Date: Mon, 8 Feb 1999 08:23:51 -0500 (EST) From: Matt Behrens <matt@zigg.com> To: security@FreeBSD.ORG Subject: bypassing "allow ip from any to any"? Message-ID: <Pine.BSF.4.05.9902080820170.2539-100000@megaweapon.zigg.com>
next in thread | raw e-mail | index | archive | help
I rebooted one of my boxes 24 hours ago. I run the "open" firewall set with ppp -alias (as an on-demand packet filter, I know, I should do better) ;) but saw something strange in last night's security check. Rule 65000 clearly states 65000 allow ip from any to any yet this came across in my logs last night: xxx.xxx.xxx denied packets: > 65535 2 139 deny ip from any to any I don't see how it could, unless someone was fudging with my ipfw config. Or do I just not know something? (I do run options NETATALK here, could that somehow have snuck in?) - Matt Behrens <matt@zigg.com> Network Administrator, zigg.com <http://www.zigg.com/> Engineer, Nameless IRC Network <http://www.nameless.net/> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9902080820170.2539-100000>