From owner-freebsd-questions  Sat Jun 15 17:48:30 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.npubs.com (npubs.com [207.111.208.224])
	by hub.freebsd.org (Postfix) with ESMTP id ADAAA37B408
	for <questions@FreeBSD.ORG>; Sat, 15 Jun 2002 17:48:26 -0700 (PDT)
Received: 8.12.2-(Neptune)
From: "Nielsen" <nielsen@memberwebs.com>
To: <cykyc@yahoo.com>, "Ilia Chipitsine" <ilia@cgu.chel.su>,
	<questions@FreeBSD.ORG>
References: <20020615170808.81047.qmail@web20604.mail.yahoo.com>
Subject: Re: ipfw: stateful rules & UDP/ICMP
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <20020616004826.ADAAA37B408@hub.freebsd.org>
Date: Sat, 15 Jun 2002 17:48:26 -0700 (PDT)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I think ipf does stateful ICMP based on not only source and dest ips but
type and all the rest. UDP is based on source and destination ports, in
addition to source and dest ips.

Nate

> When I was looking into this for ICMP a couple months back w/
> probably a 4.5 -S branch, I believe the structure and matching used
> didn't take into account the ICMP type and code; iirc, it only
> looked at the src_ip, src_port, dst_ip, dst_port, and proto.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message