Help with IP Filter 4.1.8
Erik Norgaard
norgaard at locolomo.org
Fri Mar 10 10:45:52 UTC 2006
Roman Serbski wrote:
>> 1) Other udp services, are responces also blocked? you can for example
>> try ntp. If so, then it is likely a bug in ip-filter.
>
> Yes. Same for other udp (I tested with ntp). The symptoms are the same
> - there is a hit on a rule allowing outgoing ntp, but then reply is
> blocked.
It should be possible to capture on the interface in promiscuous mode.
(I recall an article on SecurityFocus considering this as a security
hole as it actually allows you to circumvent the firewall).
Cheers, Erik
More information about the freebsd-questions
mailing list