verrevpath failure from within my own box
Sean McNeil
sean at mcneil.com
Fri Nov 11 16:35:31 PST 2005
I was wondering... is there is any valid time when FreeBSD would
generate improper revpaths?
My setup is on a 6-STABLE system with the patch from suz to ip_fw2.c
that fixes a revpath problem. It is setup as
dc0 - external nic with natd and ipfw2
sk0 - internal nic
The rule is
00300 28 2177 deny ip from any to any not verrevpath in via dc0
as you can see, there are some packets that were denied. I can
reproduce this with nautilus by simply browsing network:///.
I've even unplugged the cables from the nics to make sure it wasn't some
bad response to a network query. It is not. They are being generated
within my box.
Sean
More information about the freebsd-current
mailing list