Date: Wed, 26 Sep 2007 21:42:11 +0100 From: "Chris Yocum" <cyocum@gmail.com> To: "Chuck Swiger" <cswiger@mac.com> Cc: freebsd-questions@freebsd.org Subject: Re: Dumb IPFW Question Message-ID: <82bb54530709261342ta31fefawf83a84af3a535fda@mail.gmail.com> In-Reply-To: <922E2649-FBD9-4D92-8F87-84158B4537BD@mac.com> References: <82bb54530709261246p203f751fk2df592d30b003b89@mail.gmail.com> <922E2649-FBD9-4D92-8F87-84158B4537BD@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
Yep, it was a blunder by me. Thank you very much!
Chris
On 9/26/07, Chuck Swiger <cswiger@mac.com> wrote:
> On Sep 26, 2007, at 12:46 PM, Chris Yocum wrote:
> [ ... ]
> > I also get "Sep 26 20:09:17 routy kernel: ipfw: 450 Deny UDP <my
> > router outside IP>:53 <my isp dns ip>:53 out via sis0" in my
> > /var/log/security file. I have appended the ipfw rules below so you
> > can see all the changes that I made from the original.
>
> The setup keyword should only be used with TCP packets; trying to use
> it with UDP traffic will cause your pass-through rules (#23-25) to
> not match the traffic you want them to match...
>
> --
> -Chuck
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?82bb54530709261342ta31fefawf83a84af3a535fda>