From owner-freebsd-ipfw  Mon Feb 21  6:40:29 2000
Delivered-To: freebsd-ipfw@freebsd.org
Received: from info.iet.unipi.it (info.iet.unipi.it [131.114.9.184])
	by hub.freebsd.org (Postfix) with ESMTP id 16B9937BDE8
	for <freebsd-ipfw@FreeBSD.ORG>; Mon, 21 Feb 2000 06:40:24 -0800 (PST)
	(envelope-from luigi@info.iet.unipi.it)
Received: (from luigi@localhost)
	by info.iet.unipi.it (8.9.3/8.9.3) id PAA93283;
	Mon, 21 Feb 2000 15:39:56 +0100 (CET)
	(envelope-from luigi)
From: Luigi Rizzo <luigi@info.iet.unipi.it>
Message-Id: <200002211439.PAA93283@info.iet.unipi.it>
Subject: Re: keep-state option in CURRENT.
In-Reply-To: <Pine.BSF.4.21.0002211532470.31151-100000@distortion.dk> from "Nicolai
 Petri (ML)" at "Feb 21, 2000 03:44:34 pm"
To: "Nicolai Petri (ML)" <nppmf@swamp.dk>
Date: Mon, 21 Feb 2000 15:39:55 +0100 (CET)
Cc: freebsd-ipfw@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL61 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> > You should write the following rules
...
> Perfekt. I do not know why i missed the check-state rule.. Would it be an
> idea to check if there is a check-state entry ? I think it could bite a
> lot of people because the firewall simply fills up the ruletable and never
> clears it. (It looks really nasty on the console btw.)

not sure what you mean -- state is checked at the first keep-state
rule anyways (did i mention this in the manpage ? I hope so...)
so the ruletable should clear out.

I hope you have the latest version of the code, i did a couple of small
commits after the first one...

> What about the invalid state messages i recieve .. Is it something I
> should trace or is it simply not handle 100% yet? 

invalid state msgs should be those for udp perhaps... maybe i should
make the thing a bit less verbose.

	cheers
	luigi

-----------------------------------+-------------------------------------
  Luigi RIZZO, luigi@iet.unipi.it  . Dip. di Ing. dell'Informazione
  http://www.iet.unipi.it/~luigi/  . Universita` di Pisa
  TEL/FAX: +39-050-568.533/522     . via Diotisalvi 2, 56126 PISA (Italy)
  Mobile   +39-347-0373137
-----------------------------------+-------------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message