From owner-freebsd-security  Wed Oct 17 18:49:20 2001
Delivered-To: freebsd-security@freebsd.org
Received: from blacklamb.mykitchentable.net (ekgr-dsl2-116.citlink.net [207.173.226.116])
	by hub.freebsd.org (Postfix) with ESMTP id 66E8237B401
	for <freebsd-security@freebsd.org>; Wed, 17 Oct 2001 18:49:18 -0700 (PDT)
Received: from bigdaddy (bigdaddy [192.168.1.3])
	by blacklamb.mykitchentable.net (Postfix) with SMTP
	id 90993EE623; Wed, 17 Oct 2001 18:49:13 -0700 (PDT)
Message-ID: <000d01c15777$1b9a8240$0301a8c0@bigdaddy>
From: "Drew Tomlinson" <drew@mykitchentable.net>
To: <Mark.Andrews@isc.org>
Cc: <freebsd-security@freebsd.org>
References: <200110172350.f9HNor915316@drugs.dv.isc.org>
Subject: Re: Dynamic IPFW Rules 
Date: Wed, 17 Oct 2001 18:49:21 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="Windows-1252"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

----- Original Message -----
From: <Mark.Andrews@isc.org>
To: "Drew Tomlinson" <drew@mykitchentable.net>
Cc: <freebsd-security@freebsd.org>
Sent: Wednesday, October 17, 2001 4:50 PM
Subject: Re: Dynamic IPFW Rules


>
> > I have created my first firewall and it seems to be handling
traffic
> > properly (yayyyy!).  However, I have noticed that my dynamic rules
don't
> > ever seem to expire.
>
> [snip]
>
> > 02100 1 60 (T 0, # 0) ty 0 tcp, 192.168.1.4 3139 <-> 64.21.143.23
80
>
> This is expired (T 0), just not removed.

OK, thanks.  Is there a way to remove those rules that have expired?

Drew


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message