From owner-freebsd-net@FreeBSD.ORG Sat Jul 7 14:33:06 2012 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2618C106564A for ; Sat, 7 Jul 2012 14:33:06 +0000 (UTC) (envelope-from s.khanchi@gmail.com) Received: from mail-yw0-f54.google.com (mail-yw0-f54.google.com [209.85.213.54]) by mx1.freebsd.org (Postfix) with ESMTP id D05798FC08 for ; Sat, 7 Jul 2012 14:33:05 +0000 (UTC) Received: by yhfs35 with SMTP id s35so4514225yhf.13 for ; Sat, 07 Jul 2012 07:33:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=ExThwPAeaH6HO0L9lFU4I0YE/KpLwxatxAnGhdRNFQw=; b=R4agMC0T/C6WjQUcfP2S9Bhe6OwfFYQqXONNuwsrVGNJEZReF6wPHqog/f413Idc02 KXX2E13dP/AANbinrRY8qp4PuvQMbNkf83I38VLgx72zw2PZcGZDd6ZlzTudG9YI6syk INAnmaBwR8ROUy+48we1b9IRC3cD9LtxfCuNHUU6fgy0ipl6eTCFBYCMhZK+QVS4QqzP 0/dXcmJ7E3PvpM7XIcviz7wq3a2JcokpDHT46xZwtotD+AZIoAjD8OvHPcWSSusmVcKV q/lzqN7pZP4qzazD/BqHU4a/dLodJDzheiRryF+U4biezOQwRlzWchfSHx6/2ain0/tv vm5g== Received: by 10.50.169.73 with SMTP id ac9mr4784839igc.29.1341671585212; Sat, 07 Jul 2012 07:33:05 -0700 (PDT) MIME-Version: 1.0 Sender: s.khanchi@gmail.com Received: by 10.231.134.73 with HTTP; Sat, 7 Jul 2012 07:32:45 -0700 (PDT) In-Reply-To: <20120704144342.GA1884@nat.myhome> References: <20120704144342.GA1884@nat.myhome> From: h bagade Date: Sat, 7 Jul 2012 19:02:45 +0430 X-Google-Sender-Auth: f0BMCFV2dCov-SwIP4KcnKVi5Cg Message-ID: To: "Paul A. Procacci" , "Andrey V. Elsukov" Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-net@freebsd.org Subject: Re: problem on ipfw using mac addresses X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Jul 2012 14:33:06 -0000 Thanks Andrey and Paul for your useful help. It works fine now. Thank you again. On Wed, Jul 4, 2012 at 7:13 PM, Paul A. Procacci wrote: > Have you set net.link.ether.ipfw? > > ~Paul > > On Wed, Jul 04, 2012 at 05:34:04PM +0430, h bagade wrote: > > Hi all, > > > > I have a problem using ipfw firewall. I have a topology connected as > below: > > > > A(192.168.1.55) ----- (192.168.1.1)my_sys(192.168.2.1) > > -------(192.168.2.12)B > > > > I've set the rule "ipfw add 1 deny icmp from any to any" on my_sys, which > > works correctly. I can't ping from A to B by the rule. Then I've added > mac > > part to the rule as the format of "ipfw add 1 deny icmp from any to any > ma > > any any" which seems the same as before but after that I could ping the B > > from A. > > What's the reason? I'm really confused with what I saw! Is it a bug? > > > > Any hints or suggestions are really appreciated. > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > ________________________________ > > This message may contain confidential or privileged information. If you > are not the intended recipient, please advise us immediately and delete > this message. See http://www.datapipe.com/legal/email_disclaimer/ for > further information on confidentiality and the risks of non-secure > electronic communication. If you cannot access these links, please notify > us by reply message and we will send the contents to you. >