From owner-freebsd-current  Thu Apr  4 12:26:58 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id MAA27523
          for current-outgoing; Thu, 4 Apr 1996 12:26:58 -0800 (PST)
Received: from multivac.orthanc.com (multivac.orthanc.com [206.12.238.2])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id MAA27514
          for <freebsd-current@freebsd.org>; Thu, 4 Apr 1996 12:26:51 -0800 (PST)
Received: from localhost (lyndon@localhost) by multivac.orthanc.com (8.7.3/8.7.3) with SMTP id MAA24533; Thu, 4 Apr 1996 12:26:08 -0800 (PST)
Message-Id: <199604042026.MAA24533@multivac.orthanc.com>
From: Lyndon Nerenberg VE7TCP <lyndon@orthanc.com>
To: Poul-Henning Kamp <phk@critter.tfs.com>
cc: freebsd-current@freebsd.org
Subject: Re: Nice Firewall :-) 
In-reply-to: Your message of "Thu, 04 Apr 1996 09:01:18 GMT."
             <1879.828608478@critter.tfs.com> 
Date: Thu, 04 Apr 1996 12:26:07 -0800
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>>>>> "Poul-Henning" == Poul-Henning Kamp <phk@critter.tfs.com> writes:

    Poul-Henning> If you had paid attention to the mailinglists, you
    Poul-Henning> would have known that ipfw was changed to a default
    Poul-Henning> policy of deny some time back.

Yes yes. The surprise was the -1 return from sendto(). This was not
consistent with the old behaviour of just swallowing the packet. I
don't remember this being mentioned on the list.

    Poul-Henning> Look at the manual and the /etc/rc.firewall I
    Poul-Henning> committed yesterday for more info.

The rc.firewall file is a very good idea. I'll assume the relevent
manpages will be updated at some point to document the new error
return. (The sup's still running and hasn't gotten that far yet.)

--lyndon