From owner-freebsd-net@FreeBSD.ORG Wed Jul 4 13:04:25 2012 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C0CAE1065670 for ; Wed, 4 Jul 2012 13:04:25 +0000 (UTC) (envelope-from s.khanchi@gmail.com) Received: from mail-yw0-f54.google.com (mail-yw0-f54.google.com [209.85.213.54]) by mx1.freebsd.org (Postfix) with ESMTP id 7D0568FC08 for ; Wed, 4 Jul 2012 13:04:25 +0000 (UTC) Received: by yhfs35 with SMTP id s35so1257336yhf.13 for ; Wed, 04 Jul 2012 06:04:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:x-google-sender-auth:message-id :subject:to:content-type; bh=fuyQn5GOf+ckA6Dy8byhQ77UM559Vs8w0irciL9hwhY=; b=0LIKNqphxog6ygwyUjDZomFBBjbcMsMmCH1IHpJPsNDUO2KvG3VaJyUHp7sF86M1p/ QgXonzn/j2IcRi4+lcQN5vzxS76/BnHATdZbwtxEeXnQQKMKMTp2DbrM6MSgx5YzlT8A dRp9J8EtAcYsDHSl/VitXzFPuGiOTAPhuLu3WsszL+PFsE3YywDtb+uXWkvXJHCi20+V VhCQotzUPVXeTps3jfKs6LY3mikDbm906fYbekYyI+4MZhOD6pYI+alemr9AC+P8itPe FbDc/eosaJsOh9bviR14I3PnIy889roRvolR4cREre7pAzzuf9KR+pCZCMEvuQuRIa2e QPNA== Received: by 10.50.194.200 with SMTP id hy8mr13182013igc.58.1341407064722; Wed, 04 Jul 2012 06:04:24 -0700 (PDT) MIME-Version: 1.0 Sender: s.khanchi@gmail.com Received: by 10.231.134.73 with HTTP; Wed, 4 Jul 2012 06:04:04 -0700 (PDT) From: h bagade Date: Wed, 4 Jul 2012 17:34:04 +0430 X-Google-Sender-Auth: RENuItJ5iUJH38kmbderqEjW0-M Message-ID: To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: problem on ipfw using mac addresses X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jul 2012 13:04:25 -0000 Hi all, I have a problem using ipfw firewall. I have a topology connected as below: A(192.168.1.55) ----- (192.168.1.1)my_sys(192.168.2.1) -------(192.168.2.12)B I've set the rule "ipfw add 1 deny icmp from any to any" on my_sys, which works correctly. I can't ping from A to B by the rule. Then I've added mac part to the rule as the format of "ipfw add 1 deny icmp from any to any ma any any" which seems the same as before but after that I could ping the B from A. What's the reason? I'm really confused with what I saw! Is it a bug? Any hints or suggestions are really appreciated.