Date: Mon, 25 Aug 2003 20:15:06 -0700 From: K Anderson <freebsduser@comcast.net> To: Technical Director <trodat@ultratrends.com> Cc: FreeBSD Questions <questions@freebsd.org> Subject: Re: IPFW & ICMP Message-ID: <3F4AD0BA.7050201@comcast.net> In-Reply-To: <Pine.BSF.4.21.0308251956020.37550-100000@server1.ultratrends.com> References: <Pine.BSF.4.21.0308251956020.37550-100000@server1.ultratrends.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Technical Director wrote: > > On Mon, 25 Aug 2003, Technical Director wrote: > > >>Hello, > > >>ipfw -a l [INSERT_YOUR_FW_RULE_FOR_ICMP_BLOCKING] > > > INSERT_YOUR_FW_RULE_FOR_ICMP_BLOCK is the rule ID Number. #### below is it > as well... :) > > >>##### 0 2300 deny icmp from any to me via ed0 > > > Just to clarify. > > R. > > Thanks for the response. Yep, that's the rule and it does have counters. In your previous e-mail you were asking about the order of packet processing and that's what I'm trying to figure out as well. I figure that the firewall should block the traffic first so as to prevent ruled traffic from coming in and then, in my thinking, snort shouldn't see it. Hopefully somebody might have an explanation with the why's and how comes one way or the other.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F4AD0BA.7050201>