Date: Wed, 7 Feb 2001 09:57:27 -0500 From: "Rossen Raykov" <rraykov@sageian.com> To: <freebsd-security@freebsd.org> Subject: ipfw question Message-ID: <00a101c09116$49dca980$4c00000a@sage>
next in thread | raw e-mail | index | archive | help
Hi All, I have the following lines in my firewall config file (fragment from ipfw show): 03010 108 10919 allow udp from local.ip to any 50000 0 0 allow udp from any 40000-50000 to local.ip 40000-50000 50001 21 1694 allow log logamount 1024 udp from any to any And I have the following records in security log: Feb 7 08:49:33 myhost /kernel: ipfw: 50001 Accept UDP forien.ip.1:4000 local.ip:49160 in via dc0 Feb 7 08:49:42 myhost last message repeated 10 times Feb 7 08:52:10 myhost last message repeated 2 times Feb 7 09:00:34 myhost last message repeated 7 times Feb 7 09:02:34 myhost /kernel: ipfw: 50001 Accept UDP forien.ip.2:4000 local.ip:49160 in via dc0 My question is why those packets ware not captured from rule 50000 but from 50001? Tanks, Rossen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00a101c09116$49dca980$4c00000a>