Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 24 Feb 2000 18:56:53 +0200 (EET)
From:      Alexander Karptsov <karp@visti.net>
To:        freebsd-security@freebsd.org
Subject:   mysterious behaviour of the ipfw ...
Message-ID:  <Pine.BSF.4.10.10002241850130.23104-100000@lab.visti.net>
next in thread | raw e-mail | index | archive | help 
   Hi !

My perl script, which gets counters' statistics from "ipfw show |", 
mysteriously warns me from time to time. When I added debug mode to it
I saw next (please note:  my ipfw begins with rule number 100
and ip number 10/8):

---begin---

ipfw: impossible
00000    72058736529113354 18446744073709551615 deny ip from 56.2.0.0:25.0.0.0 to any tcpflg fin
00000   856036610469789962 18446744073709551615 deny ip from 57.2.0.0:25.0.0.0 to any tcpflg fin
00000    72057637017485578 18446744073709551615 deny ip from 58.2.0.0:110.0.0.0 to any tcpflg fin
00000    72058736529113354 18446744073709551615 deny ip from 59.2.0.0:110.0.0.0 to any tcpflg fin
00000   856036610469789962 18446744073709551615 deny ip from 60.2.0.0:110.0.0.0 to any tcpflg fin
00000             29884682           4294967295 deny ip from any to any tcpflg fin
00000             29884682           4294967295 deny ip from any to any tcpflg fin
00000 18446744069414584320 18446744073709551615 deny ip from 63.2.0.0:68.0.67.0 to any
00000                    0                    0 deny ip from any to any tcpflg fin
00000                    0                    0 deny ip from any to any tcpflg fin
00000                    0                    0 deny ip from any to any
00000            199311555           4294967295 deny ip from any to any
00000                    0                    0 deny ip from 233.253.0.0:80.0.0.0 to any tcpflg fin
00000                    0                    0 deny ip from 234.253.0.0:80.0.0.0 to any tcpflg fin
00000                    0                    0 deny ip from any to any
00115                    0                    0 skipto 65000 tcp from 10.0.1.1 to 10.1.0.1 110 in recv fxp1
00117                 3732               392720 count ip from 10.0.1.1 to any in recv fxp1
00118                 3732               392720 skipto 65000 ip from 10.0.1.1 to any in recv fxp1

....

53625                    0                    0 deny ip from 164.129.1.0:157.45.0.0 to any ipopt !ssrr,!rr tcpflg fin,syn
00000      424016351330304       58304181043200 

----end-----

line 115 is first from my rules which left (100..114 disappeared), 
and rules from 65000 and below also disappeared.


Can anyone comments this ? Thanks.

P.S. 
$uname -sr
FreeBSD 3.4-19991223-STABLE




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10002241850130.23104-100000>