Date: Mon, 11 Jan 1999 22:28:37 +1100 (EST) From: "Daniel O'Callaghan" <danny@hilink.com.au> To: "N. N.M" <madrapour@hotmail.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Need help with IPFW Message-ID: <Pine.BSF.3.96.990111222120.21260A-100000@enya.clari.net.au> In-Reply-To: <19990111071915.19303.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 10 Jan 1999, N. N.M wrote: > Is there anybody around who knows what the following log (related to > ipfw) means: > > ipfw -1 Refuse TCP X.X.X.X:80 Y.Y.Y.Y:2047 in via ed1 > > or this one > > ipfw -1 Refuse TCP X.X.X.X Y.Y.Y.Y in via edi Fragment=1 This one is covered by the man page. *All* tcp packets with Fragment offset=1 are rejected because they are only used to circumvent firewalls. The first packet was probably the first packet in the attack, and had something odd about it which caused the ip_fw code to refuse it as a bogus fragment. Danny To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990111222120.21260A-100000>