From owner-freebsd-hackers Sat Apr 12 11:18:53 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id LAA14300 for hackers-outgoing; Sat, 12 Apr 1997 11:18:53 -0700 (PDT) Received: from veda.is (veda.is [193.4.230.1]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id LAA14286 for ; Sat, 12 Apr 1997 11:18:48 -0700 (PDT) Received: (from adam@localhost) by veda.is (8.8.5/8.8.4) id SAA27895; Sat, 12 Apr 1997 18:18:29 GMT From: Adam David Message-Id: <199704121818.SAA27895@veda.is> Subject: Re: kern/3244: ipfw flush closes connections In-Reply-To: <199704120228.CAA14395@veda.is> from Darren Reed at "Apr 12, 97 12:20:05 pm" To: avalon@coombs.anu.edu.au (Darren Reed) Date: Sat, 12 Apr 1997 18:18:28 +0000 (GMT) Cc: danny@panda.hilink.com.au, hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL31 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > Have you read my earlier e-mail? This occurs because if you leave out > > the '-q' option 'flush' says "Flushed all rules". But when the tcp > > packets come to be sent, and error "Permission denied" is return, so > > telnetd/rlogind quite, kernel resets connection and the rest of > > rc.firewall is probably not executed. > > Hmmm, if it returned EHOSTUNREACH, would that be as bad as EPERM ? > > Darren > Would seem closer to the truth. What other implications? Adam