Date: Tue, 02 Dec 2003 09:19:49 -0200 From: "Tobias P. Santos" <tpeixoto@widesoft.com.br> To: freebsd-net@freebsd.org Subject: IPFW issue: skip past end of rules Message-ID: <3FCC7555.EEBB49FA@widesoft.com.br>
next in thread | raw e-mail | index | archive | help
Hello, I have a gateway limiting the bandwidth of my customers. Everything is working fine, but I got some messages in the log file, see: [...] Dec 1 15:04:55 proxy /kernel: +++ ipfw: ouch!, skip past end of rules, denying packet Dec 1 15:06:17 proxy last message repeated 90 times Dec 1 15:19:24 proxy last message repeated 41 times Dec 1 15:33:58 proxy last message repeated 142 times Dec 1 15:38:57 proxy last message repeated 121 times [...] Here are my rules: 00100 344 101154 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 450 18000 deny ip from 127.0.0.0/8 to any 00400 9971 1390018 pipe 1 ip from any to any MAC any 00:00:00:00:00:00 in 00500 12282 11562920 pipe 2 ip from any to any MAC 00:00:00:00:00:00 any out 00600 0 0 pipe 3 ip from any to any MAC any 11:11:11:11:11:11 in 00700 0 0 pipe 4 ip from any to any MAC 11:11:11:11:11:11 any out 00800 0 0 pipe 5 ip from any to any MAC any 22:22:22:22:22:22 in 00900 0 0 pipe 6 ip from any to any MAC 22:22:22:22:22:22 any out 01000 0 0 pipe 7 ip from any to any MAC any 33:33:33:33:33:33 in 01100 0 0 pipe 8 ip from any to any MAC 33:33:33:33:33:33 any out 01200 2336717 1482414132 divert 8668 ip from any to any via vr0 65000 9272277 5914106630 allow ip from any to any 65535 318 177373 deny ip from any to any Am I missing something? I can't find information about this issue anywhere. Thank you in advance! Best regards, Tobias.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FCC7555.EEBB49FA>