From owner-freebsd-questions@FreeBSD.ORG Tue May 27 00:04:20 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 70C6B37B401 for ; Tue, 27 May 2003 00:04:20 -0700 (PDT) Received: from rambo.401.cx (rambo.401.cx [80.65.205.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4594943F93 for ; Tue, 27 May 2003 00:04:19 -0700 (PDT) (envelope-from listsub@401.cx) Received: from 401.cx (132.dairy.twenty4help.se [80.65.195.132]) by rambo.401.cx (8.12.9/8.12.7) with ESMTP id h4R74HMI014593; Tue, 27 May 2003 09:04:17 +0200 (CEST) (envelope-from listsub@401.cx) Message-ID: <3ED30DEB.3010805@401.cx> Date: Tue, 27 May 2003 09:04:11 +0200 From: "Roger 'Rocky' Vetterberg" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Bill Moran References: <20030524145328.16351.qmail@web13406.mail.yahoo.com> <3ECFA2E5.8020701@potentialtech.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: Fehmi cc: freebsd-questions@freebsd.org Subject: Re: Running Dummynet X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2003 07:04:20 -0000 Bill Moran wrote: > Please use reply-all to send your replies to the mailing list > as well. > > Fehmi wrote: > >> ipfw show: >> 100 allow ip from any to any >> 200 pipe 1 bw 1kbit/s delay 200ms >> 65554 deny ip from any to any > > > This actually works? It looks to me like everything should be > blocked by the last rule: thus no networking should work. I have to disagree. Everything will be *allowed* by the *first* rule, none of the other rules will ever happen, including the last one. This is pretty much as effective as no firewall at all. -- R