From owner-freebsd-ipfw Thu Jan 30 14: 3:45 2003 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E4C0337B401 for ; Thu, 30 Jan 2003 14:03:43 -0800 (PST) Received: from smtp.a1poweruser.com (oh-chardon6a-34.clvhoh.adelphia.net [68.169.105.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 27CC643F75 for ; Thu, 30 Jan 2003 14:03:43 -0800 (PST) (envelope-from barbish@a1poweruser.com) Received: from barbish (lanwin2 [10.0.10.6]) by smtp.a1poweruser.com (Postfix) with SMTP id 2C5D91EF; Thu, 30 Jan 2003 17:11:45 -0500 (EST) Reply-To: From: "JoeB" To: "Michael Sierchio" Cc: "Nick Rogness" , "Simon L. Nielsen" , Subject: RE: Error in ipfw manpage for stateful rules? Date: Thu, 30 Jan 2003 17:03:40 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <3E399C53.3030406@tenebras.com> Importance: Normal Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG You did not answer my question > Are you willing to give me a hand to correct this > oversight to the IPFW documentation and examples. I will do the testing of the rules sets and write the rough draft explaining what the rules are doing, you help me get a rules coding logic that works correctly and review my rough draft for final placement where ever in FBSD. This offer also goes out to the other people who read the IPFW list. -----Original Message----- From: owner-freebsd-ipfw@FreeBSD.ORG [mailto:owner-freebsd-ipfw@FreeBSD.ORG]On Behalf Of Michael Sierchio Sent: Thursday, January 30, 2003 4:43 PM To: barbish@a1poweruser.com Cc: Nick Rogness; Simon L. Nielsen; freebsd-ipfw@FreeBSD.ORG Subject: Re: Error in ipfw manpage for stateful rules? JoeB wrote: > ... Also this little quote from your > email response "Also note: it is documented but frequently > forgotten that nat'd packets, or any packets passed via DIVERT, lose > information -- such as which interface the packet was received on." > Causes me a great amount of concern. I would think the divert code > needs to be fixed to correct this problem It's a feature, not a bug. Since the process listening on the divert socket can morph the packet into anything, there's simply no way of knowing where it arrived. > Are you willing to give me a hand to correct this > oversight to the IPFW documentation and examples. The man page(s) need a rewrite, to be sure. I think the examples should be moved out of the man page and put in /usr/share/examples/ipfw... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message