Date: Tue, 27 Feb 1996 03:13:52 +1100 (EST) From: michael butler <imb@scgt.oz.au> To: phk@critter.tfs.com (Poul-Henning Kamp) Cc: stable@freebsd.org, current@freebsd.org Subject: Re: -stable hangs at boot (fwd) Message-ID: <199602261613.DAA14868@asstdc.scgt.oz.au> In-Reply-To: <11445.825342415@critter.tfs.com> from "Poul-Henning Kamp" at Feb 26, 96 02:46:55 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Poul-Henning Kamp writes: > Well, this happens to be your view. I know machines where IPFW are being > used to restrict what users on the machine can do, this is only possible > if you filter >ALL< traffic, to and from the machine. I haven't checked this but .. what happens to a packet which matches a "reject" rule when it's not actually destined for the machine doing the filtering .. does it still generate an ICMP "host unreachable" ? This can happen, for example, with multiple subnets on one wire .. If so .. we have our incarnation of the M$ "sniper bug" that plagued WFW and WinNT boxes and which arbitrarilt shot down packets which were not theirs to kill :-( michael
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602261613.DAA14868>