Date: Tue, 9 Jan 2001 12:58:07 -0800 From: "Peter Brezny" <peter@sysadmin-inc.com> To: <freebsd-security@freebsd.org> Subject: RE: What do these mean? Message-ID: <002301c07a7e$de096700$46010a0a@sysadmininc.com> In-Reply-To: <xzpd7dxghl9.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
If ipfw is so poorly written, is anyone working on cleaning it up, or are people just switching to ipforward? Peter Brezny SysAdmin Services Inc. -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Dag-Erling Smorgrav Sent: Tuesday, January 09, 2001 2:12 AM To: cjclark@alum.mit.edu Cc: Marc Silver; freebsd-security@FreeBSD.ORG Subject: Re: What do these mean? "Crist J. Clark" <cjclark@reflexnet.net> writes: > Pretty much the best reason I can give is because that is just how it > works. Perhaps it is best to look at it this way, what would > "removing" them from the list gain you besides prettier output? There's a hard limit on the number of dynamic rules. This isn't the only bogosity related to dynamic rules in ipfw; for instance, 'ipfw list' always lists *all* dynamic rules even if you specify a rule number on the command line (it should only display dynamic rules which were created by the rules listed on the command line). Unfortunately, ipfw(8) is so poorly written that it's not at all trivial to fix. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002301c07a7e$de096700$46010a0a>