continued IPFW issues... (actually a lack of ability on my part)
Eric F Crist
ecrist at adtechintegrated.com
Sat Feb 14 18:32:46 PST 2004
On Saturday 14 February 2004 08:14 pm, Eric F Crist wrote:
> Well, from what I understand, isn't udp a state-less protocol? How would
> established/keepstate/check-state work with that?
Ok, so I read that check-state/keep-state should be able to work with udp.
According to the man page, I should add:
ipfw add check-state
ipfw add allow udp from my-subnet to any keep-state
ipfw add deny udp from any to any
my-subnet was changed to my /29 network address (i.e. 1.2.3.4/29). Still, the
rule following all of these is ipfw add allow udp from any to any and it's
getting all the packets. I'm still reading, but the check-state isn't making
sense to me.
TIA
--
Eric F Crist
AdTech Integrated Systems, Inc
(612) 998-3588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040214/916d738a/attachment.bin
More information about the freebsd-questions
mailing list