AT Matik wrote:
what do you mean? By setting to 0 the packages are not re-injected into the pipe but go through other existing rules after the matching pipe, or not?
When you reset net.inet.ip.fw.one_pass to zero, packets return back into ipfw to the next rule after dummynet/netgraph. And if you have similar rules packets will be passed into dummynet/netgraph again. This is example how to get double fault (from mail archive): ifconfig em0 192.168.0.2/24 kldload ipfw kldload dummynet sysctl net.inet.ip.fw.one_pass=0 ipfw pipe 2 config bw 0 ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ipfw add 2 pipe 2 ip from any to any ping 192.168.0.1 -- WBR, Andrey V. Elsukov _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"
