Date: Wed, 19 Jun 2002 19:58:34 -0700 From: "Corey Snow" <corey@snowpoint.com> To: "Corey Snow" <corey@snowpoint.com>, <barbish@a1poweruser.com> Cc: "FBSDQ" <questions@FreeBSD.ORG> Subject: RE: ipfw dropping legit packets? Message-ID: <3D10E26A.23241.2486199@localhost> In-Reply-To: <MIEPLLIBMLEEABPDBIEGKEDOCDAA.barbish@a1poweruser.com> References: <3D10C128.8915.1C677A9@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19 Jun 2002, at 22:02, Joe & Fhe Barbish wrote: Hi Joe- > I have the same thing. > You will be surprised when you see what is happening. > Do this test, take the ip address you see in the log messages and use > it in your browser as the URL. > I think you will find out that what is being denied is the auto spawn > web pages that are hidden in the original viewed URL. > You are using exclusively advanced stateful keep-state ipfw rules and > an undocumented benefit is the blocking of auto spawn URL's. > This is a good think. > If you do not want to see them in your log then add a rule just before your > last rule like this > > add deny tcp from any to any 80 out via ed0 > I don't see how this could be the case, unless I'm completely misunderstanding things. The remote address has a socket of 80 and the local address is mine, meaning that the ipfw rules should allow it, even if it is to advertisement-type sites or popup ads. If it's a new connection caused by Javascript in the web page, that should still be allowed- after all, the firewall can't tell if it's a link I clicked or an automatically generated request. Shouldn't my other firewall rules allow the web browser to initiate connections to web servers? Also, the IP addresses in question, some of which I checked via nslookup, were the legitimate IPs of the domains I was visiting. Any further insight or info on what you think might be happening is appreciated. Regards, Corey Snow To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D10E26A.23241.2486199>