Date: Sat, 15 Jun 2002 00:33:04 +0600 (YEKST) From: =?koi8-r?B?6czY0SD7ydDJw8nO?= <ilia@academy.urc.ac.ru> To: Joe & Fhe Barbish <barbish@a1poweruser.com> Cc: FBSDQ <questions@FreeBSD.ORG> Subject: RE: ipfw: outgoing connections only Message-ID: <20020615003006.A46377-100000@sol.chel.skbkontur.ru> In-Reply-To: <MIEPLLIBMLEEABPDBIEGGELDCCAA.barbish@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > # Allow the packet through if it has previous been added to the > # the "dynamic" rules table by an allow keep-state statement. > $cmd 00400 check-state > > # Run all private LAN xl0 packet traffic through the dynamic rules > # table so the IP address are in sync with Natd. You would have one > # rule like this for each Nic card you have for private lans. > $cmd 00500 allow all from any to any via xl0 keep-state 00051 0 0 check-state 00052 1685 333307 allow tcp from me to any keep-state setup 00053 2210 500566 allow ip from me to any why does check-state rule has "0" packets matched ? Regards, Ilia Chipitsine To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020615003006.A46377-100000>