From owner-freebsd-current Thu Jun 27 23:11:07 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id XAA10790 for current-outgoing; Thu, 27 Jun 1996 23:11:07 -0700 (PDT) Received: from critter.tfs.com (critter.cdrom.com [204.216.27.38]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA10784; Thu, 27 Jun 1996 23:11:04 -0700 (PDT) Received: from critter.tfs.com (localhost [127.0.0.1]) by critter.tfs.com (8.7.5/8.7.3) with ESMTP id XAA03505; Thu, 27 Jun 1996 23:09:36 -0700 (PDT) To: Nate Williams cc: current@freebsd.org Subject: Re: IPFW bugs? In-reply-to: Your message of "Fri, 28 Jun 1996 00:02:33 MDT." <199606280602.AAA13869@rocky.mt.sri.com> Date: Thu, 27 Jun 1996 23:09:35 -0700 Message-ID: <3503.835942175@critter.tfs.com> From: Poul-Henning Kamp Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk (DNS: I didn't keep your original email but check your +outbox :-) >Umm, that's irrelevant. My DNS server is remote, not local. I'm not >trying to send anything out via lo0, so why bring this up? If you never need lo0, certainly keep it down. Some programs croak. >> It's certainly a bug that you have rules with the same number, that >> looks VERY weird to me, also where was your 65535 block all rule ? > >I set them to be the same #. Should I not? no, I thought it was impossible to do so actually, and intended it to be for that matter. Have same number makes it harder too understand which one did that, and may lead to confusion as to what order they apply in. >> >I can telnet/login/ftp/etc.. *from* non-local machines to this box. Why >> >is that? >> >> Add "log" to all rules and see which number lets you though. > >Ahh, I didn't realize you could 'log' accept rules. I'll do that. Not only that, but all rules have counters ipfw can show you, so you can even see activation of rules that didn't log. -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so.