Date: Thu, 16 Nov 2017 18:19:05 -0600 From: Tim Daneliuk <tundra@tundraware.com> To: javocado <javocado@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: IPFW: Why can I add port numbers to established and what does that do ? Message-ID: <700e9ff8-a808-43a2-490d-907900d32a82@tundraware.com> In-Reply-To: <CAP1HOmR4a59Z0_NT6g8N8u2r5zoa1f1YPEJCZmGysCtHY=hvdA@mail.gmail.com> References: <CAP1HOmQEKgocsejRHOMEfb-Ghzev%2BDuQiZ5OwYcQLktfu0xvDQ@mail.gmail.com> <d80d16dc-c01e-8224-e9a5-df2420390668@tundraware.com> <CAP1HOmR4a59Z0_NT6g8N8u2r5zoa1f1YPEJCZmGysCtHY=hvdA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/16/2017 06:07 PM, javocado wrote: > > > ... which I don't understand. In fact, I think it is a bug, but I am asking to make sure. It doesn't seem like specifying a port in the established rule makes any sense ... I've never much thought about it, but perhaps the intention to to limit enabling traffic to those connections that were originally created via a port 22 rendezvous ... i.e. The rule would only apply to active ssh connections. Like I said, I am not certain of this, so it could well be bogus. -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?700e9ff8-a808-43a2-490d-907900d32a82>