From owner-freebsd-doc Fri Mar 15 18:10:15 2002 Delivered-To: freebsd-doc@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id CD81E37B419 for ; Fri, 15 Mar 2002 18:10:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g2G2A1a95780; Fri, 15 Mar 2002 18:10:01 -0800 (PST) (envelope-from gnats) Received: from lists.blarg.net (lists.blarg.net [206.124.128.17]) by hub.freebsd.org (Postfix) with ESMTP id 51F6C37B404 for ; Fri, 15 Mar 2002 18:06:39 -0800 (PST) Received: from thig.blarg.net (thig.blarg.net [206.124.128.18]) by lists.blarg.net (Postfix) with ESMTP id F1AC7BE6B for ; Fri, 15 Mar 2002 18:06:38 -0800 (PST) Received: from localhost.localdomain ([206.124.139.115]) by thig.blarg.net (8.9.3/8.9.3) with ESMTP id SAA13549 for ; Fri, 15 Mar 2002 18:06:27 -0800 Received: (from jojo@localhost) by localhost.localdomain (8.11.6/8.11.3) id g2G29CQ65838; Fri, 15 Mar 2002 18:09:12 -0800 (PST) (envelope-from swear@blarg.net) Message-Id: Date: 15 Mar 2002 18:09:12 -0800 From: "Gary W. Swearingen" Reply-To: swear@blarg.net To: FreeBSD-gnats-submit@freebsd.org Subject: docs/35939: ipfw(8) needs explicit statement about non-IP packets Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 35939 >Category: docs >Synopsis: ipfw(8) needs explicit statement about non-IP packets >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Fri Mar 15 18:10:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Gary W. Swearingen >Release: FreeBSD 4.5-STABLE i386 >Organization: none >Environment: n/a ================ >Description: It would be helpful if ipfw explicitly stated the handling of non-IP packets instead of just implying it by saying that ipfw(8) scans for incoming and outgoing IP packets. The implication is easily missed. Apparently, this has been a source of confusion, especially given the changing nature of the handling of non-IP packets. ================ >How-To-Repeat: n/a ================ >Fix: In the "Description" section, in the second paragraph, after the first sentence, insert this sentence: (Non-IP packets, e.g., ARP or IPX, are not seen by ipfw(8) at all and so may be considered to be always passed by this firewall.) From my brief conversation with Joost Bekkers I understand that this has not always been the behavior and will not be when he's done, but that's the way it is now, as confirmed by the bridge(8) page. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message