From owner-freebsd-questions@FreeBSD.ORG Mon Dec 1 04:03:20 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3EEB71065676 for ; Mon, 1 Dec 2008 04:03:20 +0000 (UTC) (envelope-from brett@net24.co.nz) Received: from omr2.mail.isx.net.nz (omr2.mail.isx.net.nz [210.5.49.99]) by mx1.freebsd.org (Postfix) with ESMTP id D87298FC1C for ; Mon, 1 Dec 2008 04:03:19 +0000 (UTC) (envelope-from brett@net24.co.nz) Received: from 210.55.30.56 (EHLO _127.0.0.1_) ([210.55.30.56]) by omr2.mail.isx.net.nz (MOS 3.8.3-GA FastPath queued) with ESMTP id AAR84640 (AUTH brett@net24.co.nz); Mon, 01 Dec 2008 16:52:12 +1300 (NZDT) Message-ID: <49335F6C.3060802@net24.co.nz> Date: Mon, 01 Dec 2008 16:52:12 +1300 From: Brett Davidson Organization: Net24 Limited User-Agent: Thunderbird 2.0.0.18 (Windows/20081105) MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Is there anything weird I should know about using ipfw on alias addresses? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Dec 2008 04:03:20 -0000 ifconfig shows the alias addresses correctly bound. Creating an ipfw rule and testing it from the command line works (connects out from master address, not alias) From website on alias address, the firewall blocks the packets. The weird thing is that it tags them (in the security log) as coming from the master address (not the alias) out the correct interface. In a normal world that would mean the packet would match!!!!! What's goin' on here Willis?