Re: A maybe interesting problem using divert sockets
Re: A maybe interesting problem using divert sockets
- Subject: Re: A maybe interesting problem using divert sockets
- From: "Peter Sichel" <email@hidden>
- Date: Tue, 19 Sep 2006 11:24:38 -0400
On 9/19/06, Ron Crocker wrote:
>>From A (or C), this all works peachy - I've configured it to have B as
>the gateway and voila, the packets are sent with B's MAC address. The
>problem is at B - I can't seem to get packets that do not have B's IP
>address to come out of ipfw.
The network stack order in Mac OS X follows the sequence below:
TCP/UDP
IP filter (NKE)
IPSec (if enabled)
IP filter (if IPSec enabled)
fragment reassembly
IP forwarding
ipfw (including divert used for natd, throttled)
protocol and interface filters (NKE)
bpf tap (IOKit)
IOKit driver
Since UNIX natd uses an ipfw divert socket to access these packets. I
think you'll need to use a command something like this:
ifpw add 95 divert natd all from any to any via en0
Kind Regards,
- Peter
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden