About setup and established Questions and log tracking Program
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Wed Nov 26 06:14:54 PST 2003
"Vahric MUHTARYAN" <vahric at doruk.net.tr> writes:
> # Allow TCP through if setup succeeded
> ${fwcmd} add pass tcp from any to any established
>
> # Allow setup of incoming email
> ${fwcmd} add pass tcp from any to ${ip} 25 setup
>
>
> I checked man page of ipfw ; setup matches packets have SYN bit or not
> ....
> Upper rule is accepting setuped connections that ok ( please correct if
> I wrong )
>
> Question is Why I need to set setup options on secound rule ...
> I mean I must to open 25 ( smtp port ) to all What is the setup option
> role ...
You're right; given the first rule, the "setup" qualifier on the
second is redundant. [I like to leave it in as a reminder to the
human reading the rules, though.]
More information about the freebsd-questions
mailing list