From owner-freebsd-security Tue Feb 29 0:16: 6 2000 Delivered-To: freebsd-security@freebsd.org Received: from aurora.scoop.co.nz (aurora.scoop.co.nz [203.96.152.68]) by hub.freebsd.org (Postfix) with ESMTP id AB05637BA4C for ; Tue, 29 Feb 2000 00:15:59 -0800 (PST) (envelope-from andrew@scoop.co.nz) Received: from localhost (localhost [127.0.0.1]) by aurora.scoop.co.nz (8.9.3/8.9.3) with SMTP id VAA28296; Tue, 29 Feb 2000 21:13:58 +1300 (NZDT) Date: Tue, 29 Feb 2000 21:13:58 +1300 (NZDT) From: Andrew McNaughton X-Sender: andrew@aurora.scoop.co.nz Reply-To: andrew@scoop.co.nz To: cjclark@home.com Cc: Lev Serebryakov , All Subject: Re: ipfw log accounting In-Reply-To: <20000228215904.B31743@cc942873-a.ewndsr1.nj.home.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 28 Feb 2000, Crist J. Clark wrote: > On Tue, Feb 29, 2000 at 01:46:53AM +0300, Lev Serebryakov wrote: > [snip] > > And one more question: > > How could I write rule, which skip all broadcast traffic? My > > computer is on big provider's net, and here is more than one > > broadcast address (many subnets on one wire)... > > Never tried this and haven't glanced at the source to see if it has a > chance of working, but _theoretically_ is there a reason that, > > deny ip from 0.0.0.255:0.0.0.255 to any > > A "reversed" netmask won't work? I use this. It works just fine. -- Andrew McNaughton andrew@scoop.co.nz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message