[ Repost from freebsd-questions ] Hi, I have 4.9-RC router on a ADSL access and currently using ipfilter for statefull filtering+nat that is working well. ipfw2 is configured for a long time with a "pass all" policy. When i try to configure a pipe with queues for traffic shaping as described in the following message (see URL) the TCP connection gets frozen : http://mail.gnu.org/archive/html/mldonkey-users/2003-01/msg00911.html I tried to diagnose what happens and discovered that some packets are said "accepted" by IPfilter but never gets out of tun0 with pipe/queue activated. If i delete all IPFilter rules (pass all policy) traffic shaping is working right. Everything is working fine if i flush all pipes/queues from ipfw2 configuration but i have no traffic shaping. :/ So, my question is : Is there some incompatabilities between ipfw2/dummynet and IPFilter or maybe there is a bug somewhere ? -- Best regards, Artur Pydo.
Hi.> > So, my question is : Is there some incompatabilities > between > ipfw2/dummynet and IPFilter or maybe there is a bug > somewhere ? >I've used ipfw2 (dummynet/shaping) and ipfilter (firewall) on 4.7 (stable) and 5.1 (frozen branch) without any problems. But haven't tried it on 4.9. regards Claus Yahoo! Mail (http://dk.mail.yahoo.com) - Gratis: 6 MB lagerplads, spamfilter og virusscan
At 10:51 AM 11/10/2003, Artur Pydo wrote:>So, my question is : Is there some incompatabilities between >ipfw2/dummynet and IPFilter or maybe there is a bug somewhere ?I was seeing some strange things in a very similar setup --userland PPP to do PPPoE, ipnat for inbound and outbound NAT and then ipfw2. Even though I didnt use it, adding IPDIVERT to the kernel made the problem box stable again. ---Mike