Re: [m0n0wall] RE: WAN<>OPT Bridge and Traffic Shaper Rules

From:	Chris Buechler <cbuechler at gmail dot com>
To:	Jackey Wall <jackeywall at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] RE: WAN<>OPT Bridge and Traffic Shaper Rules
Date:	Sat, 30 Apr 2005 21:37:41 -0400

On 4/30/05, Jackey Wall <jackeywall at gmail dot com> wrote:
> I have been monitoring the list for some time now for remedies to a
> particular problem with m0n0wall 1.2b7 on CDROM/PC and on Soekris
> installs.
> 
> The setup is that I have two subnets 65.xxx.88.0/23 and
> 68.xxx.108.0/22 connected to OPT, which is bridged to WAN, which in
> turn has an IP address of 68.xxx.108.XXX/22. Traffic will pass through
> the bridge as expected for both 65.xxx.88.0/23 and 68.xxx.108.0/22
> when the Traffic Shaper Rules are off. However, turning on the Traffic
> Shaper Rules will cause traffic from 65.xxx.88.0/23 to not be allowed
> to pass through the bridge.
> 
> I understand that the root cause of this issue is an anti spoofing
> rule being applied to 65.xxx.88.0/23 as m0nowall does not know about
> the 65.xxx.88.0/23 network.
> 

No, actually.  That didn't have anything to do with the traffic
shaper, that was with it off.  That specific bug has been fixed in b7.

I believe there is an issue with all the 5.3-based versions with
traffic shaping and bridging though.

-Chris