From owner-freebsd-ipfw@FreeBSD.ORG Sun Jun 20 10:37:59 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E86516A4CE for ; Sun, 20 Jun 2004 10:37:59 +0000 (GMT) Received: from btsoftware.com (213-84-82-9.adsl.xs4all.nl [213.84.82.9]) by mx1.FreeBSD.org (Postfix) with SMTP id 9DDEF43D39 for ; Sun, 20 Jun 2004 10:37:57 +0000 (GMT) (envelope-from bts@iae.nl) Received: from viper.office (viper.office [192.168.0.1] ) by btsoftware.com (Hethmon Brothers Smtpd) ; Sun, 20 Jun 2004 12:35:25 +0200 Message-Id: <200406201235.2542777.6@btsoftware.com> From: "Martin" To: "quetzal@roks.biz" , "Robert Downes" Date: Sun, 20 Jun 2004 12:35:19 +0200 (CEST) Priority: Normal X-Mailer: PMMail 2.20.2382 for OS/2 Warp 4.5 In-Reply-To: <20040619075532.GA690@roks.biz> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit cc: "freebsd-ipfw@freebsd.org" Subject: Re: Blocked outbound traffic - what is it? X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Martin List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jun 2004 10:37:59 -0000 On Sat, 19 Jun 2004 10:55:32 +0300, quetzal@roks.biz wrote: This is my opinion to. Martin. >You dont need to worry about trojans. By logic of your rules, I think that >this packets are blocked becouse of the ending lifetime of some dynamic rules. >See net.inet.ip.fw.dyn_fin_lifetime and net.inet.ip.fw.dyn_rst_lifetime >in man ipfw(8) and you probably understand what i am talking about. >Also you can try tcpdump to trace what occurs during the final phase of tcp >session.