IPFW disconnections and resets
Michael Scheidell
scheidell at secnap.net
Sat Apr 30 07:56:30 PDT 2005
> -----Original Message-----
> From: owner-freebsd-security at freebsd.org
> [mailto:owner-freebsd-security at freebsd.org] On Behalf Of
> Siddhartha Jain
> Sent: Friday, April 29, 2005 8:21 AM
> To: freebsd-security at freebsd.org
> Subject: Re: IPFW disconnections and resets
>
> Just out of curiosity, why is that IPFW behaves this way and
> PF and IPF don't?
>
> - Siddhartha
I think if you recompile kernel with:
options IPFIREWALL_DEFAULT_TO_ACCEPT
(default is to deny)
then it will work like pf and ipf.
Think about it, if default is to deny, and you just flushed all the
rules, it did exactlay what you told it to do: deny all connections by
default.
This also may explain the one thag gets dropped 1% of the time.
More information about the freebsd-security
mailing list