Date: Thu, 10 May 2001 19:51:05 +0300 From: Peter Pentchev <roam@orbitel.bg> To: Nate Williams <nate@yogotech.com> Cc: Dag-Erling Smorgrav <des@ofug.org>, Michael Sharp <msharp@medmail.com>, FreeBSD-security@FreeBSD.ORG Subject: Re: ipfw Message-ID: <20010510195105.D56859@ringworld.oblivion.bg> In-Reply-To: <15098.50218.467751.103251@nomad.yogotech.com>; from nate@yogotech.com on Thu, May 10, 2001 at 10:39:06AM -0600 References: <20010509200335.7680.cpmta@c000.sfo.cp.net> <15097.44366.138725.618271@nomad.yogotech.com> <xzpy9s5k1eo.fsf@flood.ping.uio.no> <15098.50218.467751.103251@nomad.yogotech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 10, 2001 at 10:39:06AM -0600, Nate Williams wrote: > > > Not true. Rules are processed in order, and if you don't give a rule > > > number I don't know the order that a rule is inserted on the list. > > > > The new rule is inserted at highest existing rule number (except > > 65535) + 100. > > Ahh, this explains why the new rules aren't being seen (because of rule > 65000). > > I would have thought the rules would have been added to the 'top' of the > ruleset. Nope, they're added to the bottom, so that if you add several rules one by one, they'll be executed in the order you added them. G'luck, Peter -- This would easier understand fewer had omitted. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010510195105.D56859>