Date: Tue, 25 Jan 2000 07:59:56 -0500 From: Mike Tancsa <mike@sentex.net> To: Ruslan Ermilov <ru@ucb.crimea.ua> Cc: questions@FreeBSD.org Subject: Re: rule -1 on ipfw Message-ID: <4.2.2.20000125075638.00aa1810@mail.sentex.net> In-Reply-To: <20000125100812.A32413@relay.ucb.crimea.ua> References: <3.0.5.32.20000124131838.01ce4e10@staff.sentex.ca> <3.0.5.32.20000124131838.01ce4e10@staff.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:08 AM 1/25/2000 +0200, Ruslan Ermilov wrote:
>This is documented in the ipfw(8) manpage:
>
>: There is one kind of packet that the firewall will always discard, that
>: is an IP fragment with a fragment offset of one. This is a valid packet,
>: but it only has one use, to try to circumvent firewalls.
Ahh, thanks! I did check the man page, but didn't connect the above to
showing up as -1.
---Mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.20000125075638.00aa1810>