Date: Tue, 23 Jul 2002 10:16:10 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Dmitry Demyanchuk <dd@skynet.lt> Cc: ipfw@FreeBSD.ORG Subject: Re: ipfw2 bug? Message-ID: <20020723101609.B74719@iguana.icir.org> In-Reply-To: <DLEHKBDBCBAOBMIAHCBEGEADCAAA.dd@skynet.lt>; from dd@skynet.lt on Tue, Jul 23, 2002 at 12:46:06PM %2B0200 References: <DLEHKBDBCBAOBMIAHCBEGEADCAAA.dd@skynet.lt>
next in thread | previous in thread | raw e-mail | index | archive | help
#1 -- i tried "forward" and it seemed to work. The definitive test
would be to make sure that the same exact ruleset works with the old ipfw, and
in case send me the offending ruleset and the traffic
that does not work for you. Of course the
combination ipfw&natd+ipf&ipnat is the messiest thing you
can have in the world so i won't promise results....
#2 as someone noticed is probably your shell expanding {1,2}
-- mine (plain sh) doesn't. In case, put a \ before the braces.
#3 -- if you have some rules that cause crashes, please post them
as I obviously have all the interest in fixing these bugs.
cheers
luigi
On Tue, Jul 23, 2002 at 12:46:06PM +0200, Dmitry Demyanchuk wrote:
> Im using a combination of ipfw&natd+ipf&ipnat together on my router running
> fbsd4.6-stable.
> Upgrading the ipfw to ipfw2 had the following results:
>
> 1) i dont know if it is a bug, but the fwd action appears to be disabled in
> IPFW2. Monitoring the interface with tcpdump, there is no forwarded traffic,
> but the rule counter keep on increasing.
>
> 2) im getting the following message:
> root@hydra:/usr/src/sys:> ipfw add 25 allow ip from 10.1.1.0/24{1,2} to any
> ipfw: bad width ``241''
> root@hydra:/usr/src/sys:>
>
> sources used and working so far:
> FreeBSD 4.6-STABLE #0: Tue Jul 23 01:19:17 EET 2002
> * $FreeBSD: src/sbin/ipfw/ipfw2.c,v 1.2 2002/07/05 22:43:06 luigi Exp $
> * $FreeBSD: src/sys/netinet/ip_fw.h,v 1.73 2002/07/17 07:21:42 luigi Exp $
> * $FreeBSD: src/sys/netinet/ip_fw2.c,v 1.5 2002/07/14 23:47:18 luigi Exp $
> * $FreeBSD: src/sys/netinet/ip_dummynet.c,v 1.24.2.15 2002/07/18 04:43:52
> luigi Exp $
> * $FreeBSD: src/sys/netinet/ip_dummynet.h,v 1.10.2.5 2002/07/09 09:11:42
> luigi Exp $
> ip_fw2.h from ipfw2.stable.020715.diffs patch
>
> other "set" of sources caused the box to crash/panic when packet hit any of
> the pipe/dummynet rule
>
> -------------------------
> Dmitry Demyanchuk
> SkyNET SA
> http://www.skynet.lt
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-ipfw" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020723101609.B74719>