From owner-freebsd-ipfw@freebsd.org Tue Oct 18 12:24:34 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 07B8FC149B9 for ; Tue, 18 Oct 2016 12:24:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EB6F1DD4 for ; Tue, 18 Oct 2016 12:24:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u9ICOXS9086039 for ; Tue, 18 Oct 2016 12:24:33 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 209680] ipfw: when enabled, net connections time out/ssh results in "broken pipe" Date: Tue, 18 Oct 2016 12:24:33 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: 1983-01-06@gmx.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Oct 2016 12:24:34 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D209680 --- Comment #10 from Michael Osipov <1983-01-06@gmx.net> --- This patch does not work for me. Same issue happens even with the patch and= if I switch from graid3 to ZFS raidz, everything is fine. It must be the geom class in my case. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Tue Oct 18 13:49:42 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BF13BC16D2B for ; Tue, 18 Oct 2016 13:49:42 +0000 (UTC) (envelope-from nazari.s11@gmail.com) Received: from mail-qk0-x22c.google.com (mail-qk0-x22c.google.com [IPv6:2607:f8b0:400d:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 81763E4A for ; Tue, 18 Oct 2016 13:49:42 +0000 (UTC) (envelope-from nazari.s11@gmail.com) Received: by mail-qk0-x22c.google.com with SMTP id f128so280658163qkb.1 for ; Tue, 18 Oct 2016 06:49:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=u6nJdufskjm3pSc5597seL74FHr4CrS/RnAKVwO5bBY=; b=PU4W6TSTcnnysprQd8hHkpn+Ez1WHvtO8opjq9ma51xpTprkuZarD9KktcYUrq1bXe ecesgb5tP4/fv+71GBDy8Cz4lC5UZk4lmtp2bEoA2SYXpVztehoRPL75AaGqdJ7t8tb6 4jyXFVIdfSgGdCuwVx92ciYMN8NCMyeCTUrxC1K7aG5aQgrOy4Pcpvy0d3EjpOcwMm0C 1ba5PuIRXnFsiITe+OOwTYfeYC9p1NFqSKxVmFHrMhs4JjEDYqFXQJWhc2iL9UgRvTLV 19UwRNUk3mQtWQGbRZAk3rWdKl4IYjWxNiUOeahbysH3X5aO8dQ/H13LSnTbu7Qq0wU9 JQ9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=u6nJdufskjm3pSc5597seL74FHr4CrS/RnAKVwO5bBY=; b=OQKDjHbhZzD4wr4FFwDXshc0+jH882YANXv833nO91RkA/ny3xfvsW6GvBfE6/U4AR MWu/e5ZLcWfBA9fdI4BjtBijao4Jwsr7zdi/9xuG21bGJJ9TSpuJdISe7bWBixFirmLO yxDeNB9xXRECZEMLVHPZvDg2L0o0dpv7/vuI1HXKXS3ifu0yY28qQNut68g8y5vmydPg JUzFSLd+jgqtTRa5U3EoGRjVR6rHS9Ep+waasjJnKmS2t6zxOM3TduBJAPnr6oi9T8QY 7w4CllgZbn1XvpUnewdegoFDbauxtHQK0F3JDLb1qDX7lCU+djCMP03Ek7QcWyun6Su9 CMCQ== X-Gm-Message-State: AA6/9RmCGYWOJ8VjEaeE1CCyG6ijvJpupAqsy6viFXcF2d3Y8aqOP+y3d1Gz9+Rgp/6Sbo3LmCXhOohfP9OOBw== X-Received: by 10.194.116.167 with SMTP id jx7mr322952wjb.218.1476798580879; Tue, 18 Oct 2016 06:49:40 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.54.215 with HTTP; Tue, 18 Oct 2016 06:49:40 -0700 (PDT) From: Samira Nazari Date: Tue, 18 Oct 2016 17:19:40 +0330 Message-ID: Subject: change packets with IPFW divert To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Oct 2016 13:49:42 -0000 Hello every one, When we diverte packets to the specified port with "IPFW divert" , we can change it and re-sent to the kernel? From owner-freebsd-ipfw@freebsd.org Tue Oct 18 14:23:00 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 18A3AC16C1D for ; Tue, 18 Oct 2016 14:23:00 +0000 (UTC) (envelope-from shashaness@hotmail.com) Received: from BLU004-OMC4S23.hotmail.com (blu004-omc4s23.hotmail.com [65.55.111.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "*.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AD9C8A77 for ; Tue, 18 Oct 2016 14:22:59 +0000 (UTC) (envelope-from shashaness@hotmail.com) Received: from NAM01-SN1-obe.outbound.protection.outlook.com ([65.55.111.136]) by BLU004-OMC4S23.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); Tue, 18 Oct 2016 07:21:52 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Leg390n0yina5OfQZxqoQ59/xrx/XqlDggsYZc/Vaz8=; b=A+Fk7lG9G/05vYVIsaNfuYzSxmdT44Pnd8quG/V9bz7yeDMuTouEJIGk8taqESu9a4D9ygrWzB8voWDhd7aAIOkJQnKbZ+UnqxzfpQUU9dci0rxsBc/vUlHdIPiZy11PiPN0ka7RkWCGm9kmLuESqCT+3THif5pItQ1833VvaJbkXuriXipforKWTCDbl3JNnb36nlB1vOPZsckA4d7cgMwgo6af8VMZKg0jS2vUy+DbZ2IF5U6tbzsi4v4MGoXjmSjNu9Xg7AVLX953Vv9xYw/GacpndNW9KZRasfm7UfKQcoro3rDYwjwjvIyZayvAIth5UTgsnnRlUQ7zJPOrrA== Received: from SN1NAM01FT045.eop-nam01.prod.protection.outlook.com (10.152.64.60) by SN1NAM01HT022.eop-nam01.prod.protection.outlook.com (10.152.64.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.5; Tue, 18 Oct 2016 14:21:51 +0000 Received: from CY1PR14MB0520.namprd14.prod.outlook.com (10.152.64.58) by SN1NAM01FT045.mail.protection.outlook.com (10.152.65.226) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.669.7 via Frontend Transport; Tue, 18 Oct 2016 14:21:50 +0000 Received: from CY1PR14MB0520.namprd14.prod.outlook.com ([10.164.71.150]) by CY1PR14MB0520.namprd14.prod.outlook.com ([10.164.71.150]) with mapi id 15.01.0659.025; Tue, 18 Oct 2016 14:21:50 +0000 From: Shawn Bakhtiar To: Samira Nazari CC: "freebsd-ipfw@freebsd.org" Subject: Re: change packets with IPFW divert Thread-Topic: change packets with IPFW divert Thread-Index: AQHSKUZ/bSJm7hSjFUab5SLxDG3Eq6CuQ1uA Date: Tue, 18 Oct 2016 14:21:50 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: freebsd.org; dkim=none (message not signed) header.d=none;freebsd.org; dmarc=none action=none header.from=hotmail.com; x-ms-exchange-messagesentrepresentingtype: 1 x-eopattributedmessage: 0 x-microsoft-exchange-diagnostics: 1; SN1NAM01HT022; 6:UIFvTLJfnie63IeJE319pA/xWICH18ybCtactdckntejeIVeNraL2uH1/j0TU9jNhpeURs+arC42OC+hS9z40oNYSoAMf+oyyF27CgYUavY07TdVuMP3RFphYf1tJRJcjv9d02+XDctUUj64pTAJRJqqYxjioFZrfhT8e97F41l9i2WxpipDwX9y/cDi1ii5nhsWH1H4UrZI5sBPVRTxH8D0LJNblxuwc0aoi/PjN3F8J4hvFAVJKxp03BVizlXHF/bsHMwirGO30dv/YsglJbifF1q33SA/JsO8Fvb7abY=; 5:ZkAHOL4rT+2TSbanv4WMQCo8CkHKOOFePecCsLNxntRz+5+2JnWGlmJUgbpZj7toSYjk5nNaI9RlZ0Qtr8f0goKyNh9rkpPwrxWgER77csjQZTetiynCKKUDAkbDlVL2qNhtiwCoa3XQGSsIO8b0Ag==; 24:wLXlr7JKY1lJFE7x8w8LQgFDyPFk16UybB2WntLCD5kGm1IOMy9Mscq/H+Se2KHHVGBldreQsdJZn5NxfNNJfVYv5Dyz3BJYCYFWhFnVy1E=; 7:sf7ItBbRnz0A0xCjUZL4BPxC55aIwBNIfQjT2je+Bd6pM3DWZbm4RUmRD6umh4Xey/o9Ont+7WfEU+NgCYxiG/ndCZIkNvtUA18yV9XZNs2tJE1RvAkVGFGf2G+vKg4nkrtTRpZB0L0LL4YOpsdJftyRhsFP/jHFJ45EwF64A9I35QjNpziMuwuKRhhPfVTFaqDhMoj6OMNPVmfTL6j8lauqzqmn8CVjpRhr5iK25eQLBbX1odXNQM8adGVURwtQ3D4vaht1WZoR5LC19qPciag21aDfkbM+QIxQdNTNehPTshs7o38lz5IjQBB4jKrJ0wnzS1O3qB3O5cqzf16gSw== x-forefront-antispam-report: EFV:NLI; SFV:NSPM; SFS:(10019020)(98900003); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1NAM01HT022; H:CY1PR14MB0520.namprd14.prod.outlook.com; FPR:; SPF:None; LANG:en; x-ms-office365-filtering-correlation-id: d1637536-e42a-4c85-76df-08d3f7621919 x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(1601124038)(1603103081)(1603101286)(1601125047); SRVR:SN1NAM01HT022; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(432015012)(82015046); SRVR:SN1NAM01HT022; BCL:0; PCL:0; RULEID:; SRVR:SN1NAM01HT022; x-forefront-prvs: 00997889E7 spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: hotmail.com X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Oct 2016 14:21:50.5609 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1NAM01HT022 X-OriginalArrivalTime: 18 Oct 2016 14:21:52.0809 (UTC) FILETIME=[F8F1F190:01D2294A] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Oct 2016 14:23:00 -0000 On Oct 18, 2016, at 6:49 AM, Samira Nazari > wrote: Hello every one, When we diverte packets to the specified port with "IPFW divert" , we can change it and re-sent to the kernel? _______________________________________________ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" Not sure what you mean by change it but: "Divert sockets are similar to raw IP sockets, except that they can be boun= d to a specific divert port via the bind(2) system call. The IP address in= the bind is ignored; only the port number is significant. A divert socket= bound to a divert port will receive all packets diverted to that port by s= ome (here unspecified) kernel mechanism(s). Packets may also be written to= a divert port, in which case they re-enter kernel IP packet processing." -- SRC: https://www.freebsd.org/cgi/man.cgi?query=3Ddivert&sektion=3D4&apro= pos=3D0&manpath=3DFreeBSD+10.3-RELEASE+and+Ports From owner-freebsd-ipfw@freebsd.org Tue Oct 18 16:04:05 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CC088C16481 for ; Tue, 18 Oct 2016 16:04:05 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 483BC300 for ; Tue, 18 Oct 2016 16:04:04 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id u9IG3wpE004499; Wed, 19 Oct 2016 03:03:59 +1100 (EST) (envelope-from smithi@nimnet.asn.au) Date: Wed, 19 Oct 2016 03:03:58 +1100 (EST) From: Ian Smith To: Shawn Bakhtiar cc: Samira Nazari , "freebsd-ipfw@freebsd.org" Subject: Re: change packets with IPFW divert In-Reply-To: Message-ID: <20161019023739.D6806@sola.nimnet.asn.au> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Oct 2016 16:04:05 -0000 On Tue, 18 Oct 2016 14:21:50 +0000, Shawn Bakhtiar wrote: > On Oct 18, 2016, at 6:49 AM, Samira Nazari > wrote: > > Hello every one, > > When we diverte packets to the specified port with "IPFW divert" , > > we can change it and re-sent to the kernel? > Not sure what you mean by change it but: > > "Divert sockets are similar to raw IP sockets, except that they can > be bound to a specific divert port via the bind(2) system call. The > IP address in the bind is ignored; only the port number is > significant. A divert socket bound to a divert port will receive all > packets diverted to that port by some (here unspecified) kernel > mechanism(s). Packets may also be written to a divert port, in which > case they re-enter kernel IP packet processing." > > -- SRC: https://www.freebsd.org/cgi/man.cgi?query=divert&sektion=4&apropos=0&manpath=FreeBSD+10.3-RELEASE+and+Ports Apart from divert(4), most likely the best example is the natd(8) code, which modifies packet source or destination addresses and (maybe) ports. Ignoring the NAT processing - or not, as appropriate - the way natd uses divert sockets both to receive packets from ipfw and later (perhaps) to reinject them for further processing should show clearly how it's done. cheers, Ian From owner-freebsd-ipfw@freebsd.org Wed Oct 19 05:56:12 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CF4D0C17DE0 for ; Wed, 19 Oct 2016 05:56:12 +0000 (UTC) (envelope-from nazari.s11@gmail.com) Received: from mail-wm0-x232.google.com (mail-wm0-x232.google.com [IPv6:2a00:1450:400c:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5E8366D5 for ; Wed, 19 Oct 2016 05:56:12 +0000 (UTC) (envelope-from nazari.s11@gmail.com) Received: by mail-wm0-x232.google.com with SMTP id c78so36632156wme.0 for ; Tue, 18 Oct 2016 22:56:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=zX4myONnbK2ErsMLq4KuSL17iiBaKtNwePHCWYTEiNg=; b=h4lQ68MfE4+k5cH978PuHQZAGgsqXDkmDuhzsF68K4jg1RQLOwvkPz/IXgPQiqBtrj TeKFMYBw93ZwYj7tEEvb1JXkaQ9w+MM7GkGDL2qvq5Ox9jQTOqSTHLh1nP4qt5mKG8Uw ova4ZxfgqVVmtDUFq/oEzFf5jJniJjaD8pfsqKFj+k7qs1UYdhbSvQUUco9qNSGtPwvh QW+LnOVP0EG6z2feljnz6Ad61JNnIMMEmGB8xBHheFeiYI0rt5VvKnDPiCBlDCMiyCDg pJrz8D7JQkGAAQGqPvBRwCU0XG4jiUDZYWzBkr0jMys2UANIPGF53fL+01rN+zOWJLUz 5Xpg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=zX4myONnbK2ErsMLq4KuSL17iiBaKtNwePHCWYTEiNg=; b=UvN6Mnc9Zi3VDqgPRw8VNqY+z+An4FepEdtpVBJjI8kM58G/KbXLwasbpP29IOZyUZ bSyp8B7C1IXefumos6k/YTHj0n2U+ftUVCRxeR/Kmo+gPPBWTwU9/TDS53R4y/EPBehp Osst+3k9zYeeNw/PK9B2IGfAat3JsBcFO9YfprBRmazw/ZJWdie2hkwPw8SAMfT7pOgX uRLqNlL7vEcBJPbPkaDyFljIP+MxOdaIDiijU84hzXKpHokiP/3uBnEXdQKdR6yPssHf M5zkVoifPozjeFX/G0oLkWN07mKvX+PuM6zRHGWmMhKcgUpOV7m2K9O2aQcRalz32fTb RIAQ== X-Gm-Message-State: AA6/9RmCaOx2BLZLpBwDd32192RgDK+g12cqu1mMdMaf7zwqJLWvgC6+PFsRqvXsJgA/lAHQNmQr/BqxTTge7w== X-Received: by 10.28.125.150 with SMTP id y144mr1187004wmc.77.1476856570317; Tue, 18 Oct 2016 22:56:10 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.54.215 with HTTP; Tue, 18 Oct 2016 22:56:09 -0700 (PDT) In-Reply-To: <20161019023739.D6806@sola.nimnet.asn.au> References: <20161019023739.D6806@sola.nimnet.asn.au> From: Samira Nazari Date: Wed, 19 Oct 2016 09:26:09 +0330 Message-ID: Subject: Re: change packets with IPFW divert To: Ian Smith Cc: Shawn Bakhtiar , "freebsd-ipfw@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Oct 2016 05:56:12 -0000 Thank you for all of your comments and help. In fact, I want to divert packets for one program that do header compression Sam, Naz On Tue, Oct 18, 2016 at 7:33 PM, Ian Smith wrote: > On Tue, 18 Oct 2016 14:21:50 +0000, Shawn Bakhtiar wrote: > > On Oct 18, 2016, at 6:49 AM, Samira Nazari > wrote: > > > Hello every one, > > > When we diverte packets to the specified port with "IPFW divert" , > > > we can change it and re-sent to the kernel? > > > Not sure what you mean by change it but: > > > > "Divert sockets are similar to raw IP sockets, except that they can > > be bound to a specific divert port via the bind(2) system call. The > > IP address in the bind is ignored; only the port number is > > significant. A divert socket bound to a divert port will receive all > > packets diverted to that port by some (here unspecified) kernel > > mechanism(s). Packets may also be written to a divert port, in which > > case they re-enter kernel IP packet processing." > > > > -- SRC: https://www.freebsd.org/cgi/man.cgi?query=divert&sektion= > 4&apropos=0&manpath=FreeBSD+10.3-RELEASE+and+Ports > > Apart from divert(4), most likely the best example is the natd(8) code, > which modifies packet source or destination addresses and (maybe) ports. > > Ignoring the NAT processing - or not, as appropriate - the way natd uses > divert sockets both to receive packets from ipfw and later (perhaps) to > reinject them for further processing should show clearly how it's done. > > cheers, Ian > From owner-freebsd-ipfw@freebsd.org Sat Oct 22 05:38:34 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F1519C1CD4C for ; Sat, 22 Oct 2016 05:38:34 +0000 (UTC) (envelope-from newsletter@mundoportugues.com.pt) Received: from smtp3.mundiventos.pt (smtp3.mundiventos.pt [213.63.139.41]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 033048BC for ; Sat, 22 Oct 2016 05:38:32 +0000 (UTC) (envelope-from newsletter@mundoportugues.com.pt) X-Sender: "comercial@voaleve.pt" X-Receiver: "freebsd-ipfw@freebsd.org" Message-ID: <1931d367c96d4b629bb5d72a4fac7233@9db152fd9e20453bb8deef0e4a3a4d3e> X-ECDMDNET: <2F751062D69572A996F472DA765D9F10B6C3675A5C145CA8><7B426592667ADC049FC53D52A7D18D5E30A370B041C5FA2E6C4C95F55E4866CED79DCDA7340028E6><0DB39FD4B00742FF644CD9396A71159DABD6839F48B1C326CAFC56414276D808><698C1CD78FD4D4879558166F4684564990FF79274470DD72> MIME-Version: 1.0 Sender: "comercial@voaleve.pt" From: "comercial@voaleve.pt" To: "freebsd-ipfw@freebsd.org" Reply-To: comercial@voaleve.pt Date: 19 Oct 2016 22:55:24 +0100 Subject: Investment Opportunities in Portugal - Algarve - Quinta do Lago Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Oct 2016 05:38:35 -0000