From nobody@FreeBSD.org  Mon Apr 21 12:25:05 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3F664106567A
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 21 Apr 2008 12:25:05 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 30F978FC2E
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 21 Apr 2008 12:25:05 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m3LCOiJl012916
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 21 Apr 2008 12:24:44 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m3LCOio3012915;
	Mon, 21 Apr 2008 12:24:44 GMT
	(envelope-from nobody)
Message-Id: <200804211224.m3LCOio3012915@www.freebsd.org>
Date: Mon, 21 Apr 2008 12:24:44 GMT
From: Mykola Zubach <zuborg@advancedhosters.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: tcpdump does not show packets redirected by 'ipfw fwd' on proper interface
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         122963
>Category:       kern
>Synopsis:       [ipfw] tcpdump does not show packets redirected by 'ipfw fwd' on proper interface
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ipfw
>State:          feedback
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 21 12:30:01 UTC 2008
>Closed-Date:    
>Last-Modified:  Thu Jan 16 11:20:00 UTC 2014
>Originator:     Mykola Zubach
>Release:        7.0
>Organization:
AdvancedHosters.com
>Environment:
FreeBSD TRAF01 7.0-RELEASE FreeBSD 7.0-RELEASE #3: Fri Apr 18 12:50:16 UTC 2008     root@TRAF01:/usr/obj/usr/src/sys/Z  i386
>Description:
I'm using 'ipfw fwd' feature to split outgoing traffic between two
interfaces, attached to same switch which have 2G uplink:

00100  0 0 prob 0.500000 fwd 192.168.1.1 tcp from any 80 to any out via em0

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=db<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,POLLING,VLAN_HWCSUM>
        ether 00:30:48:91:59:0c
        inet 1.2.3.4 netmask 0xfffffc00 broadcast 1.2.3.4
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=db<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,POLLING,VLAN_HWCSUM>
        ether 00:30:48:91:59:0d
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active

I'm using 192.168.1.2/24 ip on em1 because I set up static arp:
? (192.168.1.1) at 00:1d:46:bf:17:43 on em1 permanent [ethernet]
? (192.168.1.2) at 00:30:48:91:59:0d on em1 permanent [ethernet]
? (1.2.3.5) at 00:1d:46:bf:17:43 on em0 [ethernet]

where 1.2.3.5 is default gateway, so 'ipfw fwd' will forward traffic to
same MAC-address as of default gateway, but using em1 instead of em0.

This setup works as expected, but the problem is that 'tcpdump' utility
doesn't show forwared packets on em1.

Even on em0 packets are shown only if I setup for 192.168.1.1 another
MAC-address, not equal to MAC of 1.2.3.5. In such case, source MAC is
00:30:48:91:59:0d (MAC of em1) and dst MAC is that MAC I setuped for
192.168.1.1 (as 'tcpdump -e' shows). For setup as above, with equal MACs,
tcpdump doesn't show forwarded packets on both NICs, only per-NIC counters
are updated properly, as 'netstat -ni' shows.
>How-To-Repeat:
Setup any ipfw config where 'ipfw fwd' rule will forward packets to another
interface as default.
>Fix:


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Tue Apr 22 02:14:45 UTC 2008 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=122963 

From: Sergey Matveychuk <sem@FreeBSD.org>
To: bug-followup@FreeBSD.org, zuborg@advancedhosters.com
Cc:  
Subject: Re: kern/122963: [ipfw] tcpdump does not show packets redirected
 by &#39;ipfw fwd&#39; on proper interface
Date: Mon, 27 Feb 2012 16:58:54 +0400

 It should be fixed in 9.0 and 8.3 (8-stable). Could you test on one of them?
State-Changed-From-To: open->feedback 
State-Changed-By: sem 
State-Changed-When: Mon Feb 27 13:12:07 UTC 2012 
State-Changed-Why:  
Can't reproduce on both 9.0 and 8.3. Please test on them. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=122963 

From: n j <nino80@gmail.com>
To: bug-followup@freebsd.org, zuborg@advancedhosters.com
Cc:  
Subject: Re: kern/122963: [ipfw] tcpdump does not show packets redirected by
 'ipfw fwd' on proper interface
Date: Tue, 13 Aug 2013 11:37:16 +0200

 --14dae94ee3b1c4da3004e3d0fd49
 Content-Type: text/plain; charset=ISO-8859-1
 
 Hi,
 
 I just ran into this bug on 9.0. Likely present on 9.1 as well.
 
 Assume:
 em0 192.168.1.2
 em1 10.1.1.2
 
 # forward to port 80 port 8080 traffic going out via em1
 ipfw add 100 fwd 192.168.1.2:80 tcp from me 8080 to 10.1.80.80 out xmit em1
 
 # make sure the traffic goes via em1
 route add 10.1.80.80 10.1.1.1
 
 # expect to see outgoing packets
 tcpdump -i em1 host 10.1.80.80
 
 # but no packets seen
 nc -p 8080 10.1.80.80 31337
 
 
 Regards,
 -- 
 Nino
 
 --14dae94ee3b1c4da3004e3d0fd49
 Content-Type: text/html; charset=ISO-8859-1
 Content-Transfer-Encoding: quoted-printable
 
 <div dir=3D"ltr"><div><div><div><div><div>Hi,<br><br></div>I just ran into =
 this bug on 9.0. Likely present on 9.1 as well.<br><br></div>Assume:<br></d=
 iv><div>em0 192.168.1.2<br>em1 10.1.1.2<br></div><div><br></div><div># forw=
 ard to port 80 port 8080 traffic going out via em1<br>
 
 </div>ipfw add 100 fwd <a href=3D"http://192.168.1.2:80">192.168.1.2:80</a>=
  tcp from me 8080 to 10.1.80.80 out xmit em1<br><br></div><div># make sure =
 the traffic goes via em1<br></div>route add 10.1.80.80 10.1.1.1<br><br></di=
 v>
 
 <div># expect to see outgoing packets<br></div>tcpdump -i em1 host 10.1.80.=
 80<br><div><br># but no packets seen<br></div><div>nc -p 8080 10.1.80.80 31=
 337<br></div><div><br><br></div><div>Regards,<br>-- <br></div><div>Nino<br>
 
 </div></div>
 
 --14dae94ee3b1c4da3004e3d0fd49--

From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
To: bug-followup@FreeBSD.org, zuborg@advancedhosters.com
Cc:  
Subject: Re: kern/122963: [ipfw] tcpdump does not show packets redirected
 by &#39;ipfw fwd&#39; on proper interface
Date: Thu, 16 Jan 2014 15:09:46 +0400

 This is not a bug.
 
 You're adding fwd rule which forwards outgoing packet back to the local 
 system (since fwd address is em0 address).
 That's why you're not seeing packet on the wire.
>Unformatted:
