Ipfw Impossibility - Perpetual Motion Achieved!
Dave McCammon
davemac11 at yahoo.com
Sun Nov 7 09:30:55 PST 2004
--- "Jason C. Wells" <jcw at highperformance.net> wrote:
> Pray tell how is this report from 'ipfw show' even
> possible?
>
> 17100 3 228 count ip from any to any
> 65535 27 1986 deny ip from any to any
>
> If rule 17100 only counted three packets, then how
> did the very next rule
> count 27? I do not use 'skipto' rules.
>
> We appear to be passing more packets out of rule
> 17100 than are going in.
> If we can harness this energy, we can power the
> universe! :)
>
I believe the 27 count is from boot-up before rule
17100 is loaded.
__________________________________
Do you Yahoo!?
Check out the new Yahoo! Front Page.
www.yahoo.com
More information about the freebsd-questions
mailing list