Date: Thu, 13 Apr 2000 05:29:52 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Paul Mielke <paulm@securify.com> Cc: Ron Smith <ronnetron@hotmail.com>, security@freebsd.org Subject: Re: NAT and /etc/rc.firewall Message-ID: <20000413052952.A21547@hades.hell.gr> In-Reply-To: <4.2.0.58.20000412163416.00b74a20@localhost>; from paulm@securify.com on Wed, Apr 12, 2000 at 04:41:54PM -0700 References: <20000413002323.98449.qmail@hotmail.com> <4.2.0.58.20000412163416.00b74a20@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 12, 2000 at 04:41:54PM -0700, Paul Mielke wrote: > At 05:23 PM 4/12/00 -0700, Ron Smith wrote: > > ... > > For now, I would suggest that you try to diagnose the problem by > either using "ipfw show" or by using the 'log' keyword on all the > ipfw rules to figure out which rule is the one that is trashing your > packets. > > For example, do the following: > > ipfw show > fw.stats.after > do some operation that fails > ipfw show > fw.stats.after Of course this was meant to be: ipfw show > fw.stats.before do some operation that fails ipfw show > fw.stats.after and then a simple diff should be enough to provide with information on what rules were triggered: diff -u fw.stats.before fw.stats.after -- Giorgos Keramidas, < keramida @ ceid . upatras . gr > For my public pgp key: finger keramida@diogenis.ceid.upatras.gr See the headers of this message for the key finger-print. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000413052952.A21547>