Date: Fri, 15 Dec 1995 15:26:20 +0100 (MET) From: Luigi Rizzo <luigi@labinfo.iet.unipi.it> To: phk@critter.tfs.com (Poul-Henning Kamp) Cc: franky@pinewood.nl, hackers@FreeBSD.ORG Subject: Re: Order of rules in ip_fw chain Message-ID: <199512151426.PAA00216@labinfo.iet.unipi.it> In-Reply-To: <6974.819030894@critter.tfs.com> from "Poul-Henning Kamp" at Dec 15, 95 01:34:35 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > 2) I noticed that the order in which the fw checks incoming packets is > > *not* the same as the order in which the packet rules were added. > > IMHO this should be fixed. I have not had the time (yet) to have > > a look at the source myself, but will do so in the next few weeks. > > yes. #define yes This is correct. It is a major problem when configuring \ firewalls. It should be fixed. Please do it. I believe the problem is in the order of loading rules in the filtering chains. Luigi ==================================================================== Luigi Rizzo Dip. di Ingegneria dell'Informazione email: luigi@iet.unipi.it Universita' di Pisa tel: +39-50-568533 via Diotisalvi 2, 56126 PISA (Italy) fax: +39-50-568522 http://www.iet.unipi.it/~luigi/ ====================================================================
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199512151426.PAA00216>