From owner-freebsd-ipfw@FreeBSD.ORG Fri Aug 12 07:09:25 2005 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF2EE16A41F for ; Fri, 12 Aug 2005 07:09:25 +0000 (GMT) (envelope-from hugle@vkt.lt) Received: from sender.vkt.lt (sender.vkt.lt [212.59.30.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id F358143D49 for ; Fri, 12 Aug 2005 07:09:24 +0000 (GMT) (envelope-from hugle@vkt.lt) Received: (qmail 25306 invoked by uid 89); 12 Aug 2005 07:09:23 -0000 Received: by simscan 1.1.0 ppid: 25300, pid: 25302, t: 0.4289s scanners: attach: 1.1.0 clamav: 0.86.2/m:33/d:1007 spam: 3.0.4 Received: from unknown (HELO ip-212-59-26-55.static.vkt.lt) (hugle@vkt.lt@212.59.26.55) by 0 with SMTP; 12 Aug 2005 07:09:22 -0000 Date: Fri, 12 Aug 2005 10:09:25 +0300 From: Jara X-Mailer: The Bat! (v3.5) Professional X-Priority: 3 (Normal) Message-ID: <1179467822.20050812100925@vkt.lt> To: freebsd-ipfw@freebsd.org In-Reply-To: <1581417195.20050812100442@spaingsm.com> References: <1581417195.20050812100442@spaingsm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on sender.vkt.lt X-Spam-Level: ** X-Spam-Status: No, score=2.3 required=5.0 tests=AWL,BAYES_00, HELO_DYNAMIC_IPADDR autolearn=no version=3.0.4 Subject: Re: problem: MAC in via internal interface X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Aug 2005 07:09:26 -0000 hi, I think it is because after 2-3 mins you start blocking ARP queries which results in smth like that machine doesn't know others machine HW address, she tries to get this address again and no answer Jarek --------------------------------------- > Hi! > I want to permit only traffic from my network class throught internal > interface. So i put in ipfw rules this rule to see what traffic is: > $cmd add 51 count log logamount 0 all from not $local_net to any in via $lif > I study my logs and i find this: > Aug 12 09:58:14 freebsd kernel: ipfw: 51 Count UDP 0.0.0.0:68 255.255.255.255:67 in via fxp0 > Aug 12 09:58:14 freebsd kernel: ipfw: 51 Count UDP 0.0.0.0:68 255.255.255.255:67 in via fxp0 > Aug 12 09:58:18 freebsd kernel: ipfw: 51 Count MAC in via fxp0 > When i deny this traffic, network freeze after 3-10 min. I think is > because, is blocked traffic inidcate by "MAC in via fxp0". > What kind of traffic is this? I can't block ilegal traffic to this > reason. > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to > "freebsd-ipfw-unsubscribe@freebsd.org"