Date: Thu, 21 May 1998 10:14:25 +0300 From: Ruslan Ermilov <ru@ucb.crimea.ua> To: "'questions@freebsd.org'" <questions@FreeBSD.ORG> Subject: Re: ipfw: is this a bug ? Message-ID: <19980521101425.B17484@ucb.crimea.ua> In-Reply-To: <A03CD00C69B1D01195AB00A024ECEB1691F0CD@kaori.communique.net>; from Raul Zighelboim on Wed, May 20, 1998 at 03:12:47PM -0500 References: <A03CD00C69B1D01195AB00A024ECEB1691F0CD@kaori.communique.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 20, 1998 at 03:12:47PM -0500, Raul Zighelboim wrote: > > I see the following output at the end of 'ipfw show' and cannot > understand why a rule will match 65535 but not 03600. > > 03600 0 0 deny log ip from any to any > 65535 248 81372 deny ip from any to any The rule 65535 exists always (it may be ``allow'' if you're compiled your kernel with IPFIREWALL_DEFAULT_TO_ACCEPT). When the firewall is initialized (/etc/rc.firewall), it takes some time. At this time rule 3600 doesn't yet exist, and packets will be dropped with rule 65535. -- Ruslan Ermilov System Administrator ru@ucb.crimea.ua United Commercial Bank +380-652-247647 Simferopol, Crimea 2426679 ICQ Network, UIN To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980521101425.B17484>