Date: Thu, 27 Jun 1996 23:09:35 -0700 From: Poul-Henning Kamp <phk@freebsd.org> To: Nate Williams <nate@mt.sri.com> Cc: current@freebsd.org Subject: Re: IPFW bugs? Message-ID: <3503.835942175@critter.tfs.com> In-Reply-To: Your message of "Fri, 28 Jun 1996 00:02:33 MDT." <199606280602.AAA13869@rocky.mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
(DNS: I didn't keep your original email but check your +outbox :-) >Umm, that's irrelevant. My DNS server is remote, not local. I'm not >trying to send anything out via lo0, so why bring this up? If you never need lo0, certainly keep it down. Some programs croak. >> It's certainly a bug that you have rules with the same number, that >> looks VERY weird to me, also where was your 65535 block all rule ? > >I set them to be the same #. Should I not? no, I thought it was impossible to do so actually, and intended it to be for that matter. Have same number makes it harder too understand which one did that, and may lead to confusion as to what order they apply in. >> >I can telnet/login/ftp/etc.. *from* non-local machines to this box. Why >> >is that? >> >> Add "log" to all rules and see which number lets you though. > >Ahh, I didn't realize you could 'log' accept rules. I'll do that. Not only that, but all rules have counters ipfw can show you, so you can even see activation of rules that didn't log. -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3503.835942175>