From owner-freebsd-ipfw@FreeBSD.ORG Thu Apr 10 08:41:11 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5D3EF37B401 for ; Thu, 10 Apr 2003 08:41:11 -0700 (PDT) Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id CD64143F75 for ; Thu, 10 Apr 2003 08:41:10 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 89876 invoked from network); 10 Apr 2003 15:41:10 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by 0 with SMTP; 10 Apr 2003 15:41:10 -0000 Message-ID: <3E959094.5040504@tenebras.com> Date: Thu, 10 Apr 2003 08:41:08 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.3) Gecko/20030312 X-Accept-Language: en-us, en, zh-cn, zh-tw MIME-Version: 1.0 To: "Earl A. Killian" References: <16021.30535.469091.657659@sax.killian.com> In-Reply-To: <16021.30535.469091.657659@sax.killian.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-ipfw@freebsd.org Subject: Re: self-generated packet question X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Apr 2003 15:41:11 -0000 Earl A. Killian wrote: > Do packets generated by the ipfw host get processed for both input and > output or just output? If they are filtered on input, then it seems they > can be detected with "in recv any", right? They aren't received on any interface, no. They can be filtered on output (from me to any, etc.) (presumably you already have an allow rule like allow ip from any to any via lo0).