Date: Thu, 21 Jul 2005 19:22:41 -0500 From: Kevin Kinsey <kdk@.daleco.biz> To: gouders@et.bocholt.fh-ge.de Cc: questions@freebsd.org Subject: Re: ipfw and tun0 Message-ID: <20050722002241.GA94174@ezekiel.daleco.biz>
next in thread | raw e-mail | index | archive | help
Dirk Gouders wrote: >Hello, > >I just started to use an ADSL line with PPPoE and want run a firewall >between it and my local network. What I am wondering about is that >even if I only have the default everything-blocking rule (deny ip from >any to any) I still see incoming packets on tun0 with tcpdump. > >Is this, because the firewall rules get checked after the packets >leave the tun0 interface? On what interface should I run tcpdump then >to check if my rules are working as expected? > >Dirk > Just a guess, here .... tun0 doesn't exist when the firewall rc script is run, so you may have to explicity state the name of the interface since it wouldn't be listed during device polling at boot time? Like I said, just grasping at straws. Maybe you've already tried that one.... Kevin Kinsey
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050722002241.GA94174>