IPFW and ICMP with timestamp option
Malcolm Clarke
malcolm.clarke at brunel.ac.uk
Tue Nov 6 14:41:44 PST 2007
I have configured a machine with 2 NIC and IPFW in a rather simplistic
way as we are using it to emulate different link characteristics rather
than as an actual firewall.
00100 4 355 pipe 1 ip from any to any via de0
in
00200 1 56 pipe 2 ip from any to any via de0
out
00300 0 0 pipe 3 ip from any to any via de1
in
00400 3 288 pipe 4 ip from any to any via de1
out
65535 4 246 deny ip from any to
any
The configuration works fine and traffic crosses the firewall without
problem, except ICMP packets having timestamp or routing option, and
these are not returned.
Is there a way to allow these packets to enter/exit the firewall?
Regards
Malcolm
--
---------------------------------------------------
Dr Malcolm Clarke
Senior Lecturer in Data Communication Systems and Telemedicine
Department of Information Systems and Computing
Brunel University
Uxbridge
Middlesex
UB8 3PH
UK
Tel: +44 1895 265053
Fax: +44 1895 251686
http://www.brunel.ac.uk/about/acad/siscm/research/themes/is/groups/bright/people
----------------------------------------------------
More information about the freebsd-questions
mailing list