ipfw dosn"t want to run a rule ???? is it possible ?
fbsdlists at gmail.com
Mon Apr 3 17:47:07 UTC 2006
On 4/1/06, michael <micatod at koproject.org> wrote:
> Thanx for ure answer, u're french is prety understandable ;-)
> I'm really sorry, i dont have subscribe to this mailing list, i was
> trying to send mail to questions at freebsd.org-fr and i've made a mistake,
> and the second mail was for another mailling list (what happend this
> evening ???) but if u're able to help me it's welcome.
questions at freebsd.org is a mailing list
> This is my problem (sorry for my bad english):
> I've made a firewall with ipfw on a freebsd 6, i sent the rules (ipfw -a
> -d -t list) and the log
> I really don't understand why the packet don't match with the rule.
Sorry I can't reply in French, but from your original posting:
00020 0 0 skipto 800 udp from any to any dst-port 53 out via rl0 setup
00021 0 0 skipto 800 udp from any to any dst-port 53 out via rl0 setup
00022 0 0 skipto 800 tcp from any to any dst-port 53 out via rl0 setup
00023 0 0 skipto 800 udp from any to any out via rl0 setup keep-state
I don't think there is such a thing as a UDP "setup" packet, so a UDP
"setup" filter will probably never match a packet. It might work as
you expect if you removed "setup" from the UDP packet filters.
More information about the freebsd-questions