From owner-freebsd-questions Sat Mar 10 7: 8:55 2001 Delivered-To: freebsd-questions@freebsd.org Received: from femail2.rdc1.on.home.com (femail2.rdc1.on.home.com [24.2.9.89]) by hub.freebsd.org (Postfix) with ESMTP id 639E737B718 for ; Sat, 10 Mar 2001 07:08:52 -0800 (PST) (envelope-from latif2221@home.com) Received: from home.com ([24.114.36.13]) by femail2.rdc1.on.home.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20010310150845.QXOT606.femail2.rdc1.on.home.com@home.com> for ; Sat, 10 Mar 2001 07:08:45 -0800 Message-ID: <3AAA3FB5.C0CB7B10@home.com> Date: Sat, 10 Mar 2001 09:52:37 -0500 From: Duraid X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "freebsd-questions@FreeBSD.ORG" Subject: (ipfilter) ipf and ipfstat, something wrong???? Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ipfstat -io is showing unexpected results for rules i didn't build ( actually they the exact opposit of my rules) although the effective rules are still the ones i load with ipf. see below:(freebsd 4.2) any idea??? root:~# ipf -vFa -f /etc/ipf.rules remove flags IO (12) removed 9 filter rules [block in on xl0 all] block in on xl0(!) from any to any [block in quick on xl0 from 192.168.0.0/16 to any] block in quick on xl0(!) from 192.168.0.0/16 to any [block in quick on xl0 from 172.16.0.0/12 to any] block in quick on xl0(!) from 172.16.0.0/12 to any [block in quick on xl0 from 10.0.0.0/8 to any] block in quick on xl0(!) from 10.0.0.0/8 to any [block in quick on xl0 from 127.0.0.0/8 to any] block in quick on xl0(!) from 127.0.0.0/8 to any [pass out quick on xl0 proto tcp from any to any keep state keep frags] pass out quick on xl0(!) proto tcp from any to any keep state keep frags [pass out quick on xl0 proto udp from any to any keep state keep frags] pass out quick on xl0(!) proto udp from any to any keep state keep frags [pass out quick on xl0 proto icmp from any to any keep state keep frags] pass out quick on xl0(!) proto icmp from any to any keep state keep frags [pass in quick on xl0 proto tcp from any to 24.114.36.13 port = 22 flags S keep state keep frags] pass in quick on xl0(!) proto tcp from any to 24.114.36.13/32 port = 22 flags S/0xff keep state keep frags root:~# ipfstat -io block out on xl0 from any to any block out quick on xl0 from 192.168.0.0/16 to any block out quick on xl0 from 172.16.0.0/12 to any block out quick on xl0 from 10.0.0.0/8 to any block out quick on xl0 from 127.0.0.0/8 to any pass out quick on xl0 proto tcp from any to 24.114.36.13/32 port = 22 flags S/0xff keep state keep frags empty list for ipfilter(in) Duraid To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message