Date: Fri, 21 Jan 2000 00:31:10 -0500 (EST) From: Mikhail Teterin <mi@kot.ne.mediaone.net> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: Brett Glass <brett@lariat.org>, Warner Losh <imp@village.org>, jamiE rishaw - master e*tard <jamiE@arpa.com>, Tom <tom@uniserve.com>, Mike Tancsa <mike@sentex.net>, freebsd-security@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: Re: bugtraq posts: stream.c - new FreeBSD exploit? Message-ID: <200001210531.AAA26807@rtfm.newton> In-Reply-To: <200001210421.PAA25285@cairo.anu.edu.au> from Darren Reed at "Jan 21, 2000 03:21:35 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Darren Reed once stated: =It isn't. I said that for people who are using ipnat but not ipfilter. = =btw, I think the better way to write the 3 rules is: = =block in quick proto tcp from any to any head 100 =pass in quick proto tcp from any to any flags S keep state group 100 =pass in all Can a similar rule be created for ipfw? Thanks! -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001210531.AAA26807>