Date: Sat, 17 Aug 2019 22:25:44 +0100 From: Andrew White <andywhite@gmail.com> To: freebsd-net@freebsd.org Subject: pf (rules and nat) + (ipfw + dummynet) Message-ID: <CAOZMOUFfzoVj2mtOHcQRpkrjU%2B02-kik%2BNt7m0_oELUW=H=RXg@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi Using 11.3 , I've been trying to configure pf with dummynet. Having ipfw reply traffic sent into a dummynet pipe causes pf to reject the traffic. Searching around and looking at ip_input.c it looks like dummynet reinjects the packet back into input and this is what causes the problem , I'm guessing the checksum changes. Is this a known behaviour and are there functioning patches ? I see projects like opnsense and pfsense have patches for ip_input.c to skip some of the code if it's a reinjected packet from dummynet I also see some work underway to separate dummynet from ipfw, is there any docs for the goals or timelines, will this allow dummynet anchors and use of dnctl to use pf with dummynet like in macos ? Kind regards Andy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOZMOUFfzoVj2mtOHcQRpkrjU%2B02-kik%2BNt7m0_oELUW=H=RXg>