Date: Wed, 3 Aug 2005 10:35:37 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-ipfw@FreeBSD.ORG Subject: Re: Another bug in IPFW@ ...? Message-ID: <200508030835.j738Zb1q009262@lurza.secnetix.de> In-Reply-To: <20050802143211.A74003@xorpc.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Luigi Rizzo <rizzo@icir.org> wrote:
> ok, so the problem is the following: when i implemented ipfw2
> i thought that 'recv any' or 'xmit any' were effectively NOPs
> so the parser erroneously removes them, together with any 'not' prefix
> (which is processed before).
That explains it.
I was a little confused by the ipfw(8) manpage: It says:
"recv any [...] matches packets received [...] through some
interface", and two paragraphs later: "A packet may not
have a receive [...] interface: packets originating from
the local host have no receive interface". That clearly
implies that "recv any" shouldn't be a NOP. :-)
> To fix this one should
> [...]
> if you want to try, this should be all
Thank you very much! I will give it a try, but it will
take a little while, because I cannot reboot this router
any time (ipfw is configured statically in the kernel).
Thanks again, Luigi, I appreciate your assistance!
Best regards
Oliver
--
Oliver Fromme, secnetix GmbH & Co KG, Marktplatz 29, 85567 Grafing
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.
I suggested holding a "Python Object Oriented Programming Seminar",
but the acronym was unpopular.
-- Joseph Strout
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508030835.j738Zb1q009262>