From owner-freebsd-security Fri Jan 21 1:48:15 2000 Delivered-To: freebsd-security@freebsd.org Received: from oskar.dev.nanoteq.co.za (oskar.dev.nanoteq.co.za [196.7.114.5]) by hub.freebsd.org (Postfix) with ESMTP id F13FD15473 for ; Fri, 21 Jan 2000 01:48:03 -0800 (PST) (envelope-from rbezuide@oskar.dev.nanoteq.co.za) Received: (from rbezuide@localhost) by oskar.dev.nanoteq.co.za (8.9.3/8.9.0) id LAA15150; Fri, 21 Jan 2000 11:46:53 +0200 (SAT) From: Reinier Bezuidenhout Message-Id: <200001210946.LAA15150@oskar.dev.nanoteq.co.za> Subject: Re: stream.c workaround clarification In-Reply-To: <200001210849.QAA01513@netrinsics.com> from Michael Robinson at "Jan 21, 2000 4:49:28 pm" To: robinson@netrinsics.com (Michael Robinson) Date: Fri, 21 Jan 2000 11:46:53 +0200 (SAT) Cc: freebsd-security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi .. Is there any similar rules in IPFW that simulates this ?? Reinier > I've been using an ipfilter rule-list that includes the following two rules: > > pass in log quick proto tcp from any to any flags S/SA > pass in quick proto tcp from any to any keep state > > (I log connections to TCP ports that aren't "exempted" higher up in the rules.) > > >From the discussion it seems to me that this should have an equivalent > protective effect as the official-sanctioned workaround, but I'd like to > verify this to be true. > > Thanks. > > -Michael Robinson > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message