Date: Thu, 19 Dec 2002 14:05:13 +0200 (EET) From: ay@sita.kiev.ua To: freebsd-questions@freebsd.org Subject: Re: ipfw and rule 65535 Message-ID: <200212191205.gBJC5De16443@sima.sita.kiev.ua>
next in thread | raw e-mail | index | archive | help
In article <20021217183421.I3893-100000@tigger.pacehouse.com.lucky.freebsd.questions> you wrote: > Here is the end of the output from 'ipfw show': > 04000 0 0 deny log ip from any to any > 65535 91 8227 deny ip from any to any > Can anyone explain why the last rule is getting hit? I was under the > impression that the rules are traversed in order, so 4000 should catch > anything that -1 would. Rule 65535 is added automatically due to kernel config option IPFILTER_DEFAULT_TO_??? default is to deny any connections, that are not permitted in rc.firewall. -- AY7-UANIC || AY15-RIPE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212191205.gBJC5De16443>