Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 15 Feb 2002 09:52:13 -0800
From:      "Earl A. Killian" <earl@killian.com>
To:        "Michael Sierchio" <kudzu@tenebras.com>
Cc:        "Chris Dillon" <cdillon@wolves.k12.mo.us>, "Rogier R. Mulhuijzen" <drwilco@drwilco.net>, "Luigi Rizzo" <rizzo@icir.org>, freebsd-ipfw@FreeBSD.ORG, freebsd-net@FreeBSD.ORG
Subject:   Re: Bug in stateful code?
Message-ID:  <15469.19149.677645.220962@sax.killian.com>
In-Reply-To: <3C6D47D9.10003@tenebras.com>
References:  <5.1.0.14.0.20020214221354.01c37da0@mail.drwilco.net> <Pine.BSF.4.32.0202151003240.92211-100000@mail.wolves.k12.mo.us> <15469.17124.999950.13271@sax.killian.com> <3C6D47D9.10003@tenebras.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Michael Sierchio writes:
 > Date: Fri, 15 Feb 2002 09:39:37 -0800
 > From: Michael Sierchio <kudzu@tenebras.com>
 > 
 > It's a 'natd' option, which says not to pass incoming packets (from
 > the nat'd interface, presumably the external interface) which
 > aren't part of established "connections"  -- the internal translation
 > table is internal to natd.

So then I'm asking how does anything ever get into that table, if
incoming packets are all denied?  Are SYN packets exempted from
-deny_incoming?

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15469.19149.677645.220962>