Date: Wed, 14 Sep 2011 14:48:57 +0400 From: Vladimir Budnev <vladimir.budnev@gmail.com> To: Eugene Grosbein <egrosbein@rdtc.ru> Cc: freebsd-net@freebsd.org, freebsd-ipfw@freebsd.org Subject: Re: IPFW hidden/broken rule? (Free 7.2) Message-ID: <CAAvRK97r0bC7KZyGeuiRQ=jG976TQAJxCSqTeDZ%2BTbKAXGJLqw@mail.gmail.com> In-Reply-To: <4E706BC1.9030203@rdtc.ru> References: <4E7066CE.3070702@gmail.com> <4E706BC1.9030203@rdtc.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
> > 14.09.2011 15:33, Vladimir Budnev пишет: > > > So i think there are at least to questions: > > > > 1. Have anyone ever met such situation? Or may be something close to > > this one with 'hidden' ipfw rules? > > Have you tried "ipfw -d -e show"? > > Nope we didnt check those tables. But to be honest iI don't think there may be connection tracking issue because it is allow ip to any rule: 04701 pipe tablearg ip from table(2) to any in via em0 And I'v wrote that we can catch packets with rule, by placing it before rule 04701.Packets are captured by 04701 even with empty(not flushed) table 2.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAvRK97r0bC7KZyGeuiRQ=jG976TQAJxCSqTeDZ%2BTbKAXGJLqw>