Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 27 Jun 1995 17:40:58 +0100 (BST)
From:      Paul Richards <paul@lambda.demon.co.uk>
To:        imb@scgt.oz.au (michael butler)
Cc:        paul@freebsd.org, current@freebsd.org
Subject:   Re: ipfw - addf reject = panic
Message-ID:  <199506271640.RAA01451@freebsd.netcraft.co.uk>
In-Reply-To: <199506271610.CAA11019@asstdc.scgt.oz.au> from "michael butler" at Jun 28, 95 02:10:38 am

next in thread | previous in thread | raw e-mail | index | archive | help
In reply to michael butler who said
> 
> Paul Richards writes:
> 
> > The ipfw code works for me fine but using user-space PPP. I suspect
> > that it is the kernel PPP code that is falling over rather than
> > anything else since it was flakey in 2.0 and has since been largely
> > ignored since everyones switched.
> 
> Different code .. user-mode PPP has its own internal filter functions
> executed at context-switch intervals along with the rest of the protocol. 
> It also currently has no facility to return ICMP unreachable indications,

Ehh? I'm using ipfw, the kernel firewall code, not the user-mode PPP
filtering code.

I think the layering is (is this right?)

modem <-> user PPP <-> tun <-> IP layer <-> ipfw <-> TCP

so ipfw is always common.

-- 
  Paul Richards, Bluebird Computer Systems. FreeBSD core team member. 
  Internet: paul@FreeBSD.org, http://www.freebsd.org/~paul
  Phone: 0370 462071 (Mobile), +44 1222 457651 (home)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506271640.RAA01451>