IPFW - Why Doesn't This Rule Match? -- SOLVED
drew at mykitchentable.net
Wed Mar 26 16:40:14 PST 2003
----- Original Message -----
From: "Dan Pelleg" <daniel+bsd at pelleg.org>
To: "Drew Tomlinson" <drew at mykitchentable.net>
Cc: "FreeBSD Questions" <freebsd-questions at freebsd.org>
Sent: Tuesday, March 25, 2003 12:27 PM
Subject: Re: IPFW - Why Doesn't This Rule Match?
> "Drew Tomlinson" <drew at mykitchentable.net> writes:
> > I am using the following rules to match traffic on my home network with
> > FBSD 4.8 firewall. The first rule matches but the second doesn't.
> > the rules:
> > # Match this specific traffic
> > 00700 288 329708 count ip from 192.168.1.3 8080 to any
> > # Match everything else
> > 00800 0 0 count ip from not 192.168.1.3 8080 to any
> > Can anyone tell me what I am missing?
> > Thanks,
> > Drew
> Probably because the "not" applies just to the address, and not to the
Thanks, that was it. By changing the rule to 'not 192.168.1.3 not 8080',
the rule started matching packets as I expected.
I appreciate the help!
More information about the freebsd-questions