> obviously you did some other commands here.. > something generated 2 million packets.. Julian, its a production enviroment, firewall was up for a few minutes. Thats the reason. > I was thinking of adding a 'reroute' ipfw keyword.. kind of like > 'fwd {original dest} ip from any to any' > because 'fwd' does cause the routing decision to be redone. > > The fib of the process that opens the socket controls where packets from the > local machine are sent. divert does cause this too, not "not fib X" seems to work fine... I wish you could make the "setfib" action be kept in state with keep-state only for the static rules, but I guess it will be done for all dynamic rules too, since keep-state makes dynamic rules repeat the static one, right? would something like ipfw add prob 0.5 setfib 1 all from X to any out keep-state be used to balance (per session) between FIB tables? > > > > > -- =========== Eduardo Meyer pessoal: dudu.meyer_at_gmail.com profissional: ddm.farmaciap_at_saude.gov.brReceived on Mon Jan 19 2009 - 14:40:41 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:40 UTC