Date: Thu, 13 May 2004 13:11:34 +0400 From: Gleb Smirnoff <glebius@cell.sick.ru> To: Eugene Grosbein <eugen@kuzbass.ru> Cc: net@freebsd.org Subject: Re: ipfw: reset tcp Message-ID: <20040513091134.GA31609@cell.sick.ru> In-Reply-To: <40A345F9.1460F5C4@kuzbass.ru> References: <40A3393F.1391943E@kuzbass.ru> <20040513012344.A12373@xorpc.icir.org> <40A34082.F0182B31@kuzbass.ru> <20040513013717.A16394@xorpc.icir.org> <40A345F9.1460F5C4@kuzbass.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 13, 2004 at 05:55:05PM +0800, Eugene Grosbein wrote: E> Please make it possible (using sysctl or any other mean) to E> disable M_SKIP_FIREWALL for such packets (I suppose 'unreach' rules E> are affected too). I DO need to process ALL outgoing packets. E> For exapmle, I must use 'ipfw fwd' (to implement policy routing) E> for the packets with source IP like this. Better idea is to separate policy routing decisions from packet filter. However, implementing this is much more difficult, than just removing one string from send_pkt(). -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040513091134.GA31609>