Date: Tue, 25 Sep 2001 22:13:41 -0500 (CDT) From: Nick Rogness <nick@rogness.net> To: David Kelly <dkelly@grumpy.dyndns.org> Cc: Brian Whalen <bri@sonicboom.org>, freebsd-questions@FreeBSD.ORG Subject: Re: natd/ipfw/sshd problem. Message-ID: <Pine.BSF.4.21.0109252208520.47372-100000@cody.jharris.com> In-Reply-To: <200109260307.f8Q37Ww18996@grumpy.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 25 Sep 2001, David Kelly wrote: > Brian Whalen writes: > > Is anyone doing anything about that?? > [...] > > > > I find it interesting that somehow 27 packets got past 65000. Can only > > > > assume not all of the above rules were added at the same time. > > > > > > It is possible for packets to arrive before the firewall rules get > > > loaded. > > That's why the default is to deny all. Is exactly the same to IP from > the outside as if the interface was not up yet. Yes, but my point was that the counters will still get incremented. Nick Rogness <nick@rogness.net> - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0109252208520.47372-100000>