IPFW hidden/broken rule? (Free 7.2)
Vladimir Budnev
vladimir.budnev at gmail.com
Wed Sep 14 10:48:58 UTC 2011
>
> 14.09.2011 15:33, Vladimir Budnev пишет:
>
> > So i think there are at least to questions:
> >
> > 1. Have anyone ever met such situation? Or may be something close to
> > this one with 'hidden' ipfw rules?
>
> Have you tried "ipfw -d -e show"?
>
>
Nope we didnt check those tables. But to be honest iI don't think there may
be connection tracking issue because it is allow ip to any rule:
04701 pipe tablearg ip from table(2) to any in via em0
And I'v wrote that we can catch packets with rule, by placing it before rule
04701.Packets are captured by 04701 even with empty(not flushed) table 2.
More information about the freebsd-net
mailing list