Date: 15 Mar 2002 18:09:12 -0800 From: "Gary W. Swearingen" <swear@blarg.net> To: FreeBSD-gnats-submit@freebsd.org Subject: docs/35939: ipfw(8) needs explicit statement about non-IP packets Message-ID: <jh4rjhe01j.rjh@localhost.localdomain>
next in thread | raw e-mail | index | archive | help
>Number: 35939
>Category: docs
>Synopsis: ipfw(8) needs explicit statement about non-IP packets
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 15 18:10:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Gary W. Swearingen
>Release: FreeBSD 4.5-STABLE i386
>Organization:
none
>Environment:
n/a
================
>Description:
It would be helpful if ipfw explicitly stated the handling of non-IP
packets instead of just implying it by saying that ipfw(8) scans for
incoming and outgoing IP packets. The implication is easily missed.
Apparently, this has been a source of confusion, especially given the
changing nature of the handling of non-IP packets.
================
>How-To-Repeat:
n/a
================
>Fix:
In the "Description" section, in the second paragraph, after the first
sentence, insert this sentence:
(Non-IP packets, e.g., ARP or IPX, are not seen by ipfw(8) at all
and so may be considered to be always passed by this firewall.)
From my brief conversation with Joost Bekkers I understand that this
has not always been the behavior and will not be when he's done, but
that's the way it is now, as confirmed by the bridge(8) page.
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?jh4rjhe01j.rjh>