Date: Wed, 04 Jul 2012 18:39:50 +0400 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: h bagade <bagadeh@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: problem on ipfw using mac addresses Message-ID: <4FF455B6.9050005@yandex.ru> In-Reply-To: <CAARSjE3gjvbMK7DohFvDTFZ5ds-HV9NaMYLLModWYmjdSkv_Yg@mail.gmail.com> References: <CAARSjE3gjvbMK7DohFvDTFZ5ds-HV9NaMYLLModWYmjdSkv_Yg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04.07.2012 17:04, h bagade wrote: > Hi all, > > I have a problem using ipfw firewall. I have a topology connected as below: > > A(192.168.1.55) ----- (192.168.1.1)my_sys(192.168.2.1) > -------(192.168.2.12)B > > I've set the rule "ipfw add 1 deny icmp from any to any" on my_sys, which > works correctly. I can't ping from A to B by the rule. Then I've added mac > part to the rule as the format of "ipfw add 1 deny icmp from any to any ma > any any" which seems the same as before but after that I could ping the B > from A. > What's the reason? I'm really confused with what I saw! Is it a bug? > > Any hints or suggestions are really appreciated. Please, read the ipfw(4) manual page about the sysctl variable net.link.ether.ipfw. -- WBR, Andrey V. Elsukov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FF455B6.9050005>