Date: Mon, 30 May 2005 16:30:19 +0300 From: Igor Popov <igorpopov@newmail.ru> To: ipfw@freebsd.org Subject: question concerned with dynamic rules Message-ID: <200505301630.21484.igorpopov@newmail.ru>
next in thread | raw e-mail | index | archive | help
Hi all, I have a question concerned with dynamic rules, say I have such rules: ipfw check-state ipfw allow udp from me to any out keep-state if ttl of my packet will be zero on some router in path, it sends me icmp error message ttl exceeded. Does last rule create dynamic rule that permit icmp error message? My experience with traceroute shows that a such rule is not created. But with such rules: ipfw check-state ipfw allow udp from me to any out keep-state ipfw allow icmp from any to me icmptype 3,4,11,12 in traceroute works. -- The truth is what is; what should be is a dirty lie. -- Lenny Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505301630.21484.igorpopov>