Date: 15 Mar 2002 18:09:12 -0800 From: "Gary W. Swearingen" <swear@blarg.net> To: FreeBSD-gnats-submit@freebsd.org Subject: docs/35939: ipfw(8) needs explicit statement about non-IP packets Message-ID: <jh4rjhe01j.rjh@localhost.localdomain>
next in thread | raw e-mail | index | archive | help
>Number: 35939 >Category: docs >Synopsis: ipfw(8) needs explicit statement about non-IP packets >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Mar 15 18:10:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Gary W. Swearingen >Release: FreeBSD 4.5-STABLE i386 >Organization: none >Environment: n/a ================ >Description: It would be helpful if ipfw explicitly stated the handling of non-IP packets instead of just implying it by saying that ipfw(8) scans for incoming and outgoing IP packets. The implication is easily missed. Apparently, this has been a source of confusion, especially given the changing nature of the handling of non-IP packets. ================ >How-To-Repeat: n/a ================ >Fix: In the "Description" section, in the second paragraph, after the first sentence, insert this sentence: (Non-IP packets, e.g., ARP or IPX, are not seen by ipfw(8) at all and so may be considered to be always passed by this firewall.) From my brief conversation with Joost Bekkers I understand that this has not always been the behavior and will not be when he's done, but that's the way it is now, as confirmed by the bridge(8) page. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?jh4rjhe01j.rjh>