Date: Wed, 14 Mar 2001 11:12:29 -0500 (EST) From: Mikhail Kruk <meshko@cs.brandeis.edu> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> Cc: <cjclark@alum.mit.edu>, Alan Batie <alan@batie.org>, <security@FreeBSD.ORG> Subject: Re: ipfw rule -1? Message-ID: <Pine.LNX.4.30.0103141109190.2204-100000@orestes.cs.brandeis.edu> In-Reply-To: <200103141605.IAA47316@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Rule -1 is given for any packet dropped, but not dropped due to a user > > rule or the default rule. A quick look at the souce indicates the > > above pseudo-rule and some other fragment issues (bogusfrag) are the > > only such situations. > > > > OK, I've answered this one enough times now. Should I send in a PR > > with patch to the manpage or is this for the FAQ? > > Patch the manpage, and the FAQ. Specifically mention the rule number -1 > as being a builtin unalterable set of rules, and describe exactly what those > rules are. Looks like a docs thread, not a security, but I'll stick my 2 cents... I don't think that something that is in a man page and can be easily found in it without even reading the whole thing (search for -1?) belongs to the FAQ. FAQ is for problems which are not easily solved using man because it's unclear where to look for the answer, IMHO. I vote for man page only. > Thanks, > -- > Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.30.0103141109190.2204-100000>