From owner-freebsd-questions  Sun Jun 30 10:49: 9 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B41D137B401
	for <questions@FreeBSD.ORG>; Sun, 30 Jun 2002 10:49:07 -0700 (PDT)
Received: from sol.chel.skbkontur.ru (sol.chel.skbkontur.ru [212.57.175.94])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9F3B443E09
	for <questions@FreeBSD.ORG>; Sun, 30 Jun 2002 10:49:05 -0700 (PDT)
	(envelope-from ilia@chel.skbkontur.ru)
Received: from localhost (localhost [127.0.0.1])
	by sol.chel.skbkontur.ru (8.12.3/8.12.3) with ESMTP id g5UHmues001160
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO)
	for <questions@FreeBSD.ORG>; Sun, 30 Jun 2002 23:49:02 +0600 (YEKST)
	(envelope-from ilia@chel.skbkontur.ru)
Date: Sun, 30 Jun 2002 23:48:56 +0600 (YEKST)
From: =?koi8-r?B?6czY0SD7ydDJw8nO?= <ilia@chel.skbkontur.ru>
To: questions@FreeBSD.ORG
Subject: ipfw: broadcast thing
Message-ID: <20020630234304.F1147-100000@sol.chel.skbkontur.ru>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=koi8-r
Content-Transfer-Encoding: QUOTED-PRINTABLE
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Dear Sirs,

for example, rl0 and rl1 are local (non-Internet) interfaces.

(I'm going to switch to stateful rules soon, but for now I've configured
stateless firewall):

ipfw add 100 allow ip from me to any
ipfw add 200 allow ip from any to me via rl0
ipfw add 200 allow ip from any to me via rl1

that's simple, that's good, I even like it:)
but such configuration doesn't pass broadcast packets:

Jun 30 23:42:43 sol /kernel: ipfw: 104 Deny UDP 192.168.200.3:520
255.255.255.255:520 in via rl1
Jun 30 23:42:43 sol /kernel: ipfw: 104 Deny UDP 192.168.100.28:138
192.168.100.255:138 in via rl0
Jun 30 23:43:14 sol /kernel: ipfw: 104 Deny UDP 192.168.200.3:520
255.255.255.255:520 in via rl1
Jun 30 23:43:45 sol /kernel: ipfw: 104 Deny UDP 192.168.200.3:520
255.255.255.255:520 in via rl1


can anybody help me with "allow"ing broadcast traffic ??

Regards, (=EE=C1=C9=CC=D5=DE=DB=C9=C5 =D0=CF=D6=C5=CC=C1=CE=C9=D1)
Ilia Chipitsine (=E9=CC=D8=D1 =FB=C9=D0=C9=C3=C9=CE)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message