Date: Thu, 21 Feb 2002 21:16:12 +0100 From: Florian Nigsch <flo@nigsch.com> To: "Scott M. Nolde" <scott@smnolde.com>, freebsd-questions@freebsd.org Subject: Re: IPFW rules Message-ID: <20020221211612.A51456@nigsch.com> In-Reply-To: <20020221133942.B53679@smnolde.com>; from scott@smnolde.com on Thu, Feb 21, 2002 at 01:39:42PM -0500 References: <20020221192954.A50541@nigsch.com> <20020221133942.B53679@smnolde.com>
next in thread | previous in thread | raw e-mail | index | archive | help
That's totally clear to me. But I wanted to know what happens if I send out a packet from the machine with IP 192.168.1.2 which first goes to 192.168.1.1 (ed1) which is at the same time 1.2.3.4 (ed0) and is then sent out to the internet over ed0. Is the packet catched by 1) count ip from 192.168.1.0/24 to any out via ed0 2) count ip from 192.168.1.0/24 to any 3) count ip from any to any out via ed0 4) count ip from 1.2.3.4 to any out via ed0 ? I think it is catched by rules 1 to 3. --> Is it also catched by rule 4 because of natd? Rule 2 counts also the internal traffic. Rule 3 - in my opinion - catches everything originating on the inside net AND also the packets originating on the outside IP number, whereas rule 4 ONLY catches the packets originating on the outside IP. Consclusions: (just to be sure) rule2 minus rule1 = internal traffic rule3 minus rule1 = outgoing traffic from offical ip which should be the same as the counter for rule 4 I'm I right? On Thu, Feb 21, 2002 at 01:39:42PM -0500, Scott M. Nolde wrote: > I use the skipto function of ipfw: > # ipfw show | head > 00010 894628 264432483 skipto 50 ip from any to any in recv dc0 > 00020 1021767 135654843 skipto 50 ip from any to any out xmit dc0 > > then rule 50 is the first rule of my normal ipfw ruleset. ---end quoted text--- -- --- Florian Nigsch <flo@nigsch.com> http://flo.nigsch.com/ PGP key: http://flo.nigsch.com/fnigsch.asc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020221211612.A51456>