From owner-freebsd-security Wed Feb 14 13:12:57 2001 Delivered-To: freebsd-security@freebsd.org Received: from amsmta04-svc.chello.nl (mail-out.chello.nl [213.46.240.7]) by hub.freebsd.org (Postfix) with ESMTP id 6FF5437B4EC for ; Wed, 14 Feb 2001 13:12:53 -0800 (PST) Received: from devon ([212.83.73.144]) by amsmta04-svc.chello.nl (InterMail vK.4.02.00.10 201-232-116-110 license a3a2682fa4a9abbd0742aa9624d87426) with SMTP id <20010214211435.TAPJ4610.amsmta04-svc@devon>; Wed, 14 Feb 2001 22:14:35 +0100 Message-Id: <4.1.20010214220858.009477a0@pop.iae.nl> X-Sender: roijers@pop.iae.nl X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Wed, 14 Feb 2001 22:13:02 +0100 To: nate@yogotech.com (Nate Williams) From: Stefan Subject: Re: Abnormal behaviour of "established" rule with ipfw? Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <14986.61927.680205.227406@nomad.yogotech.com> References: <4.1.20010214211242.0094ac90@pop.iae.nl> <4.1.20010214211242.0094ac90@pop.iae.nl> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 14:00 14-2-01 -0700, Nate Williams wrote: >Were these packets from connections setup before the firewall rule was >in place? If so, they are already established. No, as far as I can see really setup packets can pass through. My firewall was accepting incoming telnet when there was a deny all from any to any in via xl0 setup line after the allow established from any to any line. Stefan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message