From owner-freebsd-hackers Fri Apr 11 19:28:25 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id TAA09141 for hackers-outgoing; Fri, 11 Apr 1997 19:28:25 -0700 (PDT) Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA09133 for ; Fri, 11 Apr 1997 19:28:22 -0700 (PDT) Message-Id: <199704120228.TAA09133@freefall.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA030981605; Sat, 12 Apr 1997 12:20:05 +1000 From: Darren Reed Subject: Re: kern/3244: ipfw flush closes connections To: danny@panda.hilink.com.au (Daniel O'Callaghan) Date: Sat, 12 Apr 1997 12:20:05 +1000 (EST) Cc: adam@veda.is, hackers@freebsd.org In-Reply-To: from "Daniel O'Callaghan" at Apr 11, 97 04:02:28 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In some mail from Daniel O'Callaghan, sie said: > > > > On Fri, 11 Apr 1997, Adam David wrote: > > > This is also weird... > > > > 'sh /etc/rc.firewall' invoked from a telnet or rlogin connection will break > > the connection, but if it is invoked from the console instead the network > > login connection stays open. > > Have you read my earlier e-mail? This occurs because if you leave out > the '-q' option 'flush' says "Flushed all rules". But when the tcp > packets come to be sent, and error "Permission denied" is return, so > telnetd/rlogind quite, kernel resets connection and the rest of > rc.firewall is probably not executed. Hmmm, if it returned EHOSTUNREACH, would that be as bad as EPERM ? Darren