From owner-freebsd-hackers Sun Feb 8 16:19:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA29038 for hackers-outgoing; Sun, 8 Feb 1998 16:19:29 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from gaia.coppe.ufrj.br (cisigw.coppe.ufrj.br [146.164.5.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA29032 for ; Sun, 8 Feb 1998 16:19:24 -0800 (PST) (envelope-from jonny@coppe.ufrj.br) Received: (from jonny@localhost) by gaia.coppe.ufrj.br (8.8.8/8.8.8) id WAA11332; Sun, 8 Feb 1998 22:18:52 -0200 (EDT) (envelope-from jonny) From: Joao Carlos Mendes Luis Message-Id: <199802090018.WAA11332@gaia.coppe.ufrj.br> Subject: Re: ipfw logs ports for fragments In-Reply-To: <199802052006.MAA10605@bubba.whistle.com> from Archie Cobbs at "Feb 5, 98 12:06:28 pm" To: archie@whistle.com (Archie Cobbs) Date: Sun, 8 Feb 1998 22:18:52 -0200 (EDT) Cc: marcs@znep.com, hackers@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL32 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG #define quoting(Archie Cobbs) // Marc Slemko writes: // > Feb 4 16:08:27 zaius /kernel: ipfw: 320 Deny UDP 199.170.121.15:14592 198.161.84.2:2 in via de0 Fragment = 29 // > // > Trust me, those port numbers are not right. ipfw should not log the // > port number if a packet is a fragment. // // Good point... patch below fixes it. Maybe a stupid question: If you filter by port, only the first frag may be filtered. Then, what will happen to the destination machine, receiving lots of incomplete packets ? Jonny -- Joao Carlos Mendes Luis jonny@gta.ufrj.br +55 21 290-4698 jonny@coppe.ufrj.br Universidade Federal do Rio de Janeiro UFRJ/COPPE/CISI PGP fingerprint: 29 C0 50 B9 B6 3E 58 F2 83 5F E3 26 BF 0F EA 67 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe hackers" in the body of the message