From owner-freebsd-questions@FreeBSD.ORG Wed Sep 26 20:42:12 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 57EDE16A503 for ; Wed, 26 Sep 2007 20:42:12 +0000 (UTC) (envelope-from cyocum@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.187]) by mx1.freebsd.org (Postfix) with ESMTP id 2D18E13C45A for ; Wed, 26 Sep 2007 20:42:12 +0000 (UTC) (envelope-from cyocum@gmail.com) Received: by rv-out-0910.google.com with SMTP id l15so1906524rvb for ; Wed, 26 Sep 2007 13:42:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=9CSucZosHMu2tWuO79Tn9Da5Zqod8NFCVtMerQF0IQo=; b=okCPMeHWKLLvlw4jSrWVXVFb9jGNDM8fibR0zkfCxGmhS0DUvfOKpe9qmhRb2pwv4pHBkLPFiMNPW9y3E8WLpLWWj02X7tNyny1EBQ4mWBW9KE2tk3TxlD7qWV/jQaG/xlN7AOqiNta5qknPiWe1WfSfIep15UZc1LthP7/EKP8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=LcQLFDcTOk4ZCXCBoaWXkV0KF+EVYgnUo4ePwcva5ga7GtnTFb0edpLTG7q2zrzJeNe7i3PPonD+L/uOw38B/WM8mHYzfs6OojyLIBP2erf5t0nsEDTTrf7cr8Vtehr429Qhur33EKxtImoRsgtA12q/d9YqEI7otwsmCaNZpmE= Received: by 10.141.89.13 with SMTP id r13mr410344rvl.1190839331391; Wed, 26 Sep 2007 13:42:11 -0700 (PDT) Received: by 10.141.13.16 with HTTP; Wed, 26 Sep 2007 13:42:11 -0700 (PDT) Message-ID: <82bb54530709261342ta31fefawf83a84af3a535fda@mail.gmail.com> Date: Wed, 26 Sep 2007 21:42:11 +0100 From: "Chris Yocum" To: "Chuck Swiger" In-Reply-To: <922E2649-FBD9-4D92-8F87-84158B4537BD@mac.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <82bb54530709261246p203f751fk2df592d30b003b89@mail.gmail.com> <922E2649-FBD9-4D92-8F87-84158B4537BD@mac.com> Cc: freebsd-questions@freebsd.org Subject: Re: Dumb IPFW Question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Sep 2007 20:42:12 -0000 Hi, Yep, it was a blunder by me. Thank you very much! Chris On 9/26/07, Chuck Swiger wrote: > On Sep 26, 2007, at 12:46 PM, Chris Yocum wrote: > [ ... ] > > I also get "Sep 26 20:09:17 routy kernel: ipfw: 450 Deny UDP > router outside IP>:53 :53 out via sis0" in my > > /var/log/security file. I have appended the ipfw rules below so you > > can see all the changes that I made from the original. > > The setup keyword should only be used with TCP packets; trying to use > it with UDP traffic will cause your pass-through rules (#23-25) to > not match the traffic you want them to match... > > -- > -Chuck > >