Date: Thu, 30 Jan 2003 13:42:43 -0800 From: Michael Sierchio <kudzu@tenebras.com> To: barbish@a1poweruser.com Cc: Nick Rogness <nick@rogness.net>, "Simon L. Nielsen" <simon@nitro.dk>, freebsd-ipfw@FreeBSD.ORG Subject: Re: Error in ipfw manpage for stateful rules? Message-ID: <3E399C53.3030406@tenebras.com> In-Reply-To: <MIEPLLIBMLEEABPDBIEGKEODDEAA.barbish@a1poweruser.com> References: <MIEPLLIBMLEEABPDBIEGKEODDEAA.barbish@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
JoeB wrote: > ... Also this little quote from your > email response "Also note: it is documented but frequently > forgotten that nat'd packets, or any packets passed via DIVERT, lose > information -- such as which interface the packet was received on." > Causes me a great amount of concern. I would think the divert code > needs to be fixed to correct this problem It's a feature, not a bug. Since the process listening on the divert socket can morph the packet into anything, there's simply no way of knowing where it arrived. > Are you willing to give me a hand to correct this > oversight to the IPFW documentation and examples. The man page(s) need a rewrite, to be sure. I think the examples should be moved out of the man page and put in /usr/share/examples/ipfw... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E399C53.3030406>