List Info

Thread: anyone tried the Multi routing table code yet?
anyone tried the Multi routing table code yet?
country flaguser name
United States		 2008-05-23 19:39:17 
subject says it all really..
_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: anyone tried the Multi routing table code yet?
user name
 2008-05-23 19:51:08 
    0n Fri, May 23, 2008 at 05:39:17PM -0700, Julian
Elischer wrote: 

    >subject says it all really..

No, but I would like to ... if you could hold my hand 

 -aW

IMPORTANT: This email remains the property of the Australian
Defence Organisation and is subject to the jurisdiction of
section 70 of the CRIMES ACT 1914.  If you have received
this email in error, you are requested to contact the sender
and delete the email.


_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: anyone tried the Multi routing table code yet?
user name
 2008-05-30 03:18:15 
On Sat, May 24, 2008 at 6:09 AM, Julian Elischer
<julianelischer.org> wrote:
> subject says it all really..

I am using pf and rtable to setfib and get an pfctl:
DIOCADDRULE:
Device busy when trying to load "pass in quick on fxp0
from any to any
keep state rtable 1"

I can successfully load "pass in quick on fxp0 all
flags S/SA keep
state rtable 0" I am testing on FreeBSD CURRENT.

My routing tables are:


[rootdaemon /etc]# setfib -0 netstat -nrf inet
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use
 Netif Expire
default            192.168.3.100      UGS         0     2025
  fxp0
127.0.0.1          127.0.0.1          UH          0        0
   lo0
192.168.3.0/24     link#1             UC          0        0
  fxp0
192.168.3.54       00:40:f4:b7:d7:ee  UHLW        1       40
  fxp0   1179
192.168.3.100      00:80:48:38:1a:df  UHLW        2      149
  fxp0   1173
192.168.4.0/24     link#1             UC          0        0
  fxp0
192.168.4.4        00:80:48:1f:48:26  UHLW        1      141
  fxp0   1120
192.168.5.0/24     link#3             UC          0        0
  rue0
[rootdaemon /etc]# setfib -1 netstat -nrf inet
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use
 Netif Expire
default            192.168.5.4        UGS         0       13
  rue0
127.0.0.1          127.0.0.1          UH          0        0
   lo0
192.168.3.0/24     link#1             UC          0        0
  fxp0
192.168.3.54       00:40:f4:b7:d7:ee  UHLW        1        0
  fxp0   1176
192.168.3.100      00:80:48:38:1a:df  UHLW        1        5
  fxp0   1170
192.168.4.0/24     link#1             UC          0        0
  fxp0
192.168.4.4        00:80:48:1f:48:26  UHLW        1        0
  fxp0   1117
192.168.5.0/24     link#3             UC          0        0
  rue0

btw, does the rtable syntax allow to set route for packets
generated
by the pf host itself (like packets from squid). The catch
is that
they cannot be matched via a "pass in" rule, they
are matched only on
a "pass out" rule.

Thanks and regards,

raj
_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: anyone tried the Multi routing table code yet?
country flaguser name
United States		 2008-05-30 04:45:32 
Rajkrishna S wrote:
> On Sat, May 24, 2008 at 6:09 AM, Julian Elischer
<julianelischer.org> wrote:
>> subject says it all really..
> 
> I am using pf and rtable to setfib and get an pfctl:
DIOCADDRULE:
> Device busy when trying to load "pass in quick on
fxp0 from any to any
> keep state rtable 1"
> 

I'm not really familiar with the pf syntax
as I didn't do that part of the patch (max laier (CC'd)
did)
and I don't use pf.

Max may be able to see if the patch to the pf code ahs an
error.



> I can successfully load "pass in quick on fxp0 all
flags S/SA keep
> state rtable 0" I am testing on FreeBSD CURRENT.
> 
> My routing tables are:
> 
> 
> [rootdaemon /etc]# setfib -0 netstat -nrf inet
> Routing tables
> 
> Internet:
> Destination        Gateway            Flags    Refs    
 Use  Netif Expire
> default            192.168.3.100      UGS         0    
2025   fxp0
> 127.0.0.1          127.0.0.1          UH          0    
   0    lo0
> 192.168.3.0/24     link#1             UC          0    
   0   fxp0
> 192.168.3.54       00:40:f4:b7:d7:ee  UHLW        1    
  40   fxp0   1179
> 192.168.3.100      00:80:48:38:1a:df  UHLW        2    
 149   fxp0   1173
> 192.168.4.0/24     link#1             UC          0    
   0   fxp0
> 192.168.4.4        00:80:48:1f:48:26  UHLW        1    
 141   fxp0   1120
> 192.168.5.0/24     link#3             UC          0    
   0   rue0
> [rootdaemon /etc]# setfib -1 netstat -nrf inet
> Routing tables
> 
> Internet:
> Destination        Gateway            Flags    Refs    
 Use  Netif Expire
> default            192.168.5.4        UGS         0    
  13   rue0
> 127.0.0.1          127.0.0.1          UH          0    
   0    lo0
> 192.168.3.0/24     link#1             UC          0    
   0   fxp0
> 192.168.3.54       00:40:f4:b7:d7:ee  UHLW        1    
   0   fxp0   1176
> 192.168.3.100      00:80:48:38:1a:df  UHLW        1    
   5   fxp0   1170
> 192.168.4.0/24     link#1             UC          0    
   0   fxp0
> 192.168.4.4        00:80:48:1f:48:26  UHLW        1    
   0   fxp0   1117
> 192.168.5.0/24     link#3             UC          0    
   0   rue0
> 
> btw, does the rtable syntax allow to set route for
packets generated
> by the pf host itself (like packets from squid). The
catch is that
> they cannot be matched via a "pass in" rule,
they are matched only on
> a "pass out" rule.

I don't know about pf, but in ipfw it definitely can be any
packet at 
any time, but the outgoing packets have already made their
routing 
decision before they hit the firewall so even though a table
is 
associated with the packet, it's too late :-/ it has to be
associated 
with the socket itself to really have effect.

> 
> Thanks and regards,
> 
> raj
> _______________________________________________
> freebsd-netfreebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"

_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
Re: anyone tried the Multi routing table code yet?
user name
 2008-06-05 14:31:22 
On Friday 30 May 2008 11:45:32 Julian Elischer wrote:
> Rajkrishna S wrote:
> > On Sat, May 24, 2008 at 6:09 AM, Julian Elischer
<julianelischer.org> 
wrote:
> >> subject says it all really..
> >
> > I am using pf and rtable to setfib and get an
pfctl: DIOCADDRULE:
> > Device busy when trying to load "pass in
quick on fxp0 from any to
> > any keep state rtable 1"
>
> I'm not really familiar with the pf syntax
> as I didn't do that part of the patch (max laier (CC'd)
did)
> and I don't use pf.
>
> Max may be able to see if the patch to the pf code ahs
an error.

See attached - stupid error, my bad.  Confirmed to work now,
with limited 
testing, though.

-- 
/"  Best regards,                      | mlaierfreebsd.org
 /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.l
ove2party.net/  | mlaierEFnet
/   ASCII Ribbon Campaign              | Against HTML Mail
and News

_______________________________________________
freebsd-netfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscribefreebsd.org"
[1-5]

about | contact  Other archives ( Real Estate discussion Medical topics )