Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 10 Mar 2001 09:52:37 -0500
From:      Duraid <latif2221@home.com>
To:        "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG>
Subject:   (ipfilter) ipf and ipfstat, something wrong????
Message-ID:  <3AAA3FB5.C0CB7B10@home.com>
next in thread | raw e-mail | index | archive | help 
ipfstat -io is showing unexpected results for rules i didn't build (
actually they the exact opposit of my rules) although the effective
rules are still the ones i load with ipf. see below:(freebsd 4.2) any
idea???

root:~# ipf -vFa -f /etc/ipf.rules
remove flags IO (12)
removed 9 filter rules
[block in           on xl0  all]
block in on xl0(!) from any to any
[block in     quick on xl0 from 192.168.0.0/16 to any]
block in quick on xl0(!) from 192.168.0.0/16 to any
[block in     quick on xl0 from 172.16.0.0/12 to any]
block in quick on xl0(!) from 172.16.0.0/12 to any
[block in     quick on xl0 from 10.0.0.0/8 to any]
block in quick on xl0(!) from 10.0.0.0/8 to any
[block in     quick on xl0 from 127.0.0.0/8 to any]
block in quick on xl0(!) from 127.0.0.0/8 to any
[pass  out quick on xl0 proto tcp  from any to any keep state keep
frags]
pass out quick on xl0(!) proto tcp from any to any keep state keep frags

[pass  out quick on xl0 proto udp  from any to any keep state keep
frags]
pass out quick on xl0(!) proto udp from any to any keep state keep frags

[pass  out quick on xl0 proto icmp from any to any keep state keep
frags]
pass out quick on xl0(!) proto icmp from any to any keep state keep
frags
[pass  in  quick on xl0 proto tcp from any to 24.114.36.13 port = 22
flags S keep state keep frags]
pass in quick on xl0(!) proto tcp from any to 24.114.36.13/32 port = 22
flags S/0xff keep state keep frags

root:~# ipfstat -io
block out on xl0 from any to any
block out quick on xl0 from 192.168.0.0/16 to any
block out quick on xl0 from 172.16.0.0/12 to any
block out quick on xl0 from 10.0.0.0/8 to any
block out quick on xl0 from 127.0.0.0/8 to any
pass out quick on xl0 proto tcp from any to 24.114.36.13/32 port = 22
flags S/0xff keep state keep frags
empty list for ipfilter(in)


Duraid

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AAA3FB5.C0CB7B10>