Date: Mon, 02 Jun 2003 10:02:11 -0600 From: Gary Aitken <freebsd@dreamchaser.org> To: FreeBSD-questions@freebsd.org Subject: ipfw final rule Message-ID: <3EDB7503.2070403@dreamchaser.org> References: <20030531000201.26C2C37B404@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I was considering turning on bridging, which requires the final ipfw rule to be allow, not deny. So I added a deny rule at 65534, but temporarily left the default deny rule in place in the kernel. Interestingly, my log shows the following: > 65534 582 58547 deny ip from any to any > 65535 3 234 deny ip from any to any This looks like an impossible situation, since the last 3 should have been caug ht by the previous rule. I presume those last three denied packets are really not ip packets at all, but some other packet like arp? Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EDB7503.2070403>