Date: Mon, 28 Jul 2008 18:15:32 -0700 From: "Ronald F. Guilmette" <rfg@tristatelogic.com> To: freebsd-questions@freebsd.org Subject: Two minor IPFW-related questions Message-ID: <83072.1217294132@tristatelogic.com>
next in thread | raw e-mail | index | archive | help
Just a couple of questions about IPFW-related things:
1) Somewhere the other day I read a recommendation... which looked rather
official to me that the time... that all fragments should be firwalled
out, e.g. thusly:
deny any to any in frag
Is that actually a Good Thing To Do? Are there really no legitimate
packate fragments out there on the Internet?
2) What is the significance of the last three numbers in the following log
line? What exactly does each one of them represent?
Jul 28 00:00:13 segfault kernel: ipfw: 250 Deny UDP 192.228.91.19 66.60.171.112 in via rl0 (frag 60396:368@1480)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?83072.1217294132>