From owner-freebsd-stable Fri Dec 20 12:51: 3 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6BF7F37B401 for ; Fri, 20 Dec 2002 12:51:02 -0800 (PST) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1D6DF43EEA for ; Fri, 20 Dec 2002 12:51:02 -0800 (PST) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 41F5C15247; Fri, 20 Dec 2002 12:50:08 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 4137415213 for ; Fri, 20 Dec 2002 12:50:08 -0800 (PST) Date: Fri, 20 Dec 2002 12:50:08 -0800 (PST) From: Mike Hoskins To: freebsd-stable@FreeBSD.ORG Subject: Re: ipfw and rule 65535 In-Reply-To: <3E0293B1.2D1AC05E@kuzbass.ru> Message-ID: <20021220124754.O25021-100000@fubar.adept.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, 20 Dec 2002, Eugene Grosbein wrote: > > Here is the end of the output from 'ipfw show': > > 04000 0 0 deny log ip from any to any > > 65535 91 8227 deny ip from any to any > > Can anyone explain why the last rule is getting hit? > There were packets arrived when rule 4000 did not exist yet. Perhaps, but I know that wasn't the case here and I see, 09999 474 63653 deny log ip from any to any 65535 13 1190 deny ip from any to any So it seems another explanation must exist. -- Mike Hoskins This message is RFC 1855 compliant, mike@adept.org www.adept.org/pub/rfcs/rfc1855.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message