packets redirected to loopback never appear in tcpdump
Hello,
Is this a bug of feature?
the test case:
# ifconfig lo1 192.168.0.1 up
# ping 192.168.0.1
64 bytes from 192.168.0.1: icmp_seq=0 ttl=255 time=0.200 ms
64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=0.111 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=0.110 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=255 time=0.111 ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=255 time=0.109 ms
# tcpdump -i lo1
tcpdump: listening on lo1, link-type LOOP
(shows nothing)
this also:
nat on rl0 from !(rl0) to any -> (rl0)
rdr on rl0 proto tcp from any to (rl0) port 1234 -> 192.168.0.1
block log all
pass in on rl0 proto tcp from any to 192.168.0.1 port 1234 keep state
redirect works just fine, but tcpdump again shows nothing.
found the hard way while trying to get altq working on lo1
# uname -a
OpenBSD greg.bestnet.kharkov.ua 4.4 GENERIC#1021 i386
dmesg is also attached
--
With best regards,
Gregory Edigarov
OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Celeron(R) CPU 2.00GHz ("GenuineIntel" 686-class) 2 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID,xTPR
real mem = 259551232 (247MB)
avail mem = 242520064 (231MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 12/17/03, BIOS32 rev. 0 @ 0xfdb30, SMBIOS
rev. 2.3 @ 0xf0630 (32 entries)
bios0: vendor American Megatrends Inc. version "P2.60" date 12/17/2003
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC
acpi0: wakeup devices USB1(S4) USB2(S4) USB3(S4) EHCI(S4) ICHB(S4) PS2M(S4)
PS2K(S4) UAR1(S4) MC9_(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 3 (ICHB)
acpicpu0 at acpi0
acpibtn0 at acpi0: PWRB
bios0: ROM list: 0xc/0xb400
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82845G Host" rev 0x03
vga1 at pci0 dev 2 function 0 "Intel 82845G Video" rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
agp0 at vga1: aperture at 0xd000, size 0x800
drm at vga1 unsupported
uhci0 at pci0 dev 29 function 0 "Intel 82801DB USB" rev 0x02: irq 11
uhci1 at pci0 dev 29 function 1 "Intel 82801DB USB" rev 0x02: irq 5
uhci2 at pci0 dev 29 function 2 "Intel 82801DB USB" rev 0x02: irq 12
ehci0 at pci0 dev 29 function 7 "Intel 82801DB USB" rev 0x02: irq 10
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb0 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0x82
pci1 at ppb0 bus 3
rl0 at pci1 dev 6 function 0 "Realtek 8139" rev 0x10: irq 5, address
00:30:4f:23:15:f0
rlphy0 at rl0 phy 0: RTL internal PHY
rl1 at pci1 dev 10 function 0 "Realtek 8139" rev 0x10: irq 3, address
00:0b:6a:f8:3e:e3
rlphy1 at rl1 phy 0: RTL internal PHY
ichpcib0 at pci0 dev 31 function 0 "Intel 82801DB LPC" rev 0x02
pciide0 at pci0 dev 31 function 1 "Intel 82801DB IDE" rev 0x02: DMA, channel 0
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0:
wd0: 16-sector PIO, LBA48, 38204MB, 78242976 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 disabled (no drives)
auich0 at pci0 dev 31 function 5 "Intel 82801DB AC97" rev 0x02: irq 3, ICH4 AC97
ac97: codec id 0x434d4961 (C-Media Electronics CMI9739)
audio0 at auich0
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0:
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
wbsio0 at isa0 port 0x2e/2: W83627HF rev 0x17
lm1 at wbsio0 port 0x290/8: W83627HF
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask fd65 netmask fd6d ttymask
mtrr: Pentium Pro MTRR support
uhidev0 at uhub1 port 1 configuration 1 interface 0 "Logitech USB-PS/2 Optical
Mouse" rev 2.00/11.10 addr 2
uhidev0: iclass 3/1
ums0 at uhidev0: 3 buttons, Z dir
wsmouse0 at ums0 mux 0
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
Re: packets redirected to loopback never appear in tcpdump
Gregory Edigarov wrote: Hello, Is this a bug of feature? the test case: This works for me with 4.5-beta: $ sudo ifconfig lo1 192.168.3.1 Password: $ ping 192.168.3.1 PING 192.168.3.1 (192.168.3.1): 56 data bytes 64 bytes from 192.168.3.1: icmp_seq=0 ttl=255 time=0.036 ms 64 bytes from 192.168.3.1: icmp_seq=1 ttl=255 time=0.026 ms 64 bytes from 192.168.3.1: icmp_seq=2 ttl=255 time=0.034 ms $ sudo tcpdump -i lo1 tcpdump: listening on lo1, link-type LOOP 18:38:59.733246 192.168.3.1 > 192.168.3.1: icmp: echo request 18:38:59.733252 192.168.3.1 > 192.168.3.1: icmp: echo reply 18:39:00.743249 192.168.3.1 > 192.168.3.1: icmp: echo request $ uname -a OpenBSD bigio.snb.it 4.5 GENERIC.MP#0 amd64 Cheers Giovanni
Re: packets redirected to loopback never appear in tcpdump
On 2009-02-24, Gregory Edigarov wrote: > Is this a bug of feature? > the test case: > > # ifconfig lo1 192.168.0.1 up > > # ping 192.168.0.1 > 64 bytes from 192.168.0.1: icmp_seq=0 ttl=255 time=0.200 ms > 64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=0.111 ms > 64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=0.110 ms > 64 bytes from 192.168.0.1: icmp_seq=3 ttl=255 time=0.111 ms > 64 bytes from 192.168.0.1: icmp_seq=4 ttl=255 time=0.109 ms this should work. how does your routing table look?
Re: packets redirected to loopback never appear in tcpdump
Stuart Henderson wrote:
On 2009-02-24, Gregory Edigarov wrote:
Is this a bug of feature?
the test case:
# ifconfig lo1 192.168.0.1 up
# ping 192.168.0.1
64 bytes from 192.168.0.1: icmp_seq=0 ttl=255 time=0.200 ms
64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=0.111 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=255 time=0.110 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=255 time=0.111 ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=255 time=0.109 ms
this should work. how does your routing table look?
Ok, so here is more on the test case... the initial idea was to shape
some traffic destined
to services settling on the host by redirecting it to lo1, then
pointing services to listen on
the IP of lo1.
*
# ifconfig lo1
lo1: flags=8149 mtu 33204
groups: lo
inet 192.168.0.1 netmask 0xff00
# route -n show
Routing tables
Internet:
DestinationGatewayFlags Refs Use Mtu Prio
Iface
default80.92.224.1UGS8 161457 -48 rl0
80.92.224.0/27 link#1 UC 30 -48 rl0
80.92.224.100:04:4d:39:59:20 UHLc 10 -48 rl0
80.92.224.10 00:50:8d:61:96:65 UHLc 0 15 -48 rl0
80.92.224.20 00:07:e9:05:1e:ec UHLc 0 103 -48 rl0
127.0.0.1 127.0.0.1 UH 00 3320448 lo0
192.168.0.1192.168.0.1UH 0 376 3320448 lo1
*
# cat
/etc/pf.conf
table persist
table persist
table persist
table persist
table persist
set ruleset-optimization none
scrub all
#altq on lo1 cbq bandwidth 5Mb queue { std, ext}
#queue std bandwidth 10% cbq(default)
#queue ext bandwidth 90% cbq
nat on rl0 from 192.168.0.1 to any -> (rl0)
rdr on rl0 proto tcp from any to (rl0) port 1234 -> (lo1)
block log all
pass out on rl0
pass in on rl0 proto tcp from any to (rl0) port ftp keep state
pass in on rl0 proto tcp from any to (rl0) port ftp-data keep state
pass in on rl0 proto tcp from any to (rl0) port ssh keep state \
(max-src-conn 3, max-src-conn-rate 1/60, overload flush global)
pass in on rl0 proto tcp from 194.6.232.83 to (rl0) port ssh keep state
pass in on rl0 proto tcp from any to (rl0) port smtp keep state
pass in on rl0 proto tcp from any to (rl0) port 4662 keep state
pass in on rl0 proto tcp from any to 192.168.0.1 port 1234 keep state
pass in on rl0 proto udp from any to (rl0) port 4665 keep state
pass in on rl0 proto udp from any to (rl0) port 4672 keep state
pass in on rl0 inet proto icmp from any to (rl0) icmp-type echoreq
block drop in log on rl0 from to (rl0)
pass on rl0 from to any
pass on rl0 from any to
pass on lo0
pass on lo1
#pass on lo1 queue std
**
on this host we run 'nc -l 1234', or this simple C test, just to be sure
we are listening on right socket:
#include
#include
#include
#include
#include
#define TRUE 1
/*
* This program creates a socket and then begins an infinite loop. Each time
* through the loop it accepts a connection and prints out messages from
it.
* When the connection breaks, or a termination message comes through, the
* program accepts a new connection.
*/
main()
{
int sock, length;
struct sockaddr_in server;
int msgsock;
char buf[1024];
int rval;
int i;
/* Create socket */
sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock < 0) {
perror("opening stream socket");
exit(1);
}
/* Name socket using wildcards */
server.sin_family = AF_INET;
server.sin_addr.s_addr = inet_addr("192.168.0.1");
server.sin_port = htons (1234);
if (bind(sock, &server, sizeof(server))) {
perror("binding stream socket");
exit(1);
}
/* Find out assigned port number and print it out */
length = sizeof(server);
if (getsockname(sock, &server, &length)) {
perror("getting socket name");
exit(1);
}
printf("Socket has port #%d\en", ntohs(server.sin_port));
/* Start accepting connections */
listen(sock, 5);
do {
msgsock = accept(sock, 0, 0);
if (msgsock == -1)
perror("accept");
else do {
bzero(buf, sizeof(buf));
if ((rval = read(msgsock, buf, 1024)) < 0)
perror("reading stream message");
i = 0;
if (rval == 0)
