From owner-freebsd-security Thu May 10 9:39:40 2001 Delivered-To: freebsd-security@freebsd.org Received: from ns.yogotech.com (ns.yogotech.com [206.127.123.66]) by hub.freebsd.org (Postfix) with ESMTP id 8131537B422 for ; Thu, 10 May 2001 09:39:15 -0700 (PDT) (envelope-from nate@yogotech.com) Received: from nomad.yogotech.com (nomad.yogotech.com [206.127.123.131]) by ns.yogotech.com (8.9.3/8.9.3) with ESMTP id KAA27126; Thu, 10 May 2001 10:39:07 -0600 (MDT) (envelope-from nate@nomad.yogotech.com) Received: (from nate@localhost) by nomad.yogotech.com (8.8.8/8.8.8) id KAA21302; Thu, 10 May 2001 10:39:07 -0600 (MDT) (envelope-from nate) From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15098.50218.467751.103251@nomad.yogotech.com> Date: Thu, 10 May 2001 10:39:06 -0600 (MDT) To: Dag-Erling Smorgrav Cc: nate@yogotech.com (Nate Williams), Michael Sharp , FreeBSD-security@FreeBSD.ORG Subject: Re: ipfw In-Reply-To: References: <20010509200335.7680.cpmta@c000.sfo.cp.net> <15097.44366.138725.618271@nomad.yogotech.com> X-Mailer: VM 6.75 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Reply-To: nate@yogotech.com (Nate Williams) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > Not true. Rules are processed in order, and if you don't give a rule > > number I don't know the order that a rule is inserted on the list. > > The new rule is inserted at highest existing rule number (except > 65535) + 100. Ahh, this explains why the new rules aren't being seen (because of rule 65000). I would have thought the rules would have been added to the 'top' of the ruleset. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message