From owner-freebsd-ipfw Tue Oct 10 3:22:31 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from sentry.granch.com (sentry.granch.com [212.109.197.55]) by hub.freebsd.org (Postfix) with ESMTP id E9AFD37B503 for ; Tue, 10 Oct 2000 03:22:25 -0700 (PDT) Received: from sentry.granch.ru (IDENT:shelton@localhost [127.0.0.1]) by sentry.granch.com (8.9.3/8.9.3) with ESMTP id RAA19618 for ; Tue, 10 Oct 2000 17:20:07 +0700 (NOVST) Message-ID: <39E2ED57.A51C7F0E@sentry.granch.ru> Date: Tue, 10 Oct 2000 17:20:07 +0700 From: "Rashid N. Achilov" Reply-To: achilov@granch.ru Organization: Granch Ltd. X-Mailer: Mozilla 4.74 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: ru, en MIME-Version: 1.0 To: freebsd-ipfw@freebsd.org Subject: To be continued... Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG part of `ipfw list | less` output: 01225 fwd 212.109.195.137 log logamount 100 ip from 212.109.197.55 to any out xmit sbni1 01226 allow log logamount 100 tcp from 212.109.197.55 to any 80 part of kernel log: rnel: ipfw: 1226 Accept TCP 212.109.197.55:3710 216.136.204.21:80 in via fxp0 rnel: ipfw: 1225 Forward to 212.109.195.137 TCP 212.109.197.55:3710 216.136.204.21:80 out via sbni1 rnel: ipfw: 1226 Accept TCP 212.109.197.55:3710 216.136.204.21:80 in via fxp0 rnel: ipfw: 1225 Forward to 212.109.195.137 TCP 212.109.197.55:3710 216.136.204.21:80 out via sbni1 Legend: 212.109.197.55 - my box FreeBSD 4.1-RELEASE 212.109.195.137 - first ISP leased line channel other side (our 212.109.195.138) sbni1 - iface name of second ISP leased line channel (assumed FreeBSD router box 3.4-RELEASE) Why 1226 rule in log BEFORE 1225? It means that 1226 scan before 1225? Or vice versa? And why, if 1225 succesfull, scans 1226 rule? I'm totally lost :-( -- With Best Regards. Rashid N. Achilov (RNA1-RIPE), Brainbench ID: 28514 Granch Ltd. lead engineer, e-mail: achilov@granch.ru tel/fax (383-2) 24-2363 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message