soulpower
May 21st, 2009, 14:23
Hi guys,
this is my first post! I'm Roberto from Italy and I need your help for a project.
I got a MacBook Pro with MacOSX 10.5 in which I've installed PC-BSD 7.0.2 virtualized with VMWare Fusion 2.0.1 .
I know that this is the freebsd forum, but I think that this firewall section fits much better with my needs.
I've to setup a packet delayer/bandwidth limiter for evaluating the performances of a protocol which works with multicast traffic for transferring files. I have two programs, a sender and a receiver based over this protocol. Both programs are executed on MacOSX.
I've created with vmware two networks adapters between macosx and pcbsd, that vmare has called vmnet1 and vmnet8 on macosx, and respectively em0 and le0 on pcbsd.
The interfaces vmnet1 and em0 have addresses 192.168.15.1 and 192.168.15.129 .
The interfaces vmnet8 and le0 have addresses 172.16.163.1 and 172.16.163.130 .
The path is: sender (macosx) -> vmnet1 interface (macosx) -> em0 interface (pcbsd) -> packet delayer/bandwidth limiter (pcbsd) -> le0 interface (pcbsd) -> vmnet8 interface (macosx) -> receiver (macosx).
Everything with multicast traffic.
I've added the route to redirect multicast out traffic to vmnet1 on macosx, and to le0 on pcbsd. It works.
Obviously I can't find the ipfw ruleset to setup the packet delayer/bandwidth limiter :x I need the multicast traffic incoming from em0 interface to be forwarded to le0 interface in multicast.
I've recompiled the kernel with the following options:
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_FORWARD
options DUMMYNET
options HZ=1000
I've putted into rc.conf:
multicast_router="YES"
firewall_enable="YES"
firewall_type="/root/fw-rules"
firewall_logging="YES"
firewall_quiet="NO"
firewall_flags=""
And into sysctl.conf:
net.inet.ip.forwarding: 1
net.inet.ip.check_interface: 0
net.inet.ip.fw.enable: 1
net.inet.ip.fw.autoinc_step: 100
net.inet.ip.fw.one_pass: 1
net.inet.ip.fw.debug: 1
net.inet.ip.fw.verbose: 1
net.inet.ip.fw.verbose_limit: 0
net.inet.ip.fw.dyn_buckets: 256
net.inet.ip.fw.curr_dyn_buckets: 256
net.inet.ip.fw.dyn_count: 0
net.inet.ip.fw.dyn_max: 4096
net.inet.ip.fw.static_count: 2
net.inet.ip.fw.dyn_ack_lifetime: 300
net.inet.ip.fw.dyn_syn_lifetime: 20
net.inet.ip.fw.dyn_fin_lifetime: 1
net.inet.ip.fw.dyn_rst_lifetime: 1
net.inet.ip.fw.dyn_udp_lifetime: 10
net.inet.ip.fw.dyn_short_lifetime: 5
net.inet.ip.fw.dyn_keepalive: 1
The firewall logs if I give the rule ipfw add log udp from any to me, but no rule for adding pipes works. I tried ipfw add pipe 1 udp from 192.168.15.1 to 224.0.0.1 out and similar, without success.
Can you help me to solve the situation?
Thank you so much!
this is my first post! I'm Roberto from Italy and I need your help for a project.
I got a MacBook Pro with MacOSX 10.5 in which I've installed PC-BSD 7.0.2 virtualized with VMWare Fusion 2.0.1 .
I know that this is the freebsd forum, but I think that this firewall section fits much better with my needs.
I've to setup a packet delayer/bandwidth limiter for evaluating the performances of a protocol which works with multicast traffic for transferring files. I have two programs, a sender and a receiver based over this protocol. Both programs are executed on MacOSX.
I've created with vmware two networks adapters between macosx and pcbsd, that vmare has called vmnet1 and vmnet8 on macosx, and respectively em0 and le0 on pcbsd.
The interfaces vmnet1 and em0 have addresses 192.168.15.1 and 192.168.15.129 .
The interfaces vmnet8 and le0 have addresses 172.16.163.1 and 172.16.163.130 .
The path is: sender (macosx) -> vmnet1 interface (macosx) -> em0 interface (pcbsd) -> packet delayer/bandwidth limiter (pcbsd) -> le0 interface (pcbsd) -> vmnet8 interface (macosx) -> receiver (macosx).
Everything with multicast traffic.
I've added the route to redirect multicast out traffic to vmnet1 on macosx, and to le0 on pcbsd. It works.
Obviously I can't find the ipfw ruleset to setup the packet delayer/bandwidth limiter :x I need the multicast traffic incoming from em0 interface to be forwarded to le0 interface in multicast.
I've recompiled the kernel with the following options:
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_FORWARD
options DUMMYNET
options HZ=1000
I've putted into rc.conf:
multicast_router="YES"
firewall_enable="YES"
firewall_type="/root/fw-rules"
firewall_logging="YES"
firewall_quiet="NO"
firewall_flags=""
And into sysctl.conf:
net.inet.ip.forwarding: 1
net.inet.ip.check_interface: 0
net.inet.ip.fw.enable: 1
net.inet.ip.fw.autoinc_step: 100
net.inet.ip.fw.one_pass: 1
net.inet.ip.fw.debug: 1
net.inet.ip.fw.verbose: 1
net.inet.ip.fw.verbose_limit: 0
net.inet.ip.fw.dyn_buckets: 256
net.inet.ip.fw.curr_dyn_buckets: 256
net.inet.ip.fw.dyn_count: 0
net.inet.ip.fw.dyn_max: 4096
net.inet.ip.fw.static_count: 2
net.inet.ip.fw.dyn_ack_lifetime: 300
net.inet.ip.fw.dyn_syn_lifetime: 20
net.inet.ip.fw.dyn_fin_lifetime: 1
net.inet.ip.fw.dyn_rst_lifetime: 1
net.inet.ip.fw.dyn_udp_lifetime: 10
net.inet.ip.fw.dyn_short_lifetime: 5
net.inet.ip.fw.dyn_keepalive: 1
The firewall logs if I give the rule ipfw add log udp from any to me, but no rule for adding pipes works. I tried ipfw add pipe 1 udp from 192.168.15.1 to 224.0.0.1 out and similar, without success.
Can you help me to solve the situation?
Thank you so much!