From owner-freebsd-questions  Wed Oct  2  4:55:45 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DBA6837B401
	for <questions@freebsd.org>; Wed,  2 Oct 2002 04:55:44 -0700 (PDT)
Received: from mail.geek.sh (decoder.geek.sh [196.36.198.81])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E617843E42
	for <questions@freebsd.org>; Wed,  2 Oct 2002 04:55:43 -0700 (PDT)
	(envelope-from aragon@geek.sh)
Received: by mail.geek.sh (Postfix, from userid 1000)
	id A8E3124EE2; Wed,  2 Oct 2002 13:55:39 +0200 (SAST)
Date: Wed, 2 Oct 2002 13:55:39 +0200
From: Aragon Gouveia <aragon@phat.za.net>
To: questions@freebsd.org
Subject: ipfw dynamic rules in 4.7-RC
Message-ID: <20021002115539.GC95556@phat.za.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4i
X-Operating-System: FreeBSD 4.6-RC i386
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hi,

I'm having problems with ipfw in 4.7-RC WRT dynamic rulesets. Even though
dynamic rules are being created, these aren't being checked by check-state.
Output from 'ipfw -d show'.


00010      0         0 check-state
00100   2816   1208852 allow tcp from any to 66.8.x.y 25 keep-state setup
65535 994218 419055474 allow ip from any to any
## Dynamic rules:
00100 17 768 (T 81, slot 9) <-> tcp, 196.41.x.y 8220<-> 66.8.x.y 25
00100 743 591302 (T 300, slot 243) <-> tcp, 196.3.x.y 4830<-> 66.8.x.y 25


If it weren't for my default allow rule, smtp wouldn't work on 66.8.x.y.
Anyone experiencing the same?


Thanks,
Aragon

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message