[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: FW: Question about dup-to
From:       Craig Paterson <craigp () tippett ! com>
Date:       2003-09-23 19:05:52
[Download RAW message or body]

Somsay Sychaleun wrote:

>      Resending from last week. Any help would be greatly appreciated.
>  
>      I have also tried this on a machine with 2 physical interfaces 
> without
>      success. Has anyone actually got the dup-to to work on Solaris with
>      the hme or dmfe interfaces?
>  
>    I am trying to setup ipfilter to duplicate all incoming udp packets 
> to another box
>    on the same subnet. I have not have much success. Can someone 
> advise as to whether
>    this rule will work? All the examples in the HOWTO seems to dup-to 
> a different interface,
>    is that the only way dup-to will work?
>  
>    pass in quick on hme0 dup-to hme0:192.168.152.5 proto udp from any 
> to 192.168.152.7
>  
>    I am running Solaris 8 and ipf 3.4.32, I was running ipf 3.4.20 as 
> well with no luck.
>  
>    Also, Does ip forwarding need to be set to on for dup-to?

I'm having similar issues -- I'm not seeing any duplicate traffic. This 
is on an Ultra 1 running 3.4.28 on Solaris 9, with two hme interfaces 
and one qfe card which provides another 4 fast ethernet interfaces. I'm 
trying to mirror both between an hme and a qfe interface, and between 
two qfe interfaces.

e.g.

pass in quick on hme1 dup-to qfe1 proto tcp from <proxy server>/32 to ! 
<local lan>/16 port = 80 flags S keep state    group 301

I'm not seeing any traffic outbound on qfe1 in this setup, though the 
proxy is working. That's the case whether qfe1 is just 'plumbed' with no 
IP address, or set up completely.

Have you had any success in the mean time, or can anyone confirm that 
dup-to is functional in this version of IP Filter on Solaris?

Thanks,
Craig.

[prev in list] [next in list] [prev in thread] [next in thread]