tech-net: ipf "dup-to" altering packet IDs

Subject: ipf "dup-to" altering packet IDs
To: None <tech-net@netbsd.org>
From: Michael Graff <explorer@flame.org>
List: tech-net
Date: 06/25/2002 14:34:51

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have a need to do routing based on source address (not the normal
destination address) and so am using IPF rules to do this disgusting
hack.

What I'm doing is:

        pass in on fxp1 dup-to tun0 from 204.152.188.160/27 to any
        block out quick on fxp0 from 204.152.188.160/27 to any

This causes the packets to be duplicated to tun0 and dropped on the
outgoing interface, so the only copy of the packet will go over the
tun0 device.

I have a user-level tunnel taking the packets from tun0 and
encapsulating them in UDP and sending them on their way.

However, the packet as seen on fxp1 and tun0 have differences.  The
duplicated packet has its ip id field byte-swapped.

- --Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (NetBSD)
Comment: See http://www.flame.org/~explorer/pgp for my keys

iEYEARECAAYFAj0Y4fsACgkQl6Nz7kJWYWb9bgCdGwhngBhXumCz1382CBQ0fVH9
IsMAn0mX8smzF+5Q04ziOEN1/m724LtZ
=RQGX
-----END PGP SIGNATURE-----