Re: getting packets on a specific port by pf
hi, suddenly this occured to my mind that, as you know, each firewall has a virtual interface on system which they listen to.. so, isn't it possible to just forward required packets from ipfw to pf's virtual if? i have to mention that this is just an all-of-a-sudden idea and i'm not sure about it's being right at all.. may be someone else can give both of us a tip on its being right or wrong?? :) regards, takCoder Best Regards, t.a.k On Thu, Nov 8, 2012 at 5:30 PM, s m sam.gh1...@gmail.com wrote: dear takcoder maybe you are right but now it is not important for me. i want to get packets by pf in order to set packet's TOS bit (packets which comes from IPFW). have you any suggestion? thanks for your attention sam On Thu, Nov 8, 2012 at 4:11 PM, takCoder tak.offic...@gmail.com wrote: hey sam, i don't know the exact answer for your question.. but a question occurred in my mind.. what's your final purpose of doing so? what do you exactly mean by the phrase to change them?? and don't you think that this sequence of firewalls has a deep effect on your system performance? in my idea this seems just like a throughput bottleneck.. isn't it so? or it's not important here? any how.. if you tell us more details about what you're looking for, may be it become more clear for guys such as me! ;) yours, takcoder On Thu, Nov 8, 2012 at 3:53 PM, s m sam.gh1...@gmail.com wrote: hello guys i have a problem with getting packets which are diverted to a specific port by PF. i mean i diverted my packets to a specific port by IPFW and want to get these packets by PF to change them. i used ipfw add 1000 divert 8000 all form any to any command to divert my packets. how can i get these packets by pf on port number 8000? pf has divert-reply option. should i use it to get packets? how? any comments or hints are really appreciated. thanks, sam ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
getting packets on a specific port by pf
hello guys i have a problem with getting packets which are diverted to a specific port by PF. i mean i diverted my packets to a specific port by IPFW and want to get these packets by PF to change them. i used ipfw add 1000 divert 8000 all form any to any command to divert my packets. how can i get these packets by pf on port number 8000? pf has divert-reply option. should i use it to get packets? how? any comments or hints are really appreciated. thanks, sam ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: getting packets on a specific port by pf
hey sam, i don't know the exact answer for your question.. but a question occurred in my mind.. what's your final purpose of doing so? what do you exactly mean by the phrase to change them?? and don't you think that this sequence of firewalls has a deep effect on your system performance? in my idea this seems just like a throughput bottleneck.. isn't it so? or it's not important here? any how.. if you tell us more details about what you're looking for, may be it become more clear for guys such as me! ;) yours, takcoder On Thu, Nov 8, 2012 at 3:53 PM, s m sam.gh1...@gmail.com wrote: hello guys i have a problem with getting packets which are diverted to a specific port by PF. i mean i diverted my packets to a specific port by IPFW and want to get these packets by PF to change them. i used ipfw add 1000 divert 8000 all form any to any command to divert my packets. how can i get these packets by pf on port number 8000? pf has divert-reply option. should i use it to get packets? how? any comments or hints are really appreciated. thanks, sam ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: getting packets on a specific port by pf
dear takcoder maybe you are right but now it is not important for me. i want to get packets by pf in order to set packet's TOS bit (packets which comes from IPFW). have you any suggestion? thanks for your attention sam On Thu, Nov 8, 2012 at 4:11 PM, takCoder tak.offic...@gmail.com wrote: hey sam, i don't know the exact answer for your question.. but a question occurred in my mind.. what's your final purpose of doing so? what do you exactly mean by the phrase to change them?? and don't you think that this sequence of firewalls has a deep effect on your system performance? in my idea this seems just like a throughput bottleneck.. isn't it so? or it's not important here? any how.. if you tell us more details about what you're looking for, may be it become more clear for guys such as me! ;) yours, takcoder On Thu, Nov 8, 2012 at 3:53 PM, s m sam.gh1...@gmail.com wrote: hello guys i have a problem with getting packets which are diverted to a specific port by PF. i mean i diverted my packets to a specific port by IPFW and want to get these packets by PF to change them. i used ipfw add 1000 divert 8000 all form any to any command to divert my packets. how can i get these packets by pf on port number 8000? pf has divert-reply option. should i use it to get packets? how? any comments or hints are really appreciated. thanks, sam ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
