From owner-freebsd-security  Thu Aug 24 22:45: 4 2000
Delivered-To: freebsd-security@freebsd.org
Received: from alcanet.com.au (mail.alcanet.com.au [203.62.196.10])
	by hub.freebsd.org (Postfix) with SMTP id 5240037B42C
	for <freebsd-security@FreeBSD.ORG>; Thu, 24 Aug 2000 22:44:59 -0700 (PDT)
Received: by border.alcanet.com.au id <115389>; Fri, 25 Aug 2000 15:44:49 +1000
Content-return: prohibited
Date:  Fri, 25 Aug 2000 15:44:48 +1000
From: Peter Jeremy <peter.jeremy@alcatel.com.au>
Subject: Re: ipfw & ospf
In-reply-to: <Pine.GSO.3.96.1000824215705.3327A-100000@roble2.roble.com>; from
 marquis@roble.com on Thu, Aug 24, 2000 at 09:58:31PM -0700
To: Roger Marquis <marquis@roble.com>
Cc: freebsd-security@FreeBSD.ORG
Mail-followup-to: Roger Marquis <marquis@roble.com>,
 freebsd-security@FreeBSD.ORG
Message-Id: <00Aug25.154449est.115389@border.alcanet.com.au>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii
Content-disposition: inline
User-Agent: Mutt/1.2.4i
References: <Pine.GSO.3.96.1000824215705.3327A-100000@roble2.roble.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On 2000-Aug-24 21:58:31 -0700, Roger Marquis <marquis@roble.com> wrote:
>Does anyone know why trafshow/tcpdump still reports OSPF traffic
>after the application of these ipfw rules?
>
>  /sbin/ipfw add 115 deny ospf from any to any
>  /sbin/ipfw add 115 deny all from 224.0.0.0/8 to any

The BPF tap points used for trafshow/tcpdump are on the LAN side of
the filtering rules, so you will still see OSPF traffic generated on
the LAN.

Peter


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message