From owner-freebsd-ipfw@FreeBSD.ORG  Tue Aug  2 17:46:09 2005
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: freebsd-ipfw@FreeBSD.ORG
Delivered-To: freebsd-ipfw@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B5B5C16A41F
	for <freebsd-ipfw@FreeBSD.ORG>; Tue,  2 Aug 2005 17:46:09 +0000 (GMT)
	(envelope-from olli@lurza.secnetix.de)
Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 202F443D55
	for <freebsd-ipfw@FreeBSD.ORG>; Tue,  2 Aug 2005 17:46:08 +0000 (GMT)
	(envelope-from olli@lurza.secnetix.de)
Received: from lurza.secnetix.de (stojuz@localhost [127.0.0.1])
	by lurza.secnetix.de (8.13.1/8.13.1) with ESMTP id j72Hk6BM006761;
	Tue, 2 Aug 2005 19:46:07 +0200 (CEST)
	(envelope-from oliver.fromme@secnetix.de)
Received: (from olli@localhost)
	by lurza.secnetix.de (8.13.1/8.13.1/Submit) id j72Hk6Wq006760;
	Tue, 2 Aug 2005 19:46:06 +0200 (CEST) (envelope-from olli)
Date: Tue, 2 Aug 2005 19:46:06 +0200 (CEST)
Message-Id: <200508021746.j72Hk6Wq006760@lurza.secnetix.de>
From: Oliver Fromme <olli@lurza.secnetix.de>
To: freebsd-ipfw@FreeBSD.ORG, vladone <vladone@spaingsm.com>
In-Reply-To: <1881102745.20050802194826@spaingsm.com>
X-Newsgroups: list.freebsd-ipfw
User-Agent: tin/1.5.4-20000523 ("1959") (UNIX) (FreeBSD/4.11-RELEASE (i386))
Cc: 
Subject: Re: Another bug in IPFW@ ...?
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: freebsd-ipfw@FreeBSD.ORG, vladone <vladone@spaingsm.com>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Aug 2005 17:46:09 -0000

vladone <vladone@spaingsm.com> wrote:
 > Please, explain more clearly, what u want to do?

What exactly was unclear in my description?

 > P.S. looks very strange "out not recv any xmit"

It's perfectly valid syntax according to ipfw(8).

"out not recv any xmit dc0" consists of three options
(i.e. match patterns):

1. "out" --> match only outgoing packets.

2. "not recv any" --> match packets that haven't been
   received through any interface (i.e. which originate
   from the local host).  It's simply a negation of
   "recv any", see the ipfw(8) manpage.

3. "xmit dc0" --> match packets which are going to be
   transmitted through the dc0 interface.

However, the problem is that the second option is being
ignored, and I would like to know why, and how to work-
around the bug.

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co KG, Marktplatz 29, 85567 Grafing
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

(On the statement print "42 monkeys" + "1 snake":)  By the way,
both perl and Python get this wrong.  Perl gives 43 and Python
gives "42 monkeys1 snake", when the answer is clearly "41 monkeys
and 1 fat snake".        -- Jim Fulton