Date: Wed, 13 Sep 2006 11:38:32 +0200 (CDT) From: "Martin" <bts@iae.nl> To: "ipfw@freebsd.org" <ipfw@freebsd.org>, "Jin Guojun [VFFS]" <j_guojun@lbl.gov> Subject: Re: maximum deny entries? Message-ID: <200609131138.3334981.6@btsoftware.com> In-Reply-To: <4507539A.5000502@lbl.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
All deny rules should have a different number ....... /Martin On Tue, 12 Sep 2006 17:40:58 -0700, Jin Guojun [VFFS] wrote: >I am not sure if this is a bug or is there some limitation for total >deny entry, >when the deny list exceeds a certain length (36 lines at this case), >ipfw stop working (see the *** line below). > >This is on 6.1-R i386 platform. >Is there know problem on this issue? or Did I made some mistake? > >Please CC to me since I am not on the list. > > -Jin > ># ipfw list >...all non deny entries are removed >00361 deny ip from 202.124.17.215 to any >00361 deny ip from 65.245.144.158 to any >00361 deny ip from 210.76.124.84 to any >00362 deny ip from 220.78.122.177 to any >00362 deny ip from 192.248.32.3 to any >00362 deny ip from 70.229.145.61 to any >00362 deny ip from 64.40.106.252 to any >00362 deny ip from 65.204.143.112 to any >00362 deny ip from 204.16.200.34 to any >00362 deny ip from 62.141.42.33 to any >00362 deny ip from 66.221.219.117 to any >00362 deny ip from 148.223.146.29 to any >00362 deny ip from 82.136.37.93 to any >00362 deny ip from 68.12.255.97 to any >00362 deny ip from 195.110.108.70 to any >00362 deny ip from 69.5.77.151 to any >00362 deny ip from 202.29.9.19 to any >00362 deny ip from 210.196.245.131 to any >00363 deny ip from 71.135.36.103 to any >00363 deny ip from 71.226.110.30 to any >00363 deny ip from 71.135.109.190 to any >00364 deny ip from 71.207.46.56 to any >00364 deny ip from 71.135.52.79 to any >00364 deny ip from 71.135.179.240 to any >00364 deny ip from 222.168.102.118 to any >00364 deny ip from 71.135.65.16 to any >00364 deny ip from 83.19.158.66 to any >00364 deny ip from 71.79.1.13 to any >00364 deny ip from 71.135.206.213 to any >00364 deny ip from 71.135.129.195 to any >00364 deny ip from 217.6.105.253 to any >00364 deny ip from 71.135.44.127 to any >00364 deny ip from 71.135.37.42 to any >00364 deny ip from 71.135.142.223 to any >00364 deny ip from 71.135.69.201 to any >00364 deny ip from 71.135.185.66 to any *********** fails starts from here >00364 deny ip from 71.135.96.85 to any >00364 deny ip from 71.135.41.68 to any >00364 deny ip from 71.135.35.252 to any >00364 deny ip from 71.135.178.215 to any >00365 deny ip from somewhere to any *********** will not work >_______________________________________________ >freebsd-ipfw@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200609131138.3334981.6>