From owner-freebsd-questions@FreeBSD.ORG  Wed Nov 26 06:14:54 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C916716A4CF
	for <freebsd-questions@freebsd.org>;
	Wed, 26 Nov 2003 06:14:54 -0800 (PST)
Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.198.39])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 190AE43FBD
	for <freebsd-questions@freebsd.org>;
	Wed, 26 Nov 2003 06:14:53 -0800 (PST)
	(envelope-from freebsd-questions-local@be-well.ilk.org)
Received: from be-well.no-ip.com ([66.30.200.37])
          by comcast.net (rwcrmhc13) with ESMTP
          id <2003112614145201500pvvm3e>; Wed, 26 Nov 2003 14:14:52 +0000
Received: by be-well.no-ip.com (Postfix, from userid 1147)
	id 0317070; Wed, 26 Nov 2003 09:14:51 -0500 (EST)
Sender: lowell@be-well.ilk.org
To: "Vahric MUHTARYAN" <vahric@doruk.net.tr>
References: <002f01c3b33e$793c3900$110d3ad4@VAHOXP>
From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
Date: 26 Nov 2003 09:14:51 -0500
In-Reply-To: <002f01c3b33e$793c3900$110d3ad4@VAHOXP>
Message-ID: <448ym3kyhw.fsf@be-well.ilk.org>
Lines: 21
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: freebsd-questions@freebsd.org
Subject: Re: About setup and established Questions and log tracking Program
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: freebsd-questions@freebsd.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Nov 2003 14:14:54 -0000

"Vahric MUHTARYAN" <vahric@doruk.net.tr> writes:

> 	  # Allow TCP through if setup succeeded
>         ${fwcmd} add pass tcp from any to any established
> 
>         # Allow setup of incoming email
>         ${fwcmd} add pass tcp from any to ${ip} 25 setup
> 
> 
> I checked man page of ipfw ; setup matches packets have SYN bit or not
> .... 
> Upper rule is accepting setuped connections that ok ( please correct if
> I wrong ) 
> 
> 	Question is Why I need to set setup options on secound rule ...
> I mean I must to open 25 ( smtp port ) to all What is the setup option
> role ... 

You're right; given the first rule, the "setup" qualifier on the
second is redundant.  [I like to leave it in as a reminder to the
human reading the rules, though.]