Re: Why natd don't divert packets?
From: denb [EMAIL PROTECTED] Sent: Friday, March 07, 2003 5:22 AM Subject: Re: Why natd don't divert packets? Bernd Walter [EMAIL PROTECTED]: On Fri, Mar 07, 2003 at 11:51:45AM +0300, denb wrote: This working in FreeBSD4.7(ipfw1), but broken in FreeBSD 5.0 (ipfw2). Why? This is an issue triggered by compiling libalias with -O2. Recompile libalias without -O2 and recompile natd so it binds to the rebuild libalias.a The problem wasn't there a month ago. See -current list for firther details. -- B.WalterCOSMO-Project http://www.cosmo-project.de [EMAIL PROTECTED] Usergroup [EMAIL PROTECTED] I ran this on FreeBSD 5.0-RELEASE, not CURRENT. Any suggestions? 5.0 REL was -CURRENT as of the date of the release. This makes you an early adopter ---congratulations! As you are running the the first release from that branch (-CURRENT), I'd think his explanation would be worth looking into...maybe he meant 'six weeks' instead of a 'month', which would put it well within the dates delineated by your -RELEASE version. Kevin Kinsey, DaleCo, S.P Also this don't work on 5.0-CURRENT-20030226-JPSNAP To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Why natd don't divert packets?
Why natd don't divert packets? *screenshot*** #ipfw add divert tcp from any to any 7 #ipfw add divert tcp from any 7 to any #natd -v -p -a 172.16.0.102 -redirect_port tcp 172.16.0.253:7 7 In [TCP] [TCP] 172.16.0.104:49169 - 172.16.0.102:7 aliased to [TCP] 172.16.0.104:49169 - 172.16.0.253:7 In [TCP] [TCP] 172.16.0.104:49169 - 172.16.0.102:7 aliased to [TCP] 172.16.0.104:49169 - 172.16.0.253:7 ^C *screenshot*** Where is Out[TCP]? Rules after natd running (why second rule has 0 in packets number?): *screenshot*** #ipfw show 0001 6 180 divert tcp from any to any dst-port 7 0002 00 divert tcp from any 7 to any *screenshot*** To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Why natd don't divert packets?
Clement Laforet [EMAIL PROTECTED]: On Fri, 7 Mar 2003 11:02:06 +0300 (MSK) denb [EMAIL PROTECTED] wrote: Why natd don't divert packets? *screenshot*** #ipfw add divert tcp from any to any 7 #ipfw add divert tcp from any 7 to any #natd -v -p -a 172.16.0.102 -redirect_port tcp 172.16.0.253:7 7 In [TCP] [TCP] 172.16.0.104:49169 - 172.16.0.102:7 aliased to [TCP] 172.16.0.104:49169 - 172.16.0.253:7 In [TCP] [TCP] 172.16.0.104:49169 - 172.16.0.102:7 aliased to [TCP] 172.16.0.104:49169 - 172.16.0.253:7 ^C *screenshot*** Where is Out[TCP]? Your boxes seems to be on the same subnet, out packets are directly sent to 172.16.0.104, not 172.16.0.102 nat'ing implies routing, so natd is inefficient in your case clem This working in FreeBSD4.7(ipfw1), but broken in FreeBSD 5.0(ipfw2). Why? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Why natd don't divert packets?
Bernd Walter [EMAIL PROTECTED]: On Fri, Mar 07, 2003 at 11:51:45AM +0300, denb wrote: This working in FreeBSD4.7(ipfw1), but broken in FreeBSD 5.0 (ipfw2). Why? This is an issue triggered by compiling libalias with -O2. Recompile libalias without -O2 and recompile natd so it binds to the rebuild libalias.a The problem wasn't there a month ago. See -current list for firther details. -- B.Walter COSMO-Project http://www.cosmo- project.de [EMAIL PROTECTED] Usergroup [EMAIL PROTECTED] I ran this on FreeBSD 5.0-RELEASE, not CURRENT. Any suggestions? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Question about divert in ipfw2 on 5.0 release
I write program simular to natd, witch receives packets at divert port X. Question: On ipfw1 (FreeBSD 4.7) this rules work excellent: ipfw add divert X from any to any Y ipfw add divert X from any Y to any We're diverting all received and sended packets (from\to port Y) to divert port X. But these rules are not working together with ipfw2 (5.0 Release). Each single rule works fine, but when i combine them together only first of them triggers. The order doesn't matter. What am I doing wrong? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
