Date: Tue, 18 Feb 2020 08:27:16 -0500 From: Robert Huff <roberthuff@rcn.com> To: Andreas X <hamdi20193d@gmail.com> Cc: =?UTF-8?Q?Trond_Endrest=C3=B8l?= <trond.endrestol@ximalas.info>, Tim Daneliuk <tundra@tundraware.com>, FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: Blacklist IP file for IPFW? Message-ID: <24139.58932.915276.752500@jerusalem.litteratus.org> In-Reply-To: <CAEW8WPuirfT-uq2XOBf%2B1w6StXQLEtSpCgAEELL5pLtthk9tog@mail.gmail.com> References: <CAEW8WPsMvq7bdAQ4cu=RYZQ=PfXMmbUUQ-yi_0qUAjt-nWTf=Q@mail.gmail.com> <9585fce4-b48d-a210-d62f-a2100c0cf929@tundraware.com> <CAEW8WPunc9%2B-7qybkrnDep3R08ApgjBkA2n=fi%2ByU8psTJRkNg@mail.gmail.com> <CAEW8WPtqeFDahGMN8h4qijXe6oug7H6uEyG2hTuqs53G2K98eA@mail.gmail.com> <e3aa5e53-606b-7ad4-b529-5891cf509fbf@tundraware.com> <alpine.BSF.2.22.395.2002180821310.6036@enterprise.ximalas.info> <CAEW8WPuirfT-uq2XOBf%2B1w6StXQLEtSpCgAEELL5pLtthk9tog@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Andreas X writes: > Question is: If I don't add the rule number 00350 to that command, > that rule gets located to 65000s, and ipfw doesn't block the IPs in > table, at all. I wanted to ask why such react, shouldn't IPFW still > do the job (deny) even if the rule number belongs to last ones? I am not an IPFW expert ... but: It is my understanding IPFW stops processing a packet after the first rule that matches that packet. Am I wrong? If not, this suggests somewhere between rule 351 and rule 650000(-ish) is a rule that matches the packet and keeps it from getting processed by anything lower in the list. Would you be willing to publish your entire IPFW ruleset? Respectfully, Robert Huff
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?24139.58932.915276.752500>