Subject: Re: ipf "dup-to" altering packet IDs
To: Michael Graff <>
From: Darren Reed <>
List: tech-net
Date: 06/26/2002 14:04:14
In some email I received from Michael Graff, sie wrote:
> I have a need to do routing based on source address (not the normal
> destination address) and so am using IPF rules to do this disgusting
> hack.
> What I'm doing is:
>         pass in on fxp1 dup-to tun0 from to any
>         block out quick on fxp0 from to any
> This causes the packets to be duplicated to tun0 and dropped on the
> outgoing interface, so the only copy of the packet will go over the
> tun0 device.
> I have a user-level tunnel taking the packets from tun0 and
> encapsulating them in UDP and sending them on their way.
> However, the packet as seen on fxp1 and tun0 have differences.  The
> duplicated packet has its ip id field byte-swapped.

Is the checksum correct in the packet coming out tun0 ?