe5gYwE1aTI= MIME-Version: 1.0 Received: by 10.204.120.80 with SMTP id c16mr6733070bkr.162.1290521943057; Tue, 23 Nov 2010 06:19:03 -0800 (PST) Received: by 10.204.154.81 with HTTP; Tue, 23 Nov 2010 06:19:02 -0800 (PST) Date: Tue, 23 Nov 2010 14:19:02 +0000 Message-ID: From: nangergong To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Understanding of "mask" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Nov 2010 14:48:36 -0000 Hi, all, I don't understand the meaning of "mask", for example, in the following statements: -------------------------------------- ipfw pipe 1 config delay 80ms mask all ipfw add 600 pipe 1 ip from 9.161.150.55 to 9.161.148.72 ---------------------------------------- What is the usage of "mask all"? I think in total there is only 1 queue, so "mask all" here doesn't make any sense? Thank you! From owner-freebsd-ipfw@FreeBSD.ORG Tue Nov 23 15:46:33 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4A4991065674 for ; Tue, 23 Nov 2010 15:46:33 +0000 (UTC) (envelope-from luigi@onelab2.iet.unipi.it) Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238]) by mx1.freebsd.org (Postfix) with ESMTP id 0F5818FC27 for ; Tue, 23 Nov 2010 15:46:33 +0000 (UTC) Received: by onelab2.iet.unipi.it (Postfix, from userid 275) id 431AD73098; Tue, 23 Nov 2010 16:41:55 +0100 (CET) Date: Tue, 23 Nov 2010 16:41:55 +0100 From: Luigi Rizzo To: nangergong Message-ID: <20101123154155.GC48018@onelab2.iet.unipi.it> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i Cc: freebsd-ipfw@freebsd.org Subject: Re: Understanding of "mask" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Nov 2010 15:46:33 -0000 On Tue, Nov 23, 2010 at 02:19:02PM +0000, nangergong wrote: > Hi, all, > > I don't understand the meaning of "mask", > for example, in the following statements: > -------------------------------------- > ipfw pipe 1 config delay 80ms mask all > ipfw add 600 pipe 1 ip from 9.161.150.55 to 9.161.148.72 > ---------------------------------------- > > What is the usage of "mask all"? > I think in total there is only 1 queue, so "mask all" here doesn't make any mask tells ipfw to create as many actual pipes (and queues) as there are different values of the 5-tuple after masking. E.g. for a pipe with bw limitations (say bw 100Kbit/s) each flow would get its own 100Kbit/s without interference from the others. In this case the mask is useless because the pipe has only delay so there would be no interference anyways. cheers luigi From owner-freebsd-ipfw@FreeBSD.ORG Thu Nov 25 15:31:18 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AA10F1065674 for ; Thu, 25 Nov 2010 15:31:18 +0000 (UTC) (envelope-from nangergong@gmail.com) Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id 386178FC08 for ; Thu, 25 Nov 2010 15:31:17 +0000 (UTC) Received: by bwz2 with SMTP id 2so1028651bwz.13 for ; Thu, 25 Nov 2010 07:31:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=4UKGuN6JN7ojXlOKrGt9qR6Hd66zJfcWQLHCtWYgx+0=; b=oGOLJGIk21JMVNTxppBPY9/7+l1XXCXyn9gXNIXykPZE3RhDVP+5GcTBQos6oKkeUZ Y1YNXxUyb7MsiicvOPuJtSwKNnXN8KQYo1tJWO5W6Y0iOyMD7Lsb5mVgqlm59UrguGva IMOWS0DzGZHaOcgUwa+/at9WyCs2X/Vtv7Qvs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=nEOFqk6vQ8NtMeysZ8Fy7VJRvnPSLog6EaeCaGWNwONscNABZbZ9usDBPaOZ0gK5nQ ER1u+sF4LtTu0wkPS8WOTAgbMzLmpxJkXGXJ498bld4F1LjjRfoldGOvs62uC7b+Oxy7 EENymX/YhvN1LcLoNp7Gdj4/cdeH1YHSo1YMw= MIME-Version: 1.0 Received: by 10.204.123.141 with SMTP id p13mr792867bkr.189.1290699076792; Thu, 25 Nov 2010 07:31:16 -0800 (PST) Received: by 10.204.154.81 with HTTP; Thu, 25 Nov 2010 07:31:16 -0800 (PST) Date: Thu, 25 Nov 2010 15:31:16 +0000 Message-ID: From: nangergong To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: two questions:1 relationship between dummynet and wireshark 2 how to add latency for each packet to be sent X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Nov 2010 15:31:18 -0000 Hi, all: 1 relationship between dummynet and wireshark I have a question on the relationship between dummynet and wireshark. Does wireshark capture packets before dummynet starts working or after? Which of the following charts is right? (1) send packets capture add pkt loss, delay.. A------------------> wireshark --------------------> dummynet---------------------------> add pkt loss,delay... capture network----------------->dummynet -------------------------> wireshark-------------> B or (2) send packets add delay,loss capture A------------------> dummynet --------------------> wireshakr---------------------------> add pkt loss,delay... capture network----------------->dummynet -------------------------> wireshark-------------> B At first, I think (1) is right, and I did a test using "ping". However during my following test, it seems that (2) is the fact: I have two machines, A and B. When I play music on A, the RTP packets flow from A to B. I added a pipe with packet loss and bandwidth limitation, which regulates the flow from A to B. Then I captured packets on A using wireshark. If the chart (1) is right, then the packets I captured on A should be the same to the music I played on A, however, this is not the truth. 2 how to add latency for each packet to be sent I want to vary the delays(latencies) for different packets. So, is there a way to add latency for for each packet to be sent. For example, bind one pipe to one packet. Thank you! From owner-freebsd-ipfw@FreeBSD.ORG Thu Nov 25 18:05:11 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B81471065679 for ; Thu, 25 Nov 2010 18:05:11 +0000 (UTC) (envelope-from luigi@onelab2.iet.unipi.it) Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238]) by mx1.freebsd.org (Postfix) with ESMTP id 7CC9E8FC15 for ; Thu, 25 Nov 2010 18:05:11 +0000 (UTC) Received: by onelab2.iet.unipi.it (Postfix, from userid 275) id DECF4730A1; Thu, 25 Nov 2010 19:18:25 +0100 (CET) Date: Thu, 25 Nov 2010 19:18:25 +0100 From: Luigi Rizzo To: nangergong Message-ID: <20101125181825.GA79947@onelab2.iet.unipi.it> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i Cc: freebsd-ipfw@freebsd.org Subject: Re: two questions:1 relationship between dummynet and wireshark 2 how to add latency for each packet to be sent X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Nov 2010 18:05:11 -0000 On Thu, Nov 25, 2010 at 03:31:16PM +0000, nangergong wrote: > Hi, all: > > 1 relationship between dummynet and wireshark > > I have a question on the relationship between dummynet and wireshark. Does > wireshark capture packets before dummynet starts working or after? Which of > the following charts is right? > > (1) > send packets > capture add pkt loss, delay.. > A------------------> wireshark --------------------> > dummynet---------------------------> > > add pkt > loss,delay... capture > network----------------->dummynet -------------------------> > wireshark-------------> B > > or > > (2) > send packets add delay,loss > capture > A------------------> dummynet --------------------> > wireshakr---------------------------> > > add pkt > loss,delay... capture > network----------------->dummynet -------------------------> > wireshark-------------> B > > At first, I think (1) is right, and I did a test using "ping". However > during my following test, it seems that (2) is the fact: > > I have two machines, A and B. When I play music on A, the RTP packets flow > from A to B. I added a pipe with packet loss and bandwidth limitation, > which regulates the flow from A to B. Then I captured packets on A using > wireshark. If the chart (1) is right, then the packets I captured on A > should be the same to the music I played on A, however, this is not the > truth. > > 2 how to add latency for each packet to be sent > > I want to vary the delays(latencies) for different packets. So, is there a > way to add latency for for each packet to be sent. For example, bind one > pipe to one packet. Thank you! hi, wireshark is closest to the wire so it will intercept incoming traffic before dummynet, and outgoing traffic after dummynet. As for binding pipes to packets, you can only do it if those packets carry metadata (i.e. 5-tuple, length, flags...) that ipfw can match and distinguish one packet from another. Usually, though, this is not the case for packets from the same flow. cheers luigi From owner-freebsd-ipfw@FreeBSD.ORG Fri Nov 26 10:16:19 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A90DB1065670 for ; Fri, 26 Nov 2010 10:16:19 +0000 (UTC) (envelope-from john@traktor.dnepro.net) Received: from smtp-out.dnepro.net (smtp-out.dnepro.net [195.24.131.41]) by mx1.freebsd.org (Postfix) with ESMTP id 2C0828FC14 for ; Fri, 26 Nov 2010 10:16:18 +0000 (UTC) Received: from traktor.dnepro.net (localhost [127.0.0.1]) by traktor.dnepro.net (8.14.3/8.14.3) with ESMTP id oAQ9dDlR071917 for ; Fri, 26 Nov 2010 11:39:14 +0200 (EET) (envelope-from john@traktor.dnepro.net) Received: (from john@localhost) by traktor.dnepro.net (8.14.3/8.14.3/Submit) id oAQ9dDjt071916 for freebsd-ipfw@freebsd.org; Fri, 26 Nov 2010 11:39:13 +0200 (EET) (envelope-from john) Date: Fri, 26 Nov 2010 11:39:13 +0200 From: Eugene Perevyazko To: freebsd-ipfw@freebsd.org Message-ID: <20101126093913.GA68982@traktor.dnepro.net> Mail-Followup-To: freebsd-ipfw@freebsd.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i Subject: Re: two questions:1 relationship between dummynet and wireshark 2 how to add latency for each packet to be sent X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Nov 2010 10:16:19 -0000 On Thu, Nov 25, 2010 at 03:31:16PM +0000, nangergong wrote: > > 2 how to add latency for each packet to be sent > > I want to vary the delays(latencies) for different packets. So, is there a > way to add latency for for each packet to be sent. For example, bind one > pipe to one packet. Thank you! If you need to add random delays you could try several pipes with different delay and "prob" option of ipfw. Like add 1000 prob 0.2 pipe 1 add 1010 prob 0.2 pipe 2 add 1020 prob 0.1 pipe 3 etc... Then you should take into account that with one_pass=1 probability for a packet to match 1010 in that case would be (1.0-0.2)*0.2 and to match 1020 (1.0-0.2)*(1.0-0.2)*0.1 -- Eugene Perevyazko From owner-freebsd-ipfw@FreeBSD.ORG Fri Nov 26 14:43:14 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BA029106564A for ; Fri, 26 Nov 2010 14:43:14 +0000 (UTC) (envelope-from nangergong@gmail.com) Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id 360678FC15 for ; Fri, 26 Nov 2010 14:43:13 +0000 (UTC) Received: by bwz2 with SMTP id 2so1979248bwz.13 for ; Fri, 26 Nov 2010 06:43:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=9Hu4bp15I+fC/YEpQyRU8exXERy0zy+7jmsc0T0dfSw=; b=oXvs/VpIZOJXX1ZAm2DEN6Tdd0WeGGmQdRdqkwGKD1nKM2IxbHXEzQQiXRN/SG9Fvb c8bUEw7mSXeYFYSQaqyNgGOo7cHmXZHnQu1hBUo55ZkAAKZNI/uNGOKpz+UigbuuDQSk ks1r5jYPLYKtPiEqnCDmagQ2cRUPBdrc1na54= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=oQcOVmdKam2lZlEWYNl9jGrv8/cVUydVOuwemI69dvQ74kq+h5mdb/eq31JFLkKWNR E9CoOLCLyF6r8sjsv6JjUOnD/a++dYcva2pdqGi/1l2YaJQYF66CAKFcS0pm48/vBzKK hN/MzGm1FOP+WVz2m2fpctUpbzM6e0W1JDOV8= MIME-Version: 1.0 Received: by 10.204.122.8 with SMTP id j8mr1989610bkr.135.1290782592220; Fri, 26 Nov 2010 06:43:12 -0800 (PST) Received: by 10.204.154.81 with HTTP; Fri, 26 Nov 2010 06:43:12 -0800 (PST) In-Reply-To: <20101125181825.GA79947@onelab2.iet.unipi.it> References: <20101125181825.GA79947@onelab2.iet.unipi.it> Date: Fri, 26 Nov 2010 14:43:12 +0000 Message-ID: From: nangergong To: Luigi Rizzo Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-ipfw@freebsd.org Subject: Re: two questions:1 relationship between dummynet and wireshark 2 how to add latency for each packet to be sent X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Nov 2010 14:43:14 -0000 Hi=EF=BC=8C Thank you so much for your reply. I used the windows version of dummynet/IPFW, so is it the same that wireshark will intercept incoming traffic before dummynet, and outgoing traffic after dummynet? Coz It is kind of strange according to my ping test: I have two machines, A and B A: 9.161.150.55 B: 9.161.148.72 I configured on A: >ipfw pipe 1 config plr 1 >ipfw add pipe 1 ip from 9.161.150.55 to 9.161.148.72 (from A to B) and then (1 ) ping "9.161.148.72" on A and started capturing packets on both machines I found that there are four "ping request" packets captured on A while no packets are captured on B. (2) ping "9.161.150.55 " on B and capturing packets on both machines I found that there are four "ping request" and four "ping reply" packets on A while only four "request" packets on B. So it seems that the results contradict with "wireshark will intercept incoming traffic before dummynet, and outgoing traffic after dummynet" on Windows version?. However, when I started a softphone call, it seems that "wireshark will intercept outgoing traffic after dummynet" is true? Really confused now! Do you have any idea on this? Thank you! On Thu, Nov 25, 2010 at 6:18 PM, Luigi Rizzo wrote: > On Thu, Nov 25, 2010 at 03:31:16PM +0000, nangergong wrote: > > Hi, all: > > > > 1 relationship between dummynet and wireshark > > > > I have a question on the relationship between dummynet and wireshark. > Does > > wireshark capture packets before dummynet starts working or after? Whic= h > of > > the following charts is right? > > > > (1) > > send packets > > capture add pkt loss, delay.. > > A------------------> wireshark --------------------> > > dummynet---------------------------> > > > > add pkt > > loss,delay... capture > > network----------------->dummynet -------------------------> > > wireshark-------------> B > > > > or > > > > (2) > > send packets add delay,loss > > capture > > A------------------> dummynet --------------------> > > wireshakr---------------------------> > > > > add pkt > > loss,delay... capture > > network----------------->dummynet -------------------------> > > wireshark-------------> B > > > > At first, I think (1) is right, and I did a test using "ping". However > > during my following test, it seems that (2) is the fact: > > > > I have two machines, A and B. When I play music on A, the RTP packets > flow > > from A to B. I added a pipe with packet loss and bandwidth limitation, > > which regulates the flow from A to B. Then I captured packets on A usin= g > > wireshark. If the chart (1) is right, then the packets I captured on A > > should be the same to the music I played on A, however, this is not the > > truth. > > > > 2 how to add latency for each packet to be sent > > > > I want to vary the delays(latencies) for different packets. So, is > there a > > way to add latency for for each packet to be sent. For example, bind on= e > > pipe to one packet. Thank you! > > hi, > wireshark is closest to the wire so it will intercept > incoming traffic before dummynet, and outgoing traffic > after dummynet. > As for binding pipes to packets, you can only do it if > those packets carry metadata (i.e. 5-tuple, length, > flags...) that ipfw can match and distinguish one packet > from another. Usually, though, this is not the case for > packets from the same flow. > > cheers > luigi > From owner-freebsd-ipfw@FreeBSD.ORG Fri Nov 26 14:55:55 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5D71D106566B for ; Fri, 26 Nov 2010 14:55:55 +0000 (UTC) (envelope-from luigi@onelab2.iet.unipi.it) Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238]) by mx1.freebsd.org (Postfix) with ESMTP id 203D28FC12 for ; Fri, 26 Nov 2010 14:55:54 +0000 (UTC) Received: by onelab2.iet.unipi.it (Postfix, from userid 275) id E71CC73098; Fri, 26 Nov 2010 16:09:09 +0100 (CET) Date: Fri, 26 Nov 2010 16:09:09 +0100 From: Luigi Rizzo To: nangergong Message-ID: <20101126150909.GA93106@onelab2.iet.unipi.it> References: <20101125181825.GA79947@onelab2.iet.unipi.it> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i Cc: freebsd-ipfw@freebsd.org Subject: Re: two questions:1 relationship between dummynet and wireshark 2 how to add latency for each packet to be sent X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Nov 2010 14:55:55 -0000 On Fri, Nov 26, 2010 at 02:43:12PM +0000, nangergong wrote: > Hi??? > > Thank you so much for your reply. I used the windows version of > dummynet/IPFW, so is it the same that wireshark will intercept > incoming traffic before dummynet, and outgoing traffic after dummynet? Coz it all depends on where you run dummynet and where you run wireshark (is there a windows version of it ?) All i can tell you is that - on FreeBSD and linux, dummynet intercepts packets at the IP level, and wireshark sits just on top of the device driver (using bpf or similar mechanisms); - on windows, it acts as a miniport driver (so, it probably gets the full packet including MAC headers), but i have no idea where wireshark works -- it might be a miniport driver as well, in which case the order of loading might be relevant cheers luigi