From owner-freebsd-hackers  Fri Feb 13 07:46:11 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA10422
          for freebsd-hackers-outgoing; Fri, 13 Feb 1998 07:46:11 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from Kitten.mcs.com (Kitten.mcs.com [192.160.127.90])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA10361
          for <hackers@freebsd.org>; Fri, 13 Feb 1998 07:45:24 -0800 (PST)
          (envelope-from nash@Jupiter.Mcs.Net)
Received: from Jupiter.Mcs.Net (nash@Jupiter.mcs.net [192.160.127.88]) by Kitten.mcs.com (8.8.7/8.8.2) with ESMTP id JAA07655; Fri, 13 Feb 1998 09:45:15 -0600 (CST)
Received: from localhost (nash@localhost) by Jupiter.Mcs.Net (8.8.7/8.8.2) with SMTP id JAA26457; Fri, 13 Feb 1998 09:45:15 -0600 (CST)
Date: Fri, 13 Feb 1998 09:45:15 -0600 (CST)
From: Alex Nash <nash@Mcs.Net>
To: Chris Stenton <jacs@gnome.co.uk>
cc: hackers@FreeBSD.ORG
Subject: Re: ipfw and www browser problem
In-Reply-To: <Pine.BSF.3.95.980213090423.25501A-100000@Jupiter.Mcs.Net>
Message-ID: <Pine.BSF.3.95.980213094414.25501C-100000@Jupiter.Mcs.Net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, 13 Feb 1998, Alex Nash wrote:

> Any fragmented packet (except the first fragment) which makes it to this
> rule will be stopped due to a bug in ipfw.

I should clarify that further: Any fragmented packet (except the first
fragment) which is TCP *and* comes in via ppp0 will be denied.  Fragmented
UDP packets and fragments coming in over other interfaces will not match.

Alex


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message