Date: Fri, 4 Oct 2002 13:14:00 +0200 From: <Danny.Carroll@mail.ing.nl> To: <ipfw@freebsd.org> Subject: Question about to/from matching. Message-ID: <C6304883FB11E347AD4958D3F14EC00AB1DB12@ing.com>
next in thread | raw e-mail | index | archive | help
I have not got my copy of "Internetworking with TCP/IP Vol. x" with me (someone borrowed it indefinatly) so forgive this rather basic question. I have a rule, very early in my ruleset that says: deny log ip from any to 10.0.0.0/8 via xl0 but my gateway (and default route) is 10.0.0.100 Now, it's working the way I want it to... In that it sends outside stuff to 10.0.0.100 and I can't telnet directly to the gateway. But I am curious why this rule does not get inforced. What does a TCP packet look like when it's being sent *to* a remote destination, but via a gateway. Does the ip stack translate 10.0.0.100 to an ethernet address and pass it on that way? -D ----------------------------------------------------------------- ATTENTION: The information in this electronic mail message is private and confidential, and only intended for the addressee. Should you receive this message by mistake, you are hereby notified that any disclosure, reproduction, distribution or use of this message is strictly prohibited. Please inform the sender by reply transmission and delete the message without copying or opening it. Messages and attachments are scanned for all viruses known. If this message contains password-protected attachments, the files have NOT been scanned for viruses by the ING mail domain. Always scan attachments before opening them. ----------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C6304883FB11E347AD4958D3F14EC00AB1DB12>