Re: [Bug 230048] Document existence of new ipfw queue types

2018-08-01 Thread Rasool Al-Saadi 

On 2/08/2018 1:05 PM, bugzilla-nore...@freebsd.org wrote:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230048 



Mark Linimon  changed:

What |Removed |Added

CC| |i...@freebsd.org
Keywords| |patch

--
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw 


To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"


A patch for ipfw man page that documents Dummynet's new AQMs (CoDel and 
PIE) and hybrid schedulers/AQMs (FQ-CoDel and FQ-PIE) submitted to 
FreeBSD's Phabricator on 27 Sep 2017. However, the patch is still under 
review. The patch includes descriptions, configurations, sysctl and 
examples for Dummynet's new AQMs/schedulers. You can find the patch at 
https://reviews.freebsd.org/D12507


Regards,
Rasool Al-Saadi
___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

[Bug 229970] [ipfw] bridge(4) with physical member igb denies trafiic from jail/epair until first pinged

2018-08-01 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229970

Mark Linimon  changed:

   What|Removed |Added

   Assignee|b...@freebsd.org|i...@freebsd.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

[Bug 230048] Document existence of new ipfw queue types

2018-08-01 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230048

Mark Linimon  changed:

   What|Removed |Added

 CC||i...@freebsd.org
   Keywords||patch

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

Re: Source IP NAT

2018-08-01 Thread Julian Elischer 

On 31/7/18 8:01 am, puneet_kumar kumar via freebsd-ipfw wrote:

Hi,
I am trying to change the IP of a TCP packet coming from client and send it to a 
server.  Client ->freebsd box --> Server. Let's say packet coming out from 
client has source IP: 1.1.1.1 and dst IP: 1.1.1.10, I am changing the IP of that 
packet to 1.1.1.100 in ether_input function. Reason behind changing it in ether_input 
is to do this NAT prior to hit any IPFW rule.
Problem is that packet is not been seen on server. I did check the code path 
taken without changing ip and with changing ip all the way to ipfw code and it 
looks like it is not dropping there. I am also recalculating the ip checksum so 
this cant be an issue either. Can someone suggest me what I am doing wrong?
Puneet
___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"



well  you have several possibilties..

ipfw can act in ether_input() and you can give it a different set of 
rules to run there so that it doesn't interfere with regular ipfw 
processing in ip.


Alternatively you could use netgraph to get the packets our and pass 
them to natd though that may take a small amount of coding.



___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"