Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 12 Sep 2006 17:40:58 -0700
From:      "Jin Guojun [VFFS]" <j_guojun@lbl.gov>
To:        ipfw@freebsd.org
Subject:   maximum deny entries?
Message-ID:  <4507539A.5000502@lbl.gov>

Next in thread | Raw E-Mail | Index | Archive | Help
I am not sure if this is a bug or is there some limitation for total 
deny entry,
when the deny list exceeds a certain length (36 lines at this case),
ipfw stop working (see the *** line below).

This is on 6.1-R i386 platform.
Is there know problem on this issue? or Did I made some mistake?

Please CC to me since I am not on the list.

    -Jin

# ipfw list
...all non deny entries are removed
00361 deny ip from 202.124.17.215 to any
00361 deny ip from 65.245.144.158 to any
00361 deny ip from 210.76.124.84 to any
00362 deny ip from 220.78.122.177 to any
00362 deny ip from 192.248.32.3 to any
00362 deny ip from 70.229.145.61 to any
00362 deny ip from 64.40.106.252 to any
00362 deny ip from 65.204.143.112 to any
00362 deny ip from 204.16.200.34 to any
00362 deny ip from 62.141.42.33 to any
00362 deny ip from 66.221.219.117 to any
00362 deny ip from 148.223.146.29 to any
00362 deny ip from 82.136.37.93 to any
00362 deny ip from 68.12.255.97 to any
00362 deny ip from 195.110.108.70 to any
00362 deny ip from 69.5.77.151 to any
00362 deny ip from 202.29.9.19 to any
00362 deny ip from 210.196.245.131 to any
00363 deny ip from 71.135.36.103 to any
00363 deny ip from 71.226.110.30 to any
00363 deny ip from 71.135.109.190 to any
00364 deny ip from 71.207.46.56 to any
00364 deny ip from 71.135.52.79 to any
00364 deny ip from 71.135.179.240 to any
00364 deny ip from 222.168.102.118 to any
00364 deny ip from 71.135.65.16 to any
00364 deny ip from 83.19.158.66 to any
00364 deny ip from 71.79.1.13 to any
00364 deny ip from 71.135.206.213 to any
00364 deny ip from 71.135.129.195 to any
00364 deny ip from 217.6.105.253 to any
00364 deny ip from 71.135.44.127 to any
00364 deny ip from 71.135.37.42 to any
00364 deny ip from 71.135.142.223 to any
00364 deny ip from 71.135.69.201 to any
00364 deny ip from 71.135.185.66 to any   *********** fails starts from here
00364 deny ip from 71.135.96.85 to any
00364 deny ip from 71.135.41.68 to any
00364 deny ip from 71.135.35.252 to any
00364 deny ip from 71.135.178.215 to any
00365 deny ip from somewhere to any *********** will not work



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?4507539A.5000502>