Date: Mon, 14 Apr 2008 14:39:48 -0400 From: Jung-uk Kim <jkim@FreeBSD.org> To: freebsd-net@FreeBSD.org Cc: Eugene Grosbein <eugen@kuzbass.ru> Subject: Re: bpf does not see packets forwarded with ipfw fwd Message-ID: <200804141439.52231.jkim@FreeBSD.org> In-Reply-To: <20080412062251.GA2199@svzserv.kemerovo.su> References: <20080412062251.GA2199@svzserv.kemerovo.su>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-00=_4T6AI2V2Lk3dFXI
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
On Saturday 12 April 2008 02:22 am, Eugene Grosbein wrote:
> Hi!
>
> One of 7.0 users has reported in some cyrillic newsgroup
> a problem that I have reproduced in my 7.0-STABLE system.
> That is: tcpdump does not show locally originated outgoing IP
> packets that were processed by 'ipfw fwd' rule. The same
> configuration presents no problems with 6.3-STABLE.
>
> Consider simple schema: two FreeBSD boxes (A and B) directly
> connected with ethernet intefaces. The box A has another ethernet
> interface and uses "ipfw fwd" as its very first ipfw rule to
> forward some packets to B, while these packets would normally go
> out trough mentioned another interface. Now, tcpdump does NOT show
> outgoing packets but host B also runs tcpdump on its incoming
> interface and does see them.
>
> I double-checked all paramerets for tcpdump, all routing tables.
> I even connected A and B with cross-over ethernet cable, without a
> switch. Still, B sees incoming packets coming over the cable and A
> does not see them leaving. This bothers me a bit :-)
Can you try the attached patch?
Thanks!
Jung-uk Kim
--Boundary-00=_4T6AI2V2Lk3dFXI
Content-Type: text/plain;
charset="iso-8859-1";
name="bpf.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="bpf.diff"
Index: sys/net/bpf.c
===================================================================
RCS file: /home/ncvs/src/sys/net/bpf.c,v
retrieving revision 1.191
diff -u -r1.191 bpf.c
--- sys/net/bpf.c 7 Apr 2008 02:51:00 -0000 1.191
+++ sys/net/bpf.c 14 Apr 2008 18:37:07 -0000
@@ -88,8 +88,6 @@
#define PRINET 26 /* interruptible */
-#define M_SKIP_BPF M_SKIP_FIREWALL
-
/*
* bpf_iflist is a list of BPF interface structures, each corresponding to a
* specific DLT. The same network interface might have several BPF interface
@@ -843,9 +841,9 @@
mc = m_dup(m, M_DONTWAIT);
if (mc != NULL)
mc->m_pkthdr.rcvif = ifp;
- /* XXX Do not return the same packet twice. */
+ /* Set M_PROMISC as it is seen already. */
if (d->bd_direction == BPF_D_INOUT)
- m->m_flags |= M_SKIP_BPF;
+ m->m_flags |= M_PROMISC;
} else
mc = NULL;
@@ -1588,8 +1586,9 @@
int gottime;
struct timeval tv;
- if (m->m_flags & M_SKIP_BPF) {
- m->m_flags &= ~M_SKIP_BPF;
+ /* Clear M_PROMISC if it is re-entered. */
+ if (m->m_flags & M_PROMISC) {
+ m->m_flags &= ~M_PROMISC;
return;
}
@@ -1642,8 +1641,9 @@
int gottime;
struct timeval tv;
- if (m->m_flags & M_SKIP_BPF) {
- m->m_flags &= ~M_SKIP_BPF;
+ /* Clear M_PROMISC if it is re-entered. */
+ if (m->m_flags & M_PROMISC) {
+ m->m_flags &= ~M_PROMISC;
return;
}
--Boundary-00=_4T6AI2V2Lk3dFXI--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200804141439.52231.jkim>