Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 12 Aug 2005 10:09:25 +0300
From:      Jara <hugle@vkt.lt>
To:        freebsd-ipfw@freebsd.org
Subject:   Re: problem: MAC in via internal interface
Message-ID:  <1179467822.20050812100925@vkt.lt>
In-Reply-To: <1581417195.20050812100442@spaingsm.com>
References:  <1581417195.20050812100442@spaingsm.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
 hi,
 I think it is because after 2-3 mins you start blocking ARP queries
 which results in smth like that machine doesn't know others machine HW
 address, she tries to get this address again and no answer
 

Jarek
---------------------------------------
> Hi!
> I want to permit only traffic from my network class throught internal
> interface. So i put in ipfw rules this rule to see what traffic is:

> $cmd add 51 count log logamount 0 all from not $local_net to any in via $lif

> I study my logs and i find this:
> Aug 12 09:58:14 freebsd kernel: ipfw: 51 Count UDP 0.0.0.0:68 255.255.255.255:67 in via fxp0
> Aug 12 09:58:14 freebsd kernel: ipfw: 51 Count UDP 0.0.0.0:68 255.255.255.255:67 in via fxp0
> Aug 12 09:58:18 freebsd kernel: ipfw: 51 Count MAC in via fxp0

> When i deny this traffic, network freeze after 3-10 min. I think is
> because, is blocked traffic inidcate by "MAC in via fxp0".
> What kind of traffic is this? I can't block ilegal traffic to this
> reason.


> _______________________________________________
> freebsd-ipfw@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to
> "freebsd-ipfw-unsubscribe@freebsd.org"




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?1179467822.20050812100925>