From owner-freebsd-current Wed Feb 28 11:11:28 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id LAA03281 for current-outgoing; Wed, 28 Feb 1996 11:11:28 -0800 (PST) Received: from rocky.sri.MT.net (rocky.sri.MT.net [204.182.243.10]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id LAA03235 Wed, 28 Feb 1996 11:10:48 -0800 (PST) Received: (from nate@localhost) by rocky.sri.MT.net (8.6.12/8.6.12) id MAA08403; Wed, 28 Feb 1996 12:13:34 -0700 Date: Wed, 28 Feb 1996 12:13:34 -0700 From: Nate Williams Message-Id: <199602281913.MAA08403@rocky.sri.MT.net> To: Nate Williams Cc: Bill Fenner , stable@freebsd.org, current@freebsd.org Subject: Re: IPFW (was: Re: -stable hangs at boot) In-Reply-To: <199602281910.MAA08395@rocky.sri.MT.net> References: <199602261926.MAA00360@rocky.sri.MT.net> <96Feb28.110530pst.177480@crevenia.parc.xerox.com> <199602281910.MAA08395@rocky.sri.MT.net> Sender: owner-current@freebsd.org Precedence: bulk Nate Williams writes: > > >That reminds me. I haven't looked yet, but does the new code also > > >filter out routing information? The old code didn't (and other firewall > > >code I have used does). > > > > Sorry, this doesn't make much sense to me -- shouldn't "filtering routing > > information" just be another firewall rule? Seems like policy to me. > > The routing code didn't go through the firewall code in the previous > implementation, so there was no way for it to filter out routing > information. Man, I think I'm going to crawl into a hole today. I can't communicate at all effectively. What that should have said is: Routing packets didn't pass through the firewall code previously, so there was no way to filter it out. Sorry, Nate